get
Use this data source to access information about an existing Role Definition.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const primary = azure.core.getSubscription({});
const customRoleDefinition = new azure.authorization.RoleDefinition("custom", {
roleDefinitionId: "00000000-0000-0000-0000-000000000000",
name: "CustomRoleDef",
scope: primary.then(primary => primary.id),
});
const custom = pulumi.all([customRoleDefinition.roleDefinitionId, primary]).apply(([roleDefinitionId, primary]) => azure.authorization.getRoleDefinitionOutput({
roleDefinitionId: roleDefinitionId,
scope: primary.id,
}));
const custom_byname = pulumi.all([customRoleDefinition.name, primary]).apply(([name, primary]) => azure.authorization.getRoleDefinitionOutput({
name: name,
scope: primary.id,
}));
const builtin = azure.authorization.getRoleDefinition({
name: "Contributor",
});
export const customRoleDefinitionId = custom.apply(custom => custom.id);
export const contributorRoleDefinitionId = builtin.then(builtin => builtin.id);Content copied to clipboard
import pulumi
import pulumi_azure as azure
primary = azure.core.get_subscription()
custom_role_definition = azure.authorization.RoleDefinition("custom",
role_definition_id="00000000-0000-0000-0000-000000000000",
name="CustomRoleDef",
scope=primary.id)
custom = custom_role_definition.role_definition_id.apply(lambda role_definition_id: azure.authorization.get_role_definition(role_definition_id=role_definition_id,
scope=primary.id))
custom_byname = custom_role_definition.name.apply(lambda name: azure.authorization.get_role_definition(name=name,
scope=primary.id))
builtin = azure.authorization.get_role_definition(name="Contributor")
pulumi.export("customRoleDefinitionId", custom.id)
pulumi.export("contributorRoleDefinitionId", builtin.id)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var primary = Azure.Core.GetSubscription.Invoke();
var customRoleDefinition = new Azure.Authorization.RoleDefinition("custom", new()
{
RoleDefinitionId = "00000000-0000-0000-0000-000000000000",
Name = "CustomRoleDef",
Scope = primary.Apply(getSubscriptionResult => getSubscriptionResult.Id),
});
var custom = Azure.Authorization.GetRoleDefinition.Invoke(new()
{
RoleDefinitionId = customRoleDefinition.RoleDefinitionId,
Scope = primary.Apply(getSubscriptionResult => getSubscriptionResult.Id),
});
var custom_byname = Azure.Authorization.GetRoleDefinition.Invoke(new()
{
Name = customRoleDefinition.Name,
Scope = primary.Apply(getSubscriptionResult => getSubscriptionResult.Id),
});
var builtin = Azure.Authorization.GetRoleDefinition.Invoke(new()
{
Name = "Contributor",
});
return new Dictionary<string, object?>
{
["customRoleDefinitionId"] = custom.Apply(getRoleDefinitionResult => getRoleDefinitionResult.Id),
["contributorRoleDefinitionId"] = builtin.Apply(getRoleDefinitionResult => getRoleDefinitionResult.Id),
};
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/authorization"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
primary, err := core.LookupSubscription(ctx, &core.LookupSubscriptionArgs{}, nil)
if err != nil {
return err
}
customRoleDefinition, err := authorization.NewRoleDefinition(ctx, "custom", &authorization.RoleDefinitionArgs{
RoleDefinitionId: pulumi.String("00000000-0000-0000-0000-000000000000"),
Name: pulumi.String("CustomRoleDef"),
Scope: pulumi.String(primary.Id),
})
if err != nil {
return err
}
custom := customRoleDefinition.RoleDefinitionId.ApplyT(func(roleDefinitionId string) (authorization.GetRoleDefinitionResult, error) {
return authorization.GetRoleDefinitionResult(authorization.LookupRoleDefinition(ctx, &authorization.LookupRoleDefinitionArgs{
RoleDefinitionId: pulumi.StringRef(pulumi.String(pulumi.StringRef(roleDefinitionId))),
Scope: pulumi.StringRef(pulumi.StringRef(primary.Id)),
}, nil)), nil
}).(authorization.GetRoleDefinitionResultOutput)
_ = customRoleDefinition.Name.ApplyT(func(name string) (authorization.GetRoleDefinitionResult, error) {
return authorization.GetRoleDefinitionResult(authorization.LookupRoleDefinition(ctx, &authorization.LookupRoleDefinitionArgs{
Name: pulumi.StringRef(pulumi.String(pulumi.StringRef(name))),
Scope: pulumi.StringRef(pulumi.StringRef(primary.Id)),
}, nil)), nil
}).(authorization.GetRoleDefinitionResultOutput)
builtin, err := authorization.LookupRoleDefinition(ctx, &authorization.LookupRoleDefinitionArgs{
Name: pulumi.StringRef("Contributor"),
}, nil)
if err != nil {
return err
}
ctx.Export("customRoleDefinitionId", custom.ID())
ctx.Export("contributorRoleDefinitionId", builtin.Id)
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.core.inputs.GetSubscriptionArgs;
import com.pulumi.azure.authorization.RoleDefinition;
import com.pulumi.azure.authorization.RoleDefinitionArgs;
import com.pulumi.azure.authorization.AuthorizationFunctions;
import com.pulumi.azure.authorization.inputs.GetRoleDefinitionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var primary = CoreFunctions.getSubscription(GetSubscriptionArgs.builder()
.build());
var customRoleDefinition = new RoleDefinition("customRoleDefinition", RoleDefinitionArgs.builder()
.roleDefinitionId("00000000-0000-0000-0000-000000000000")
.name("CustomRoleDef")
.scope(primary.id())
.build());
final var custom = customRoleDefinition.roleDefinitionId().applyValue(_roleDefinitionId -> AuthorizationFunctions.getRoleDefinition(GetRoleDefinitionArgs.builder()
.roleDefinitionId(_roleDefinitionId)
.scope(primary.id())
.build()));
final var custom-byname = customRoleDefinition.name().applyValue(_name -> AuthorizationFunctions.getRoleDefinition(GetRoleDefinitionArgs.builder()
.name(_name)
.scope(primary.id())
.build()));
final var builtin = AuthorizationFunctions.getRoleDefinition(GetRoleDefinitionArgs.builder()
.name("Contributor")
.build());
ctx.export("customRoleDefinitionId", custom.id());
ctx.export("contributorRoleDefinitionId", builtin.id());
}
}Content copied to clipboard
resources:
customRoleDefinition:
type: azure:authorization:RoleDefinition
name: custom
properties:
roleDefinitionId: 00000000-0000-0000-0000-000000000000
name: CustomRoleDef
scope: ${primary.id}
variables:
primary:
fn::invoke:
function: azure:core:getSubscription
arguments: {}
custom:
fn::invoke:
function: azure:authorization:getRoleDefinition
arguments:
roleDefinitionId: ${customRoleDefinition.roleDefinitionId}
scope: ${primary.id}
custom-byname:
fn::invoke:
function: azure:authorization:getRoleDefinition
arguments:
name: ${customRoleDefinition.name}
scope: ${primary.id}
builtin:
fn::invoke:
function: azure:authorization:getRoleDefinition
arguments:
name: Contributor
outputs:
customRoleDefinitionId: ${custom.id}
contributorRoleDefinitionId: ${builtin.id}Content copied to clipboard
API Providers
This data source uses the following Azure API Providers:
Microsoft.Authorization: 2022-05-01-preview
Return
A collection of values returned by getRoleDefinition.
Parameters
argument
A collection of arguments for invoking getRoleDefinition.
suspend fun getRoleDefinition(name: String? = null, roleDefinitionId: String? = null, scope: String? = null): GetRoleDefinitionResult
Return
A collection of values returned by getRoleDefinition.
Parameters
name
Specifies the Name of either a built-in or custom Role Definition.
Note: You can also use this for built-in roles such as
Contributor,Owner,ReaderandVirtual Machine Contributor
role
Specifies the ID of the Role Definition as a UUID/GUID.
scope
Specifies the Scope at which the Custom Role Definition exists.
Note: One of
nameorrole_definition_idmust be specified.
See also
suspend fun getRoleDefinition(argument: suspend GetRoleDefinitionPlainArgsBuilder.() -> Unit): GetRoleDefinitionResult
Return
A collection of values returned by getRoleDefinition.
Parameters
argument
Builder for com.pulumi.azure.authorization.kotlin.inputs.GetRoleDefinitionPlainArgs.