Docs Home
We recommend using Azure Native.
Azure v6.23.0 published on Thursday, May 22, 2025 by Pulumi
azure.pim.getRoleAssignments
Explore with Pulumi AI
Use this data source to access information about existing Role Assignments.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const exampleResourceGroup = new azure.core.ResourceGroup("example", {
name: "example",
location: "West Europe",
});
const example = azure.pim.getRoleAssignmentsOutput({
scope: exampleResourceGroup.id,
});
export const id = example.apply(example => example.roleAssignments);
import pulumi
import pulumi_azure as azure
example_resource_group = azure.core.ResourceGroup("example",
name="example",
location="West Europe")
example = azure.pim.get_role_assignments_output(scope=example_resource_group.id)
pulumi.export("id", example.role_assignments)
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/pim"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleResourceGroup, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
example := pim.GetRoleAssignmentsOutput(ctx, pim.GetRoleAssignmentsOutputArgs{
Scope: exampleResourceGroup.ID(),
}, nil)
ctx.Export("id", example.ApplyT(func(example pim.GetRoleAssignmentsResult) ([]pim.GetRoleAssignmentsRoleAssignment, error) {
return []pim.GetRoleAssignmentsRoleAssignment(example.RoleAssignments), nil
}).([]pim.GetRoleAssignmentsRoleAssignmentOutput))
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var exampleResourceGroup = new Azure.Core.ResourceGroup("example", new()
{
Name = "example",
Location = "West Europe",
});
var example = Azure.Pim.GetRoleAssignments.Invoke(new()
{
Scope = exampleResourceGroup.Id,
});
return new Dictionary<string, object?>
{
["id"] = example.Apply(getRoleAssignmentsResult => getRoleAssignmentsResult.RoleAssignments),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.pim.PimFunctions;
import com.pulumi.azure.pim.inputs.GetRoleAssignmentsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.name("example")
.location("West Europe")
.build());
final var example = PimFunctions.getRoleAssignments(GetRoleAssignmentsArgs.builder()
.scope(exampleResourceGroup.id())
.build());
ctx.export("id", example.applyValue(_example -> _example.roleAssignments()));
}
}
resources:
exampleResourceGroup:
type: azure:core:ResourceGroup
name: example
properties:
name: example
location: West Europe
variables:
example:
fn::invoke:
function: azure:pim:getRoleAssignments
arguments:
scope: ${exampleResourceGroup.id}
outputs:
id: ${example.roleAssignments}
API Providers
This data source uses the following Azure API Providers:
Microsoft.Authorization: 2022-04-01
Using getRoleAssignments
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getRoleAssignments(args: GetRoleAssignmentsArgs, opts?: InvokeOptions): Promise<GetRoleAssignmentsResult>
function getRoleAssignmentsOutput(args: GetRoleAssignmentsOutputArgs, opts?: InvokeOptions): Output<GetRoleAssignmentsResult>def get_role_assignments(limit_at_scope: Optional[bool] = None,
principal_id: Optional[str] = None,
scope: Optional[str] = None,
tenant_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetRoleAssignmentsResult
def get_role_assignments_output(limit_at_scope: Optional[pulumi.Input[bool]] = None,
principal_id: Optional[pulumi.Input[str]] = None,
scope: Optional[pulumi.Input[str]] = None,
tenant_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetRoleAssignmentsResult]func GetRoleAssignments(ctx *Context, args *GetRoleAssignmentsArgs, opts ...InvokeOption) (*GetRoleAssignmentsResult, error)
func GetRoleAssignmentsOutput(ctx *Context, args *GetRoleAssignmentsOutputArgs, opts ...InvokeOption) GetRoleAssignmentsResultOutput> Note: This function is named GetRoleAssignments in the Go SDK.
public static class GetRoleAssignments
{
public static Task<GetRoleAssignmentsResult> InvokeAsync(GetRoleAssignmentsArgs args, InvokeOptions? opts = null)
public static Output<GetRoleAssignmentsResult> Invoke(GetRoleAssignmentsInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetRoleAssignmentsResult> getRoleAssignments(GetRoleAssignmentsArgs args, InvokeOptions options)
public static Output<GetRoleAssignmentsResult> getRoleAssignments(GetRoleAssignmentsArgs args, InvokeOptions options)
fn::invoke:
function: azure:pim/getRoleAssignments:getRoleAssignments
arguments:
# arguments dictionaryThe following arguments are supported:
- Scope string
- The scope at which to list Role Assignments.
- Limit
At boolScope - Whether to limit the result exactly at the specified scope and not above or below it. Defaults to
false. - Principal
Id string - The principal ID to filter the list of Role Assignments against.
- Tenant
Id string - The tenant ID for cross-tenant requests.
- Scope string
- The scope at which to list Role Assignments.
- Limit
At boolScope - Whether to limit the result exactly at the specified scope and not above or below it. Defaults to
false. - Principal
Id string - The principal ID to filter the list of Role Assignments against.
- Tenant
Id string - The tenant ID for cross-tenant requests.
- scope String
- The scope at which to list Role Assignments.
- limit
At BooleanScope - Whether to limit the result exactly at the specified scope and not above or below it. Defaults to
false. - principal
Id String - The principal ID to filter the list of Role Assignments against.
- tenant
Id String - The tenant ID for cross-tenant requests.
- scope string
- The scope at which to list Role Assignments.
- limit
At booleanScope - Whether to limit the result exactly at the specified scope and not above or below it. Defaults to
false. - principal
Id string - The principal ID to filter the list of Role Assignments against.
- tenant
Id string - The tenant ID for cross-tenant requests.
- scope str
- The scope at which to list Role Assignments.
- limit_
at_ boolscope - Whether to limit the result exactly at the specified scope and not above or below it. Defaults to
false. - principal_
id str - The principal ID to filter the list of Role Assignments against.
- tenant_
id str - The tenant ID for cross-tenant requests.
- scope String
- The scope at which to list Role Assignments.
- limit
At BooleanScope - Whether to limit the result exactly at the specified scope and not above or below it. Defaults to
false. - principal
Id String - The principal ID to filter the list of Role Assignments against.
- tenant
Id String - The tenant ID for cross-tenant requests.
getRoleAssignments Result
The following output properties are available:
- Id string
- The provider-assigned unique ID for this managed resource.
- Role
Assignments List<GetRole Assignments Role Assignment> - A
role_assignmentsblock as defined below. - Scope string
- Limit
At boolScope - Principal
Id string - The principal ID.
- Tenant
Id string
- Id string
- The provider-assigned unique ID for this managed resource.
- Role
Assignments []GetRole Assignments Role Assignment - A
role_assignmentsblock as defined below. - Scope string
- Limit
At boolScope - Principal
Id string - The principal ID.
- Tenant
Id string
- id String
- The provider-assigned unique ID for this managed resource.
- role
Assignments List<GetRole Assignments Role Assignment> - A
role_assignmentsblock as defined below. - scope String
- limit
At BooleanScope - principal
Id String - The principal ID.
- tenant
Id String
- id string
- The provider-assigned unique ID for this managed resource.
- role
Assignments GetRole Assignments Role Assignment[] - A
role_assignmentsblock as defined below. - scope string
- limit
At booleanScope - principal
Id string - The principal ID.
- tenant
Id string
- id str
- The provider-assigned unique ID for this managed resource.
- role_
assignments Sequence[GetRole Assignments Role Assignment] - A
role_assignmentsblock as defined below. - scope str
- limit_
at_ boolscope - principal_
id str - The principal ID.
- tenant_
id str
- id String
- The provider-assigned unique ID for this managed resource.
- role
Assignments List<Property Map> - A
role_assignmentsblock as defined below. - scope String
- limit
At BooleanScope - principal
Id String - The principal ID.
- tenant
Id String
Supporting Types
GetRoleAssignmentsRoleAssignment
- Condition string
- The condition that limits the resource the role can be assigned to.
- Condition
Version string - The version of the condition.
- Delegated
Managed stringIdentity Resource Id - The ID of the delegated managed identity resource.
- Description string
- The description for this Role Assignment.
- Principal
Id string - The principal ID to filter the list of Role Assignments against.
- Principal
Type string - The type of the
principal_id. - Role
Assignment stringId - The ID of the Role Assignment.
- Role
Assignment stringName - The name of the Role Assignment.
- Role
Assignment stringScope - The scope of the Role Assignment.
- Role
Definition stringId - The ID of the Role Definition.
- Condition string
- The condition that limits the resource the role can be assigned to.
- Condition
Version string - The version of the condition.
- Delegated
Managed stringIdentity Resource Id - The ID of the delegated managed identity resource.
- Description string
- The description for this Role Assignment.
- Principal
Id string - The principal ID to filter the list of Role Assignments against.
- Principal
Type string - The type of the
principal_id. - Role
Assignment stringId - The ID of the Role Assignment.
- Role
Assignment stringName - The name of the Role Assignment.
- Role
Assignment stringScope - The scope of the Role Assignment.
- Role
Definition stringId - The ID of the Role Definition.
- condition String
- The condition that limits the resource the role can be assigned to.
- condition
Version String - The version of the condition.
- delegated
Managed StringIdentity Resource Id - The ID of the delegated managed identity resource.
- description String
- The description for this Role Assignment.
- principal
Id String - The principal ID to filter the list of Role Assignments against.
- principal
Type String - The type of the
principal_id. - role
Assignment StringId - The ID of the Role Assignment.
- role
Assignment StringName - The name of the Role Assignment.
- role
Assignment StringScope - The scope of the Role Assignment.
- role
Definition StringId - The ID of the Role Definition.
- condition string
- The condition that limits the resource the role can be assigned to.
- condition
Version string - The version of the condition.
- delegated
Managed stringIdentity Resource Id - The ID of the delegated managed identity resource.
- description string
- The description for this Role Assignment.
- principal
Id string - The principal ID to filter the list of Role Assignments against.
- principal
Type string - The type of the
principal_id. - role
Assignment stringId - The ID of the Role Assignment.
- role
Assignment stringName - The name of the Role Assignment.
- role
Assignment stringScope - The scope of the Role Assignment.
- role
Definition stringId - The ID of the Role Definition.
- condition str
- The condition that limits the resource the role can be assigned to.
- condition_
version str - The version of the condition.
- delegated_
managed_ stridentity_ resource_ id - The ID of the delegated managed identity resource.
- description str
- The description for this Role Assignment.
- principal_
id str - The principal ID to filter the list of Role Assignments against.
- principal_
type str - The type of the
principal_id. - role_
assignment_ strid - The ID of the Role Assignment.
- role_
assignment_ strname - The name of the Role Assignment.
- role_
assignment_ strscope - The scope of the Role Assignment.
- role_
definition_ strid - The ID of the Role Definition.
- condition String
- The condition that limits the resource the role can be assigned to.
- condition
Version String - The version of the condition.
- delegated
Managed StringIdentity Resource Id - The ID of the delegated managed identity resource.
- description String
- The description for this Role Assignment.
- principal
Id String - The principal ID to filter the list of Role Assignments against.
- principal
Type String - The type of the
principal_id. - role
Assignment StringId - The ID of the Role Assignment.
- role
Assignment StringName - The name of the Role Assignment.
- role
Assignment StringScope - The scope of the Role Assignment.
- role
Definition StringId - The ID of the Role Definition.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azurermTerraform Provider.