Role Definitions - Create Or Update

Creates or updates a role definition.

PUT https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId}?api-version=2022-04-01

URI Parameters

Name In Required Type Description
roleDefinitionId
path True

string

The ID of the role definition.

scope
path True

string

The scope of the role definition.

api-version
query True

string

The API version to use for this operation.

Request Body

Name Type Description
properties.assignableScopes

string[]

Role definition assignable scopes.

properties.description

string

The role definition description.

properties.permissions

Permission[]

Role definition permissions.

properties.roleName

string

The role name.

properties.type

string

The role type.

Responses

Name Type Description
201 Created

RoleDefinition

OK - Returns information about the role definition.

Other Status Codes

ErrorResponse

Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

Create role definition

Sample request

PUT https://management.azure.com/scope/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId?api-version=2022-04-01

{}

Sample response

{
  "properties": {
    "roleName": "Role name",
    "type": "roletype",
    "description": "Role description",
    "assignableScopes": [
      "/subscriptions/subId"
    ],
    "permissions": [
      {
        "actions": [
          "action"
        ],
        "notActions": [],
        "dataActions": [
          "dataAction"
        ],
        "notDataActions": []
      }
    ]
  },
  "id": "/subscriptions/subID/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId",
  "type": "Microsoft.Authorization/roleDefinitions",
  "name": "roleDefinitionId"
}

Definitions

Name Description
ErrorAdditionalInfo

The resource management error additional info.

ErrorDetail

The error detail.

ErrorResponse

Error response

Permission

Role definition permissions.

RoleDefinition

Role definition.

ErrorAdditionalInfo

The resource management error additional info.

Name Type Description
info

object

The additional info.

type

string

The additional info type.

ErrorDetail

The error detail.

Name Type Description
additionalInfo

ErrorAdditionalInfo[]

The error additional info.

code

string

The error code.

details

ErrorDetail[]

The error details.

message

string

The error message.

target

string

The error target.

ErrorResponse

Error response

Name Type Description
error

ErrorDetail

The error object.

Permission

Role definition permissions.

Name Type Description
actions

string[]

Allowed actions.

dataActions

string[]

Allowed Data actions.

notActions

string[]

Denied actions.

notDataActions

string[]

Denied Data actions.

RoleDefinition

Role definition.

Name Type Description
id

string

The role definition ID.

name

string

The role definition name.

properties.assignableScopes

string[]

Role definition assignable scopes.

properties.createdBy

string

Id of the user who created the assignment

properties.createdOn

string

Time it was created

properties.description

string

The role definition description.

properties.permissions

Permission[]

Role definition permissions.

properties.roleName

string

The role name.

properties.type

string

The role type.

properties.updatedBy

string

Id of the user who updated the assignment

properties.updatedOn

string

Time it was updated

type

string

The role definition type.