permissions
Creates, updates, deletes, gets or lists a permissions resource.
Overview
| Name | permissions |
| Type | Resource |
| Id | azure.authorization.permissions |
Fields
The following fields are returned by SELECT queries:
- list_for_resource
- list_for_resource_group
OK - Returns an array of permissions.
| Name | Datatype | Description |
|---|---|---|
actions | array | Allowed actions. |
dataActions | array | Allowed Data actions. |
notActions | array | Denied actions. |
notDataActions | array | Denied Data actions. |
OK - Returns an array of permissions.
| Name | Datatype | Description |
|---|---|---|
actions | array | Allowed actions. |
dataActions | array | Allowed Data actions. |
notActions | array | Denied actions. |
notDataActions | array | Denied Data actions. |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
list_for_resource | select | resourceGroupName, resourceProviderNamespace, parentResourcePath, resourceType, resourceName, subscriptionId | Gets all permissions the caller has for a resource. | |
list_for_resource_group | select | resourceGroupName, subscriptionId | Gets all permissions the caller has for a resource group. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
parentResourcePath | string | The parent resource identity. |
resourceGroupName | string | The name of the resource group. The name is case insensitive. |
resourceName | string | The name of the resource to get the permissions for. |
resourceProviderNamespace | string | The namespace of the resource provider. |
resourceType | string | The resource type of the resource. |
subscriptionId | string | The ID of the target subscription. |
SELECT examples
- list_for_resource
- list_for_resource_group
Gets all permissions the caller has for a resource.
SELECT
actions,
dataActions,
notActions,
notDataActions
FROM azure.authorization.permissions
WHERE resourceGroupName = '{{ resourceGroupName }}' -- required
AND resourceProviderNamespace = '{{ resourceProviderNamespace }}' -- required
AND parentResourcePath = '{{ parentResourcePath }}' -- required
AND resourceType = '{{ resourceType }}' -- required
AND resourceName = '{{ resourceName }}' -- required
AND subscriptionId = '{{ subscriptionId }}' -- required
;
Gets all permissions the caller has for a resource group.
SELECT
actions,
dataActions,
notActions,
notDataActions
FROM azure.authorization.permissions
WHERE resourceGroupName = '{{ resourceGroupName }}' -- required
AND subscriptionId = '{{ subscriptionId }}' -- required
;