Share via

Sql Resources - Create Update Sql Role Assignment

Service:
Cosmos DB Resource Provider
API Version:
2025-11-01-preview

Creates or updates an Azure Cosmos DB SQL Role Assignment.

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DocumentDB/databaseAccounts/{accountName}/sqlRoleAssignments/{roleAssignmentId}?api-version=2025-11-01-preview

URI Parameters

Name In Required Type Description
accountName
 path True

string

minLength: 3
maxLength: 50
pattern: ^[a-z0-9]+(-[a-z0-9]+)*

Cosmos DB database account name.
resourceGroupName
 path True

string

minLength: 1
maxLength: 90

The name of the resource group. The name is case insensitive.
roleAssignmentId
 path True

string

The GUID for the Role Assignment.
subscriptionId
 path True

string

minLength: 1

The ID of the target subscription.
api-version
 query True

string

minLength: 1

The API version to use for this operation.

Request Body

Name Type Description
createUpdateSqlRoleAssignmentParameters

SqlRoleAssignmentCreateUpdateParameters

The properties required to create or update a Role Assignment.

Responses

Name Type Description
200 OK

SqlRoleAssignmentGetResults

The Role Assignment create or update operation was completed successfully.
202 Accepted

The Role Assignment create or update request was accepted and will complete asynchronously.
Other Status Codes

CloudError

Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation Impersonate your user account

Examples

CosmosDBSqlRoleAssignmentCreateUpdate

Sample request

PUT https://management.azure.com/subscriptions/mySubscriptionId/resourceGroups/myResourceGroupName/providers/Microsoft.DocumentDB/databaseAccounts/myAccountName/sqlRoleAssignments/myRoleAssignmentId?api-version=2025-11-01-preview

{
  "properties": {
    "roleDefinitionId": "/subscriptions/mySubscriptionId/resourceGroups/myResourceGroupName/providers/Microsoft.DocumentDB/databaseAccounts/myAccountName/sqlRoleDefinitions/myRoleDefinitionId",
    "scope": "/subscriptions/mySubscriptionId/resourceGroups/myResourceGroupName/providers/Microsoft.DocumentDB/databaseAccounts/myAccountName/dbs/purchases/colls/redmond-purchases",
    "principalId": "myPrincipalId"
  }
}

Sample response

Status code:
200 
{
  "id": "/subscriptions/mySubscriptionId/resourceGroups/myResourceGroupName/providers/Microsoft.DocumentDB/databaseAccounts/myAccountName/sqlRoleAssignments/myRoleAssignmentId",
  "name": "myRoleAssignmentId",
  "type": "Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments",
  "properties": {
    "roleDefinitionId": "/subscriptions/mySubscriptionId/resourceGroups/myResourceGroupName/providers/Microsoft.DocumentDB/databaseAccounts/myAccountName/sqlRoleDefinitions/myRoleDefinitionId",
    "scope": "/subscriptions/mySubscriptionId/resourceGroups/myResourceGroupName/providers/Microsoft.DocumentDB/databaseAccounts/myAccountName/dbs/purchases/colls/redmond-purchases",
    "principalId": "myPrincipalId"
  }
}
Status code:
202 
azure-AsyncOperation: https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.DocumentDB/locations/{location}/operationsStatus/{operationId}?api-version=2025-11-01-preview
location: https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.DocumentDB/locations/{location}/operationsStatus/{operationId}?api-version=2025-11-01-preview

Definitions

Name Description
CloudError

An error response from the service.
ErrorResponse

Error Response.
SqlRoleAssignmentCreateUpdateParameters

The properties required to create or update a Role Assignment.
SqlRoleAssignmentGetResults

An Azure Cosmos DB Role Assignment

CloudError

Object

An error response from the service.

Name Type Description
error

ErrorResponse

Error Response.

ErrorResponse

Object

Error Response.

Name Type Description
code

string

Error code.
message

string

Error message indicating why the operation failed.

SqlRoleAssignmentCreateUpdateParameters

Object

The properties required to create or update a Role Assignment.

Name Type Description
properties.principalId

string

The unique identifier for the associated AAD principal in the AAD graph to which access is being granted through this Role Assignment. Tenant ID for the principal is inferred using the tenant associated with the subscription.
properties.roleDefinitionId

string

The unique identifier for the associated Role Definition.
properties.scope

string

The data plane resource path for which access is being granted through this Role Assignment.

SqlRoleAssignmentGetResults

Object

An Azure Cosmos DB Role Assignment

Name Type Description
id

string

The unique resource identifier of the database account.
name

string

The name of the database account.
properties.principalId

string

The unique identifier for the associated AAD principal in the AAD graph to which access is being granted through this Role Assignment. Tenant ID for the principal is inferred using the tenant associated with the subscription.
properties.roleDefinitionId

string

The unique identifier for the associated Role Definition.
properties.scope

string

The data plane resource path for which access is being granted through this Role Assignment.
type

string

The type of Azure resource.