ID별로 역할 할당을 삭제합니다.
DELETE https://management.azure.com/{roleAssignmentId}?api-version=2022-04-01
With optional parameters:
DELETE https://management.azure.com/{roleAssignmentId}?api-version=2022-04-01&tenantId={tenantId}
URI 매개 변수
Name |
In(다음 안에) |
필수 |
형식 |
Description |
roleAssignmentId
|
path |
True
|
string
|
scope, 리소스 이름 및 리소스 종류를 포함한 역할 할당의 정규화된 ID입니다. 형식: /{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}. 예: /subscriptions/<SUB_ID>/resourcegroups/<RESOURCE_GROUP>/providers/Microsoft.Authorization/roleAssignments/<ROLE_ASSIGNMENT_NAME>
|
api-version
|
query |
True
|
string
|
이 작업에 사용할 API 버전입니다.
|
tenantId
|
query |
|
string
|
테넌트 간 요청에 대한 테넌트 ID
|
응답
Name |
형식 |
Description |
200 OK
|
RoleAssignment
|
삭제된 역할 할당을 반환합니다.
|
204 No Content
|
|
역할 할당이 이미 삭제되거나 존재하지 않습니다.
|
Other Status Codes
|
ErrorResponse
|
작업이 실패한 이유를 설명하는 오류 응답입니다.
|
보안
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name |
Description |
user_impersonation
|
사용자 계정 가장
|
예제
Delete role assignment by ID
Sample Request
DELETE https://management.azure.com/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747?api-version=2022-04-01
/** Samples for RoleAssignments DeleteById. */
public final class Main {
/*
* x-ms-original-file:
* specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/
* RoleAssignments_DeleteById.json
*/
/**
* Sample code: Delete role assignment by ID.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void deleteRoleAssignmentByID(com.azure.resourcemanager.AzureResourceManager azure) {
azure.accessManagement().roleAssignments().manager().roleServiceClient().getRoleAssignments()
.deleteByIdWithResponse(
"subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747",
null, com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.authorization import AuthorizationManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-authorization
# USAGE
python role_assignments_delete_by_id.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = AuthorizationManagementClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.role_assignments.delete_by_id(
role_assignment_id="subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747",
)
print(response)
# x-ms-original-file: specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_DeleteById.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armauthorization_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/310a0100f5b020c1900c527a6aa70d21992f078a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_DeleteById.json
func ExampleRoleAssignmentsClient_DeleteByID() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armauthorization.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewRoleAssignmentsClient().DeleteByID(ctx, "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", &armauthorization.RoleAssignmentsClientDeleteByIDOptions{TenantID: nil})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.RoleAssignment = armauthorization.RoleAssignment{
// Name: to.Ptr("b0f43c54-e787-4862-89b1-a653fa9cf747"),
// Type: to.Ptr("Microsoft.Authorization/roleAssignments"),
// ID: to.Ptr("/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747"),
// Properties: &armauthorization.RoleAssignmentProperties{
// PrincipalID: to.Ptr("ce2ce14e-85d7-4629-bdbc-454d0519d987"),
// PrincipalType: to.Ptr(armauthorization.PrincipalTypeUser),
// RoleDefinitionID: to.Ptr("/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d"),
// Scope: to.Ptr("/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { AuthorizationManagementClient } = require("@azure/arm-authorization");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Delete a role assignment by ID.
*
* @summary Delete a role assignment by ID.
* x-ms-original-file: specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_DeleteById.json
*/
async function deleteRoleAssignmentById() {
const roleAssignmentId =
"subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747";
const credential = new DefaultAzureCredential();
const client = new AuthorizationManagementClient(credential);
const result = await client.roleAssignments.deleteById(roleAssignmentId);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"properties": {
"roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d",
"principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987",
"principalType": "User",
"scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2"
},
"id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747",
"type": "Microsoft.Authorization/roleAssignments",
"name": "b0f43c54-e787-4862-89b1-a653fa9cf747"
}
정의
ErrorAdditionalInfo
리소스 관리 오류 추가 정보입니다.
Name |
형식 |
Description |
info
|
object
|
추가 정보입니다.
|
type
|
string
|
추가 정보 유형입니다.
|
ErrorDetail
오류 세부 정보입니다.
Name |
형식 |
Description |
additionalInfo
|
ErrorAdditionalInfo[]
|
오류 추가 정보입니다.
|
code
|
string
|
오류 코드입니다.
|
details
|
ErrorDetail[]
|
오류 세부 정보입니다.
|
message
|
string
|
오류 메시지입니다.
|
target
|
string
|
오류 대상입니다.
|
ErrorResponse
오류 응답
PrincipalType
할당된 보안 주체 ID의 보안 주체 유형입니다.
Name |
형식 |
Description |
Device
|
string
|
|
ForeignGroup
|
string
|
|
Group
|
string
|
|
ServicePrincipal
|
string
|
|
User
|
string
|
|
RoleAssignment
역할 할당
Name |
형식 |
기본값 |
Description |
id
|
string
|
|
역할 할당 ID입니다.
|
name
|
string
|
|
역할 할당 이름입니다.
|
properties.condition
|
string
|
|
역할 할당에 대한 조건입니다. 이렇게 하면 할당할 수 있는 리소스가 제한됩니다. 예: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'
|
properties.conditionVersion
|
string
|
|
조건의 버전입니다. 현재 허용되는 유일한 값은 '2.0'입니다.
|
properties.createdBy
|
string
|
|
할당을 만든 사용자의 ID
|
properties.createdOn
|
string
|
|
만든 시간
|
properties.delegatedManagedIdentityResourceId
|
string
|
|
위임된 관리 ID 리소스의 ID
|
properties.description
|
string
|
|
역할 할당에 대한 설명
|
properties.principalId
|
string
|
|
보안 주체 ID입니다.
|
properties.principalType
|
PrincipalType
|
User
|
할당된 보안 주체 ID의 보안 주체 유형입니다.
|
properties.roleDefinitionId
|
string
|
|
역할 정의 ID입니다.
|
properties.scope
|
string
|
|
역할 할당 scope.
|
properties.updatedBy
|
string
|
|
할당을 업데이트한 사용자의 ID
|
properties.updatedOn
|
string
|
|
업데이트된 시간
|
type
|
string
|
|
역할 할당 유형입니다.
|