RoleAssignmentCreateParameters Class
Role assignment create parameters.
All required parameters must be populated in order to send to Azure.
- Inheritance
-
azure.mgmt.authorization._serialization.ModelRoleAssignmentCreateParameters
Constructor
RoleAssignmentCreateParameters(*, role_definition_id: str, principal_id: str, principal_type: str | _models.PrincipalType | None = None, can_delegate: bool | None = None, description: str | None = None, condition: str | None = None, condition_version: str | None = None, delegated_managed_identity_resource_id: str | None = None, **kwargs: Any)Keyword-Only Parameters
| Name | Description |
|---|---|
|
role_definition_id
|
The role definition ID used in the role assignment. Required. |
|
principal_id
|
The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group. Required. |
|
principal_type
|
str or
PrincipalType
The principal type of the assigned principal ID. Known values are: "User", "Group", "ServicePrincipal", and "ForeignGroup". |
|
can_delegate
|
The delegation flag used for creating a role assignment. |
|
description
|
Description of role assignment. |
|
condition
|
The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'. |
|
condition_version
|
Version of the condition. Currently accepted value is '2.0'. |
|
delegated_managed_identity_resource_id
|
Id of the delegated managed identity resource. |
Variables
| Name | Description |
|---|---|
|
role_definition_id
|
The role definition ID used in the role assignment. Required. |
|
principal_id
|
The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group. Required. |
|
principal_type
|
str or
PrincipalType
The principal type of the assigned principal ID. Known values are: "User", "Group", "ServicePrincipal", and "ForeignGroup". |
|
can_delegate
|
The delegation flag used for creating a role assignment. |
|
description
|
Description of role assignment. |
|
condition
|
The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'. |
|
condition_version
|
Version of the condition. Currently accepted value is '2.0'. |
|
delegated_managed_identity_resource_id
|
Id of the delegated managed identity resource. |
Azure SDK for Python