Sql
data class SqlRoleDefinitionArgs(val accountName: Output<String>? = null, val assignableScopes: Output<List<String>>? = null, val name: Output<String>? = null, val permissions: Output<List<SqlRoleDefinitionPermissionArgs>>? = null, val resourceGroupName: Output<String>? = null, val roleDefinitionId: Output<String>? = null, val type: Output<String>? = null) : ConvertibleToJava<SqlRoleDefinitionArgs>
Manages a Cosmos DB SQL Role Definition.
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.cosmosdb.Account;
import com.pulumi.azure.cosmosdb.AccountArgs;
import com.pulumi.azure.cosmosdb.inputs.AccountConsistencyPolicyArgs;
import com.pulumi.azure.cosmosdb.inputs.AccountGeoLocationArgs;
import com.pulumi.azure.cosmosdb.SqlRoleDefinition;
import com.pulumi.azure.cosmosdb.SqlRoleDefinitionArgs;
import com.pulumi.azure.cosmosdb.inputs.SqlRoleDefinitionPermissionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var current = CoreFunctions.getClientConfig();
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.location("West Europe")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.offerType("Standard")
.kind("GlobalDocumentDB")
.consistencyPolicy(AccountConsistencyPolicyArgs.builder()
.consistencyLevel("Strong")
.build())
.geoLocations(AccountGeoLocationArgs.builder()
.location(exampleResourceGroup.location())
.failoverPriority(0)
.build())
.build());
var exampleSqlRoleDefinition = new SqlRoleDefinition("exampleSqlRoleDefinition", SqlRoleDefinitionArgs.builder()
.roleDefinitionId("84cf3a8b-4122-4448-bce2-fa423cfe0a15")
.resourceGroupName(exampleResourceGroup.name())
.accountName(exampleAccount.name())
.assignableScopes(exampleAccount.id().applyValue(id -> String.format("%s/dbs/sales", id)))
.permissions(SqlRoleDefinitionPermissionArgs.builder()
.dataActions("Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/items/read")
.build())
.build());
}
}Content copied to clipboard
Import
Cosmos DB SQL Role Definitions can be imported using the resource id, e.g.
$ pulumi import azure:cosmosdb/sqlRoleDefinition:SqlRoleDefinition example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.DocumentDB/databaseAccounts/account1/sqlRoleDefinitions/28b3c337-f436-482b-a167-c2618dc52033Content copied to clipboard
Constructors
Link copied to clipboard
fun SqlRoleDefinitionArgs(accountName: Output<String>? = null, assignableScopes: Output<List<String>>? = null, name: Output<String>? = null, permissions: Output<List<SqlRoleDefinitionPermissionArgs>>? = null, resourceGroupName: Output<String>? = null, roleDefinitionId: Output<String>? = null, type: Output<String>? = null)
Functions
Properties
Link copied to clipboard
A list of fully qualified scopes at or below which Role Assignments may be created using this Cosmos DB SQL Role Definition. It will allow application of this Cosmos DB SQL Role Definition on the entire Database Account or any underlying Database/Collection. Scopes higher than Database Account are not enforceable as assignable scopes.