Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Bicep resource definition
The databaseAccounts/gremlinRoleDefinitions resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.DocumentDB/databaseAccounts/gremlinRoleDefinitions resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.DocumentDB/databaseAccounts/gremlinRoleDefinitions@2025-05-01-preview' = {
parent: resourceSymbolicName
name: 'string'
properties: {
assignableScopes: [
'string'
]
id: 'string'
permissions: [
{
dataActions: [
'string'
]
id: 'string'
notDataActions: [
'string'
]
}
]
roleName: 'string'
type: 'string'
}
}
Property Values
Microsoft.DocumentDB/databaseAccounts/gremlinRoleDefinitions
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: databaseAccounts |
| properties | Properties to create and update an Azure Cosmos DB Gremlin Role Definition. | GremlinRoleDefinitionResourceProperties |
GremlinRoleDefinitionResourceProperties
| Name | Description | Value |
|---|---|---|
| assignableScopes | A set of fully qualified Scopes at or below which Gremlin Role Assignments may be created using this Role Definition. This will allow application of this Role Definition on the entire database account or any underlying Database / Collection. Must have at least one element. Scopes higher than Database account are not enforceable as assignable Scopes. Note that resources referenced in assignable Scopes need not exist. | string[] |
| id | The path id for the Role Definition. | string |
| permissions | The set of operations allowed through this Role Definition. | PermissionAutoGenerated4[] |
| roleName | A user-friendly name for the Role Definition. Must be unique for the database account. | string |
| type | Indicates whether the Role Definition was built-in or user created. | 'BuiltInRole' 'CustomRole' |
PermissionAutoGenerated4
| Name | Description | Value |
|---|---|---|
| dataActions | An array of data actions that are allowed. | string[] |
| id | The id for the permission. | string |
| notDataActions | An array of data actions that are denied. | string[] |
ARM template resource definition
The databaseAccounts/gremlinRoleDefinitions resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.DocumentDB/databaseAccounts/gremlinRoleDefinitions resource, add the following JSON to your template.
{
"type": "Microsoft.DocumentDB/databaseAccounts/gremlinRoleDefinitions",
"apiVersion": "2025-05-01-preview",
"name": "string",
"properties": {
"assignableScopes": [ "string" ],
"id": "string",
"permissions": [
{
"dataActions": [ "string" ],
"id": "string",
"notDataActions": [ "string" ]
}
],
"roleName": "string",
"type": "string"
}
}
Property Values
Microsoft.DocumentDB/databaseAccounts/gremlinRoleDefinitions
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2025-05-01-preview' |
| name | The resource name | string (required) |
| properties | Properties to create and update an Azure Cosmos DB Gremlin Role Definition. | GremlinRoleDefinitionResourceProperties |
| type | The resource type | 'Microsoft.DocumentDB/databaseAccounts/gremlinRoleDefinitions' |
GremlinRoleDefinitionResourceProperties
| Name | Description | Value |
|---|---|---|
| assignableScopes | A set of fully qualified Scopes at or below which Gremlin Role Assignments may be created using this Role Definition. This will allow application of this Role Definition on the entire database account or any underlying Database / Collection. Must have at least one element. Scopes higher than Database account are not enforceable as assignable Scopes. Note that resources referenced in assignable Scopes need not exist. | string[] |
| id | The path id for the Role Definition. | string |
| permissions | The set of operations allowed through this Role Definition. | PermissionAutoGenerated4[] |
| roleName | A user-friendly name for the Role Definition. Must be unique for the database account. | string |
| type | Indicates whether the Role Definition was built-in or user created. | 'BuiltInRole' 'CustomRole' |
PermissionAutoGenerated4
| Name | Description | Value |
|---|---|---|
| dataActions | An array of data actions that are allowed. | string[] |
| id | The id for the permission. | string |
| notDataActions | An array of data actions that are denied. | string[] |
Usage Examples
Terraform (AzAPI provider) resource definition
The databaseAccounts/gremlinRoleDefinitions resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.DocumentDB/databaseAccounts/gremlinRoleDefinitions resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.DocumentDB/databaseAccounts/gremlinRoleDefinitions@2025-05-01-preview"
name = "string"
parent_id = "string"
body = {
properties = {
assignableScopes = [
"string"
]
id = "string"
permissions = [
{
dataActions = [
"string"
]
id = "string"
notDataActions = [
"string"
]
}
]
roleName = "string"
type = "string"
}
}
}
Property Values
Microsoft.DocumentDB/databaseAccounts/gremlinRoleDefinitions
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: databaseAccounts |
| properties | Properties to create and update an Azure Cosmos DB Gremlin Role Definition. | GremlinRoleDefinitionResourceProperties |
| type | The resource type | "Microsoft.DocumentDB/databaseAccounts/gremlinRoleDefinitions@2025-05-01-preview" |
GremlinRoleDefinitionResourceProperties
| Name | Description | Value |
|---|---|---|
| assignableScopes | A set of fully qualified Scopes at or below which Gremlin Role Assignments may be created using this Role Definition. This will allow application of this Role Definition on the entire database account or any underlying Database / Collection. Must have at least one element. Scopes higher than Database account are not enforceable as assignable Scopes. Note that resources referenced in assignable Scopes need not exist. | string[] |
| id | The path id for the Role Definition. | string |
| permissions | The set of operations allowed through this Role Definition. | PermissionAutoGenerated4[] |
| roleName | A user-friendly name for the Role Definition. Must be unique for the database account. | string |
| type | Indicates whether the Role Definition was built-in or user created. | 'BuiltInRole' 'CustomRole' |
PermissionAutoGenerated4
| Name | Description | Value |
|---|---|---|
| dataActions | An array of data actions that are allowed. | string[] |
| id | The id for the permission. | string |
| notDataActions | An array of data actions that are denied. | string[] |