azure.authorization.getRoleDefinition (v4)

Azure v4.42.0 (4.x), Mar 9 26

We recommend using Azure Native.

Viewing docs for Azure v4.42.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi

Go to latest version

Schema (JSON)

pulumi/pulumi-azure

We recommend using Azure Native.

Viewing docs for Azure v4.42.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi

Go to latest version

Schema (JSON)

pulumi/pulumi-azure

Using getRoleDefinition

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getRoleDefinition(args: GetRoleDefinitionArgs, opts?: InvokeOptions): Promise<GetRoleDefinitionResult>
function getRoleDefinitionOutput(args: GetRoleDefinitionOutputArgs, opts?: InvokeOptions): Output<GetRoleDefinitionResult>

def get_role_definition(name: Optional[str] = None,
                        role_definition_id: Optional[str] = None,
                        scope: Optional[str] = None,
                        opts: Optional[InvokeOptions] = None) -> GetRoleDefinitionResult
def get_role_definition_output(name: Optional[pulumi.Input[str]] = None,
                        role_definition_id: Optional[pulumi.Input[str]] = None,
                        scope: Optional[pulumi.Input[str]] = None,
                        opts: Optional[InvokeOptions] = None) -> Output[GetRoleDefinitionResult]

func LookupRoleDefinition(ctx *Context, args *LookupRoleDefinitionArgs, opts ...InvokeOption) (*LookupRoleDefinitionResult, error)
func LookupRoleDefinitionOutput(ctx *Context, args *LookupRoleDefinitionOutputArgs, opts ...InvokeOption) LookupRoleDefinitionResultOutput

> Note: This function is named LookupRoleDefinition in the Go SDK.

public static class GetRoleDefinition 
{
    public static Task<GetRoleDefinitionResult> InvokeAsync(GetRoleDefinitionArgs args, InvokeOptions? opts = null)
    public static Output<GetRoleDefinitionResult> Invoke(GetRoleDefinitionInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetRoleDefinitionResult> getRoleDefinition(GetRoleDefinitionArgs args, InvokeOptions options)
public static Output<GetRoleDefinitionResult> getRoleDefinition(GetRoleDefinitionArgs args, InvokeOptions options)

fn::invoke:
  function: azure:authorization/getRoleDefinition:getRoleDefinition
  arguments:
    # arguments dictionary

The following arguments are supported:

Name string: Specifies the Name of either a built-in or custom Role Definition.
RoleDefinitionId string: Specifies the ID of the Role Definition as a UUID/GUID.
Scope string: Specifies the Scope at which the Custom Role Definition exists.

Name string: Specifies the Name of either a built-in or custom Role Definition.
RoleDefinitionId string: Specifies the ID of the Role Definition as a UUID/GUID.
Scope string: Specifies the Scope at which the Custom Role Definition exists.

name String: Specifies the Name of either a built-in or custom Role Definition.
roleDefinitionId String: Specifies the ID of the Role Definition as a UUID/GUID.
scope String: Specifies the Scope at which the Custom Role Definition exists.

name string: Specifies the Name of either a built-in or custom Role Definition.
roleDefinitionId string: Specifies the ID of the Role Definition as a UUID/GUID.
scope string: Specifies the Scope at which the Custom Role Definition exists.

name str: Specifies the Name of either a built-in or custom Role Definition.
role_definition_id str: Specifies the ID of the Role Definition as a UUID/GUID.
scope str: Specifies the Scope at which the Custom Role Definition exists.

name String: Specifies the Name of either a built-in or custom Role Definition.
roleDefinitionId String: Specifies the ID of the Role Definition as a UUID/GUID.
scope String: Specifies the Scope at which the Custom Role Definition exists.

getRoleDefinition Result

The following output properties are available:

AssignableScopes List<string>: One or more assignable scopes for this Role Definition, such as /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333, /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup, or /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM.
Description string: the Description of the built-in Role.
Id string: The provider-assigned unique ID for this managed resource.
Name string
Permissions List<GetRoleDefinitionPermission>: a permissions block as documented below.
RoleDefinitionId string
Type string: the Type of the Role.
Scope string

AssignableScopes []string: One or more assignable scopes for this Role Definition, such as /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333, /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup, or /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM.
Description string: the Description of the built-in Role.
Id string: The provider-assigned unique ID for this managed resource.
Name string
Permissions []GetRoleDefinitionPermission: a permissions block as documented below.
RoleDefinitionId string
Type string: the Type of the Role.
Scope string

assignableScopes List<String>: One or more assignable scopes for this Role Definition, such as /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333, /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup, or /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM.
description String: the Description of the built-in Role.
id String: The provider-assigned unique ID for this managed resource.
name String
permissions List<GetRoleDefinitionPermission>: a permissions block as documented below.
roleDefinitionId String
type String: the Type of the Role.
scope String

assignableScopes string[]: One or more assignable scopes for this Role Definition, such as /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333, /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup, or /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM.
description string: the Description of the built-in Role.
id string: The provider-assigned unique ID for this managed resource.
name string
permissions GetRoleDefinitionPermission[]: a permissions block as documented below.
roleDefinitionId string
type string: the Type of the Role.
scope string

assignable_scopes Sequence[str]: One or more assignable scopes for this Role Definition, such as /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333, /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup, or /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM.
description str: the Description of the built-in Role.
id str: The provider-assigned unique ID for this managed resource.
name str
permissions Sequence[GetRoleDefinitionPermission]: a permissions block as documented below.
role_definition_id str
type str: the Type of the Role.
scope str

assignableScopes List<String>: One or more assignable scopes for this Role Definition, such as /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333, /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup, or /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM.
description String: the Description of the built-in Role.
id String: The provider-assigned unique ID for this managed resource.
name String
permissions List<Property Map>: a permissions block as documented below.
roleDefinitionId String
type String: the Type of the Role.
scope String

Supporting Types

GetRoleDefinitionPermission

Actions List<string>: a list of actions supported by this role
NotActions List<string>: a list of actions which are denied by this role
DataActions List<string>
NotDataActions List<string>

Actions []string: a list of actions supported by this role
NotActions []string: a list of actions which are denied by this role
DataActions []string
NotDataActions []string

actions List<String>: a list of actions supported by this role
notActions List<String>: a list of actions which are denied by this role
dataActions List<String>
notDataActions List<String>

actions string[]: a list of actions supported by this role
notActions string[]: a list of actions which are denied by this role
dataActions string[]
notDataActions string[]

actions Sequence[str]: a list of actions supported by this role
not_actions Sequence[str]: a list of actions which are denied by this role
data_actions Sequence[str]
not_data_actions Sequence[str]

actions List<String>: a list of actions supported by this role
notActions List<String>: a list of actions which are denied by this role
dataActions List<String>
notDataActions List<String>

Package Details

Repository: Azure Classic pulumi/pulumi-azure
License: Apache-2.0
Notes: This Pulumi package is based on the azurerm Terraform Provider.

We recommend using Azure Native.

Viewing docs for Azure v4.42.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi

Go to latest version

Schema (JSON)

pulumi/pulumi-azure

azure.authorization.getRoleDefinition

On this page

On this page

Using getRoleDefinition

getRoleDefinition Result

Supporting Types

GetRoleDefinitionPermission

Package Details

On this page

On this page