Share via


KeyVaultAccessControlClient.CreateRoleAssignment Method

Definition

Creates a role assignment.

public virtual Azure.Response<Azure.Security.KeyVault.Administration.KeyVaultRoleAssignment> CreateRoleAssignment (Azure.Security.KeyVault.Administration.KeyVaultRoleScope roleScope, string roleDefinitionId, string principalId, Guid? roleAssignmentName = default, System.Threading.CancellationToken cancellationToken = default);
abstract member CreateRoleAssignment : Azure.Security.KeyVault.Administration.KeyVaultRoleScope * string * string * Nullable<Guid> * System.Threading.CancellationToken -> Azure.Response<Azure.Security.KeyVault.Administration.KeyVaultRoleAssignment>
override this.CreateRoleAssignment : Azure.Security.KeyVault.Administration.KeyVaultRoleScope * string * string * Nullable<Guid> * System.Threading.CancellationToken -> Azure.Response<Azure.Security.KeyVault.Administration.KeyVaultRoleAssignment>
Public Overridable Function CreateRoleAssignment (roleScope As KeyVaultRoleScope, roleDefinitionId As String, principalId As String, Optional roleAssignmentName As Nullable(Of Guid) = Nothing, Optional cancellationToken As CancellationToken = Nothing) As Response(Of KeyVaultRoleAssignment)

Parameters

roleScope
KeyVaultRoleScope

The scope of the role assignment to create.

roleDefinitionId
String

The role definition ID used in the role assignment.

principalId
String

The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group.

roleAssignmentName
Nullable<Guid>

Optional name used to create the role assignment. A new Guid will be generated if not specified.

cancellationToken
CancellationToken

A CancellationToken controlling the request lifetime.

Returns

A Response<T> containing the result of the operation.

Exceptions

The server returned an error. See Message for details returned from the server.

roleDefinitionId or principalId is null.

roleDefinitionId or principalId is empty.

Applies to