role_definitions
Creates, updates, deletes, gets or lists a role_definitions resource.
Overview
| Name | role_definitions |
| Type | Resource |
| Id | azure.authorization.role_definitions |
Fields
The following fields are returned by SELECT queries:
- get
- list
OK - Returns information about the role definition.
| Name | Datatype | Description |
|---|---|---|
id | string | The role definition ID. |
name | string | The role definition name. |
properties | object | Role definition properties. |
type | string | The role definition type. |
OK - Returns an array of role definitions.
| Name | Datatype | Description |
|---|---|---|
id | string | The role definition ID. |
name | string | The role definition name. |
properties | object | Role definition properties. |
type | string | The role definition type. |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | scope, roleDefinitionId | Get role definition by ID (GUID). | |
list | select | scope | $filter | Get all role definitions that are applicable at scope and above. |
create_or_update | insert | scope, roleDefinitionId | Creates or updates a role definition. | |
delete | delete | scope, roleDefinitionId | Deletes a role definition. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
roleDefinitionId | string | The ID of the role definition to delete. |
scope | string | The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' |
$filter | string | The filter to apply on the operation. Use atScopeAndBelow filter to search below the given scope as well. |
SELECT examples
- get
- list
Get role definition by ID (GUID).
SELECT
id,
name,
properties,
type
FROM azure.authorization.role_definitions
WHERE scope = '{{ scope }}' -- required
AND roleDefinitionId = '{{ roleDefinitionId }}' -- required
;
Get all role definitions that are applicable at scope and above.
SELECT
id,
name,
properties,
type
FROM azure.authorization.role_definitions
WHERE scope = '{{ scope }}' -- required
AND $filter = '{{ $filter }}'
;
INSERT examples
- create_or_update
- Manifest
Creates or updates a role definition.
INSERT INTO azure.authorization.role_definitions (
data__properties,
scope,
roleDefinitionId
)
SELECT
'{{ properties }}',
'{{ scope }}',
'{{ roleDefinitionId }}'
RETURNING
id,
name,
properties,
type
;
# Description fields are for documentation purposes
- name: role_definitions
props:
- name: scope
value: string
description: Required parameter for the role_definitions resource.
- name: roleDefinitionId
value: string
description: Required parameter for the role_definitions resource.
- name: properties
value: object
description: |
Role definition properties.
DELETE examples
- delete
Deletes a role definition.
DELETE FROM azure.authorization.role_definitions
WHERE scope = '{{ scope }}' --required
AND roleDefinitionId = '{{ roleDefinitionId }}' --required
;