Class RoleDefinition

Manages a custom Role Definition, used to assign Roles to Users/Principals. See 'Understand role definitions' in the Azure documentation for more details.

Example Usage

using Pulumi;
using Azure = Pulumi.Azure;

class MyStack : Stack
{
public MyStack()
{
    var primary = Output.Create(Azure.Core.GetSubscription.InvokeAsync());
    var example = new Azure.Authorization.RoleDefinition(&quot;example&quot;, new Azure.Authorization.RoleDefinitionArgs
    {
        Scope = primary.Apply(primary => primary.Id),
        Description = &quot;This is a custom role created&quot;,
        Permissions = 
        {
            new Azure.Authorization.Inputs.RoleDefinitionPermissionArgs
            {
                Actions = 
                {
                    &quot;*&quot;,
                },
                NotActions = {},
            },
        },
        AssignableScopes = 
        {
            primary.Apply(primary => primary.Id),
        },
    });
}

}

Inheritance

System.Object

Resource

CustomResource

RoleDefinition

Inherited Members

CustomResource.Id

Resource.GetResourceType()

Resource.GetResourceName()

Resource.Urn

System.Object.Equals(System.Object)

System.Object.Equals(System.Object, System.Object)

System.Object.GetHashCode()

System.Object.GetType()

System.Object.MemberwiseClone()

System.Object.ReferenceEquals(System.Object, System.Object)

System.Object.ToString()

Namespace: Pulumi.Azure.Authorization

Assembly: Pulumi.Azure.dll

Syntax

public class RoleDefinition : CustomResource

Constructors

View Source

RoleDefinition(String, RoleDefinitionArgs, CustomResourceOptions)

Create a RoleDefinition resource with the given unique name, arguments, and options.

Declaration

public RoleDefinition(string name, RoleDefinitionArgs args, CustomResourceOptions options = null)

Parameters

Type	Name	Description
System.String	name	The unique name of the resource
RoleDefinitionArgs	args	The arguments used to populate this resource's properties
CustomResourceOptions	options	A bag of options that control this resource's behavior

Properties

View Source

AssignableScopes

One or more assignable scopes for this Role Definition, such as /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333, /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup, or /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM.

Declaration

public Output<ImmutableArray<string>> AssignableScopes { get; }

Property Value

Type	Description
Output<System.Collections.Immutable.ImmutableArray<System.String>>

View Source

Description

A description of the Role Definition.

Declaration

public Output<string> Description { get; }

Property Value

Type	Description
Output<System.String>

View Source

Name

The name of the Role Definition. Changing this forces a new resource to be created.

Declaration

public Output<string> Name { get; }

Property Value

Type	Description
Output<System.String>

View Source

Permissions

A permissions block as defined below.

Declaration

public Output<ImmutableArray<RoleDefinitionPermission>> Permissions { get; }

Property Value

Type	Description
Output<System.Collections.Immutable.ImmutableArray<RoleDefinitionPermission>>

View Source

RoleDefinitionId

A unique UUID/GUID which identifies this role - one will be generated if not specified. Changing this forces a new resource to be created.

Declaration

public Output<string> RoleDefinitionId { get; }

Property Value

Type	Description
Output<System.String>

View Source

Scope

The scope at which the Role Definition applies too, such as /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333, /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup, or /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM. It is recommended to use the first entry of the assignable_scopes. Changing this forces a new resource to be created.

Declaration

public Output<string> Scope { get; }

Property Value

Type	Description
Output<System.String>

Methods

View Source

Get(String, Input<String>, RoleDefinitionState, CustomResourceOptions)

Get an existing RoleDefinition resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

Declaration

public static RoleDefinition Get(string name, Input<string> id, RoleDefinitionState state = null, CustomResourceOptions options = null)

Parameters

Type	Name	Description
System.String	name	The unique name of the resulting resource.
Input<System.String>	id	The unique provider ID of the resource to lookup.
RoleDefinitionState	state	Any extra arguments used during the lookup.
CustomResourceOptions	options	A bag of options that control this resource's behavior

Returns

Type	Description
RoleDefinition