How to specify the task's user identity "Pool default user (Admin)" in the azure batch account?

Question

I'm trying to create several batch tasks from the Powershell script and looking for how specifying User Identity. Dotnet core APIs support this specifying, but nothing for Azure-CLI.

When I run a script below I get an error from my PowerShell script, which says that there are not enough permissions to perform this action:

az batch account login -g $resourceGroup -n $batchAccountName 
az batch task create --job-id $BatchJobId `
    --task-id "DeployIdHere" `
    --command-line $cmdCommand `
    --account-name $batchAccountName `
    --debug `
    --verbose `
    --output table

I assumed to find something like --elevation-level Admin but seems I don't get how it should look likes in common.

Answer 1

You could use --json-file flag to create a task with specifying User Identity in the command az batch task create --job-id myjobtest --json-file .\task.json.

For format, see https://github.com/Azure/azure-docs-cli-python-samples/blob/master/batch/run-job/tasks.json

You also could add multiple tasks with the admin. A task JSON file will be something like this:

{
    "id": "mytasktest123",
    "commandLine": "/bin/bash -c \"sudo ls\"",
    "waitForSuccess": true,
    "userIdentity": {
        "autoUser": {
          "elevationLevel": "admin",
          "scope": "pool"
        },
        "userName": null
      }
    }

Result

Let me know if you need further help.