Feedback Edit

RoleAssignmentCreateParameters Class

  • Reference

Role assignment create parameters.

All required parameters must be populated in order to send to Azure.

Inheritance
Model
RoleAssignmentCreateParameters

Constructor

RoleAssignmentCreateParameters(*, role_definition_id: str, principal_id: str, principal_type: Optional[Union[str, azure.mgmt.authorization.v2020_04_01_preview.models._authorization_management_client_enums.PrincipalType]] = None, can_delegate: Optional[bool] = None, description: Optional[str] = None, condition: Optional[str] = None, condition_version: Optional[str] = None, delegated_managed_identity_resource_id: Optional[str] = None, **kwargs)

Parameters

role_definition_id
str
Required

Required. The role definition ID used in the role assignment.

principal_id
str
Required

Required. The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group.

principal_type
str or PrincipalType
Required

The principal type of the assigned principal ID. Possible values include: "User", "Group", "ServicePrincipal", "ForeignGroup".

can_delegate
bool
Required

The delegation flag used for creating a role assignment.

description
str
Required

Description of role assignment.

condition
str
Required

The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'.

condition_version
str
Required

Version of the condition. Currently accepted value is '2.0'.

delegated_managed_identity_resource_id
str
Required

Id of the delegated managed identity resource.