Role Assignments - Create

Reference

Service:: Key Vault

API Version:: 7.3

Creates a role assignment.

PUT {vaultBaseUrl}/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}?api-version=7.3

URI Parameters

Name	In	Required	Type	Description
roleAssignmentName	path	True	string	The name of the role assignment to create. It can be any valid GUID.
scope	path	True	string	The scope of the role assignment to create.
vaultBaseUrl	path	True	string	The vault name, for example https://myvault.vault.azure.net.
api-version	query	True	string	Client API version.

Request Body

Name	Required	Type	Description
properties	True	RoleAssignmentProperties	Role assignment properties.

Responses

Name	Type	Description
201 Created	RoleAssignment	Created - Returns information about the role assignment.
Other Status Codes	KeyVaultError	Key Vault error response describing why the operation failed.

Examples

PutRoleAssignments

Sample Request

HTTP

PUT https://myvault.vault.azure.net//keys/providers/Microsoft.Authorization/roleAssignments/roleAssignmentName?api-version=7.3

{
  "properties": {
    "roleDefinitionId": "/keys/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId",
    "principalId": "principalId"
  }
}

Sample Response

Status code:: 201

{
  "properties": {
    "roleDefinitionId": "/keys/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId",
    "principalId": "principalId",
    "scope": "/keys"
  },
  "id": "/keys/providers/Microsoft.Authorization/roleAssignments/roleAssignmentId",
  "type": "Microsoft.Authorization/roleAssignments",
  "name": "roleAssignmentId"
}

Definitions

Error	The key vault server error.
KeyVaultError	The key vault error exception.
RoleAssignment	Role Assignments
RoleAssignmentCreateParameters	Role assignment create parameters.
RoleAssignmentProperties	Role assignment properties.
RoleAssignmentPropertiesWithScope	Role assignment properties with scope.
RoleScope	The role scope.

Error

The key vault server error.

Name	Type	Description
code	string	The error code.
innererror	Error	The key vault server error.
message	string	The error message.

KeyVaultError

The key vault error exception.

Name	Type	Description
error	Error	The key vault server error.

RoleAssignment

Role Assignments

Name	Type	Description
id	string	The role assignment ID.
name	string	The role assignment name.
properties	RoleAssignmentPropertiesWithScope	Role assignment properties.
type	string	The role assignment type.

RoleAssignmentCreateParameters

Role assignment create parameters.

Name	Type	Description
properties	RoleAssignmentProperties	Role assignment properties.

RoleAssignmentProperties

Role assignment properties.

Name	Type	Description
principalId	string	The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group.
roleDefinitionId	string	The role definition ID used in the role assignment.

RoleAssignmentPropertiesWithScope

Role assignment properties with scope.

Name	Type	Description
principalId	string	The principal ID.
roleDefinitionId	string	The role definition ID.
scope	RoleScope	The role scope.

RoleScope

The role scope.

Name	Type	Description
/	string	Global scope
/keys	string	Keys scope