Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $az = Connect-AzAccount
- # Save the subscription/tentant ID for later
- $subscriptionID = $az.Context.Subscription.Id
- $tenantID = $az.Context.Subscription.TenantId
- $roleDef = Get-AzRoleDefinition -Name "DNS Zone Contributor"
- $roleDef.Id = $null
- $roleDef.Name = "DNS TXT Contributor"
- $roleDef.Description = "Manage DNS TXT records only."
- $roleDef.Actions.RemoveRange(0,$roleDef.Actions.Count)
- $roleDef.Actions.Add("Microsoft.Network/dnsZones/TXT/*")
- $roleDef.Actions.Add("Microsoft.Network/dnsZones/read")
- $roleDef.Actions.Add("Microsoft.Authorization/*/read")
- $roleDef.Actions.Add("Microsoft.Insights/alertRules/*")
- $roleDef.Actions.Add("Microsoft.ResourceHealth/availabilityStatuses/read")
- $roleDef.Actions.Add("Microsoft.Resources/deployments/read")
- $roleDef.Actions.Add("Microsoft.Resources/subscriptions/resourceGroups/read")
- $roleDef.AssignableScopes.Clear()
- $roleDef.AssignableScopes.Add("/subscriptions/$($az.Context.Subscription.Id)")
- $role = New-AzRoleDefinition $roleDef
- $role
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement