Microsoft.DocumentDB databaseAccounts/sqlRoleAssignments 2021-05-15
The databaseAccounts/sqlRoleAssignments resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
To create a Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments@2021-05-15' = {
parent: resourceSymbolicName
name: 'string'
properties: {
principalId: 'string'
roleDefinitionId: 'string'
scope: 'string'
}
}
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: databaseAccounts |
| properties | Properties to create and update an Azure Cosmos DB SQL Role Assignment. | SqlRoleAssignmentResource |
| Name | Description | Value |
|---|---|---|
| principalId | The unique identifier for the associated AAD principal in the AAD graph to which access is being granted through this Role Assignment. Tenant ID for the principal is inferred using the tenant associated with the subscription. | string |
| roleDefinitionId | The unique identifier for the associated Role Definition. | string |
| scope | The data plane resource path for which access is being granted through this Role Assignment. | string |
The following Azure Quickstart templates contain Bicep samples for deploying this resource type.
| Bicep File | Description |
|---|---|
| Create an Azure Cosmos DB SQL Account with data plane RBAC | This template will create a SQL Cosmos account, a natively maintained Role Definition, and a natively maintained Role Assignment for an AAD identity. |
| Deploy Azure Data Explorer DB with Cosmos DB connection | Deploy Azure Data Explorer DB with Cosmos DB connection. |
The databaseAccounts/sqlRoleAssignments resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
To create a Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments resource, add the following JSON to your template.
{
"type": "Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments",
"apiVersion": "2021-05-15",
"name": "string",
"properties": {
"principalId": "string",
"roleDefinitionId": "string",
"scope": "string"
}
}
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2021-05-15' |
| name | The resource name | string (required) |
| properties | Properties to create and update an Azure Cosmos DB SQL Role Assignment. | SqlRoleAssignmentResource |
| type | The resource type | 'Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments' |
| Name | Description | Value |
|---|---|---|
| principalId | The unique identifier for the associated AAD principal in the AAD graph to which access is being granted through this Role Assignment. Tenant ID for the principal is inferred using the tenant associated with the subscription. | string |
| roleDefinitionId | The unique identifier for the associated Role Definition. | string |
| scope | The data plane resource path for which access is being granted through this Role Assignment. | string |
The following Azure Quickstart templates deploy this resource type.
| Template | Description |
|---|---|
Create an Azure Cosmos DB SQL Account with data plane RBAC |
This template will create a SQL Cosmos account, a natively maintained Role Definition, and a natively maintained Role Assignment for an AAD identity. |
| Deploy Azure Data Explorer DB with Cosmos DB connection |
Deploy Azure Data Explorer DB with Cosmos DB connection. |
The databaseAccounts/sqlRoleAssignments resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
To create a Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments@2021-05-15"
name = "string"
body = jsonencode({
properties = {
principalId = "string"
roleDefinitionId = "string"
scope = "string"
}
})
}
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: databaseAccounts |
| properties | Properties to create and update an Azure Cosmos DB SQL Role Assignment. | SqlRoleAssignmentResource |
| type | The resource type | "Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments@2021-05-15" |
| Name | Description | Value |
|---|---|---|
| principalId | The unique identifier for the associated AAD principal in the AAD graph to which access is being granted through this Role Assignment. Tenant ID for the principal is inferred using the tenant associated with the subscription. | string |
| roleDefinitionId | The unique identifier for the associated Role Definition. | string |
| scope | The data plane resource path for which access is being granted through this Role Assignment. | string |