Gets a role definition by ID.
GET https://management.azure.com/{roleId}?disambiguation_dummy&api-version=2022-04-01
URI Parameters
| Name |
In |
Required |
Type |
Description |
|
roleId
|
path |
True
|
string
|
The fully qualified role definition ID. Use the format, /subscriptions/{guid}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId} for subscription level role definitions, or /providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId} for tenant level role definitions.
|
|
api-version
|
query |
True
|
string
|
The API version to use for this operation.
|
Responses
| Name |
Type |
Description |
|
200 OK
|
RoleDefinition
|
OK - Returns information about the role definition.
|
|
Other Status Codes
|
ErrorResponse
|
Error response describing why the operation failed.
|
Security
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name |
Description |
|
user_impersonation
|
impersonate your user account
|
Examples
Get role definition by ID
Sample request
GET https://management.azure.com/roleDefinitionId?disambiguation_dummy&api-version=2022-04-01
/**
* Samples for RoleDefinitions GetById.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/
* GetRoleDefinitionById.json
*/
/**
* Sample code: Get role definition by ID.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void getRoleDefinitionByID(com.azure.resourcemanager.AzureResourceManager azure) {
azure.accessManagement().roleAssignments().manager().roleServiceClient().getRoleDefinitions()
.getByIdWithResponse("roleDefinitionId", com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.authorization import AuthorizationManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-authorization
# USAGE
python get_role_definition_by_id.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = AuthorizationManagementClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.role_definitions.get_by_id(
role_id="roleDefinitionId",
)
print(response)
# x-ms-original-file: specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionById.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armauthorization_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/53b1affe357b3bfbb53721d0a2002382a046d3b0/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionById.json
func ExampleRoleDefinitionsClient_GetByID() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armauthorization.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewRoleDefinitionsClient().GetByID(ctx, "roleDefinitionId", nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.RoleDefinition = armauthorization.RoleDefinition{
// Name: to.Ptr("roleDefinitionId"),
// Type: to.Ptr("Microsoft.Authorization/roleDefinitions"),
// ID: to.Ptr("/subscriptions/subID/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId"),
// Properties: &armauthorization.RoleDefinitionProperties{
// RoleType: to.Ptr("roletype"),
// Description: to.Ptr("Role description"),
// AssignableScopes: []*string{
// to.Ptr("/subscriptions/subId")},
// Permissions: []*armauthorization.Permission{
// {
// Actions: []*string{
// to.Ptr("action")},
// DataActions: []*string{
// to.Ptr("dataAction")},
// NotActions: []*string{
// },
// NotDataActions: []*string{
// },
// }},
// RoleName: to.Ptr("Role name"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { AuthorizationManagementClient } = require("@azure/arm-authorization");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Gets a role definition by ID.
*
* @summary Gets a role definition by ID.
* x-ms-original-file: specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionById.json
*/
async function getRoleDefinitionById() {
const subscriptionId =
process.env["AUTHORIZATION_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const roleId = "roleDefinitionId";
const credential = new DefaultAzureCredential();
const client = new AuthorizationManagementClient(credential, subscriptionId);
const result = await client.roleDefinitions.getById(roleId);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample response
{
"properties": {
"roleName": "Role name",
"type": "roletype",
"description": "Role description",
"assignableScopes": [
"/subscriptions/subId"
],
"permissions": [
{
"actions": [
"action"
],
"notActions": [],
"dataActions": [
"dataAction"
],
"notDataActions": []
}
]
},
"id": "/subscriptions/subID/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "roleDefinitionId"
}
Definitions
ErrorAdditionalInfo
The resource management error additional info.
| Name |
Type |
Description |
|
info
|
object
|
The additional info.
|
|
type
|
string
|
The additional info type.
|
ErrorDetail
The error detail.
| Name |
Type |
Description |
|
additionalInfo
|
ErrorAdditionalInfo[]
|
The error additional info.
|
|
code
|
string
|
The error code.
|
|
details
|
ErrorDetail[]
|
The error details.
|
|
message
|
string
|
The error message.
|
|
target
|
string
|
The error target.
|
ErrorResponse
Error response
| Name |
Type |
Description |
|
error
|
ErrorDetail
|
The error object.
|
Permission
Role definition permissions.
| Name |
Type |
Description |
|
actions
|
string[]
|
Allowed actions.
|
|
dataActions
|
string[]
|
Allowed Data actions.
|
|
notActions
|
string[]
|
Denied actions.
|
|
notDataActions
|
string[]
|
Denied Data actions.
|
RoleDefinition
Role definition.
| Name |
Type |
Description |
|
id
|
string
|
The role definition ID.
|
|
name
|
string
|
The role definition name.
|
|
properties.assignableScopes
|
string[]
|
Role definition assignable scopes.
|
|
properties.createdBy
|
string
|
Id of the user who created the assignment
|
|
properties.createdOn
|
string
|
Time it was created
|
|
properties.description
|
string
|
The role definition description.
|
|
properties.permissions
|
Permission[]
|
Role definition permissions.
|
|
properties.roleName
|
string
|
The role name.
|
|
properties.type
|
string
|
The role type.
|
|
properties.updatedBy
|
string
|
Id of the user who updated the assignment
|
|
properties.updatedOn
|
string
|
Time it was updated
|
|
type
|
string
|
The role definition type.
|