ロール定義を作成または更新します。
PUT https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId}?api-version=2022-04-01
URI パラメーター
| 名前 |
/ |
必須 |
型 |
説明 |
|
roleDefinitionId
|
path |
True
|
string
|
ロール定義の ID。
|
|
scope
|
path |
True
|
string
|
ロール定義のスコープ。
|
|
api-version
|
query |
True
|
string
|
この操作に使用する API バージョン。
|
要求本文
| 名前 |
型 |
説明 |
|
properties.assignableScopes
|
string[]
|
ロール定義の割り当て可能なスコープ。
|
|
properties.description
|
string
|
ロール定義の説明。
|
|
properties.permissions
|
Permission[]
|
ロール定義のアクセス許可。
|
|
properties.roleName
|
string
|
ロール名。
|
|
properties.type
|
string
|
ロールの種類。
|
応答
セキュリティ
azure_auth
Azure Active Directory OAuth2 フロー
型:
oauth2
フロー:
implicit
Authorization URL (承認 URL):
https://login.microsoftonline.com/common/oauth2/authorize
スコープ
| 名前 |
説明 |
|
user_impersonation
|
ユーザー アカウントの借用
|
例
Create role definition
要求のサンプル
PUT https://management.azure.com/scope/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId?api-version=2022-04-01
{}
import com.azure.resourcemanager.authorization.fluent.models.RoleDefinitionInner;
/**
* Samples for RoleDefinitions CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/PutRoleDefinition
* .json
*/
/**
* Sample code: Create role definition.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createRoleDefinition(com.azure.resourcemanager.AzureResourceManager azure) {
azure.accessManagement().roleAssignments().manager().roleServiceClient().getRoleDefinitions()
.createOrUpdateWithResponse("scope", "roleDefinitionId", new RoleDefinitionInner(),
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armauthorization_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/53b1affe357b3bfbb53721d0a2002382a046d3b0/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/PutRoleDefinition.json
func ExampleRoleDefinitionsClient_CreateOrUpdate() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armauthorization.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
_, err = clientFactory.NewRoleDefinitionsClient().CreateOrUpdate(ctx, "scope", "roleDefinitionId", armauthorization.RoleDefinition{}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { AuthorizationManagementClient } = require("@azure/arm-authorization");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a role definition.
*
* @summary Creates or updates a role definition.
* x-ms-original-file: specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/PutRoleDefinition.json
*/
async function createRoleDefinition() {
const subscriptionId =
process.env["AUTHORIZATION_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const scope = "scope";
const roleDefinitionId = "roleDefinitionId";
const roleDefinition = {};
const credential = new DefaultAzureCredential();
const client = new AuthorizationManagementClient(credential, subscriptionId);
const result = await client.roleDefinitions.createOrUpdate(
scope,
roleDefinitionId,
roleDefinition
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Authorization;
// Generated from example definition: specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/PutRoleDefinition.json
// this example is just showing the usage of "RoleDefinitions_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this AuthorizationRoleDefinitionResource created on azure
// for more information of creating AuthorizationRoleDefinitionResource, please refer to the document of AuthorizationRoleDefinitionResource
string scope = "scope";
ResourceIdentifier roleDefinitionId = new ResourceIdentifier("roleDefinitionId");
ResourceIdentifier authorizationRoleDefinitionResourceId = AuthorizationRoleDefinitionResource.CreateResourceIdentifier(scope, roleDefinitionId);
AuthorizationRoleDefinitionResource authorizationRoleDefinition = client.GetAuthorizationRoleDefinitionResource(authorizationRoleDefinitionResourceId);
// invoke the operation
AuthorizationRoleDefinitionData data = new AuthorizationRoleDefinitionData();
ArmOperation<AuthorizationRoleDefinitionResource> lro = await authorizationRoleDefinition.UpdateAsync(WaitUntil.Completed, data);
AuthorizationRoleDefinitionResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
AuthorizationRoleDefinitionData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
応答のサンプル
{
"properties": {
"roleName": "Role name",
"type": "roletype",
"description": "Role description",
"assignableScopes": [
"/subscriptions/subId"
],
"permissions": [
{
"actions": [
"action"
],
"notActions": [],
"dataActions": [
"dataAction"
],
"notDataActions": []
}
]
},
"id": "/subscriptions/subID/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId",
"type": "Microsoft.Authorization/roleDefinitions",
"name": "roleDefinitionId"
}
定義
ErrorAdditionalInfo
リソース管理エラーの追加情報。
| 名前 |
型 |
説明 |
|
info
|
object
|
追加情報。
|
|
type
|
string
|
追加情報の種類。
|
ErrorDetail
エラーの詳細。
| 名前 |
型 |
説明 |
|
additionalInfo
|
ErrorAdditionalInfo[]
|
エラーの追加情報。
|
|
code
|
string
|
エラー コード。
|
|
details
|
ErrorDetail[]
|
エラーの詳細です。
|
|
message
|
string
|
エラー メッセージ。
|
|
target
|
string
|
エラーのターゲット。
|
ErrorResponse
エラー応答
Permission
ロール定義のアクセス許可。
| 名前 |
型 |
説明 |
|
actions
|
string[]
|
許可されるアクション。
|
|
dataActions
|
string[]
|
許可されるデータ アクション。
|
|
notActions
|
string[]
|
拒否されたアクション。
|
|
notDataActions
|
string[]
|
拒否されたデータ アクション。
|
RoleDefinition
ロールの定義。
| 名前 |
型 |
説明 |
|
id
|
string
|
ロール定義 ID
|
|
name
|
string
|
ロール定義名。
|
|
properties.assignableScopes
|
string[]
|
ロール定義の割り当て可能なスコープ。
|
|
properties.createdBy
|
string
|
割り当てを作成したユーザーの ID
|
|
properties.createdOn
|
string
|
作成された時刻
|
|
properties.description
|
string
|
ロール定義の説明。
|
|
properties.permissions
|
Permission[]
|
ロール定義のアクセス許可。
|
|
properties.roleName
|
string
|
ロール名。
|
|
properties.type
|
string
|
ロールの種類。
|
|
properties.updatedBy
|
string
|
割り当てを更新したユーザーの ID
|
|
properties.updatedOn
|
string
|
更新された時刻
|
|
type
|
string
|
ロール定義の種類。
|