diff --git a/Commands/readme.md b/Commands/readme.md index 21af835cd..fcb82443e 100644 --- a/Commands/readme.md +++ b/Commands/readme.md @@ -311,6 +311,9 @@ - [restore-point](/Commands/restore-point/readme.md) : Manage restore point with res. +- [role](/Commands/role/readme.md) +: Manage Azure role-based access control (Azure RBAC) + - [security](/Commands/security/readme.md) : Manage your security posture with Microsoft Defender for Cloud. diff --git a/Commands/role/assignment/_create.md b/Commands/role/assignment/_create.md new file mode 100644 index 000000000..029f3a810 --- /dev/null +++ b/Commands/role/assignment/_create.md @@ -0,0 +1,9 @@ +# [Command] _role assignment create_ + +Create a role assignment by scope and name. + +## Versions + +### [2022-04-01](/Resources/mgmt-plane/L3tzY29wZX0vcHJvdmlkZXJzL21pY3Jvc29mdC5hdXRob3JpemF0aW9uL3JvbGVhc3NpZ25tZW50cy97fQ==/2022-04-01.xml) **Stable** + + diff --git a/Commands/role/assignment/_delete.md b/Commands/role/assignment/_delete.md new file mode 100644 index 000000000..c105becc3 --- /dev/null +++ b/Commands/role/assignment/_delete.md @@ -0,0 +1,9 @@ +# [Command] _role assignment delete_ + +Delete a role assignment by scope and name. + +## Versions + +### [2022-04-01](/Resources/mgmt-plane/L3tzY29wZX0vcHJvdmlkZXJzL21pY3Jvc29mdC5hdXRob3JpemF0aW9uL3JvbGVhc3NpZ25tZW50cy97fQ==/2022-04-01.xml) **Stable** + + diff --git a/Commands/role/assignment/_list.md b/Commands/role/assignment/_list.md new file mode 100644 index 000000000..46d42a8fb --- /dev/null +++ b/Commands/role/assignment/_list.md @@ -0,0 +1,9 @@ +# [Command] _role assignment list_ + +List all role assignments that apply to a scope. + +## Versions + +### [2022-04-01](/Resources/mgmt-plane/L3tzY29wZX0vcHJvdmlkZXJzL21pY3Jvc29mdC5hdXRob3JpemF0aW9uL3JvbGVhc3NpZ25tZW50cw==/2022-04-01.xml) **Stable** + + diff --git a/Commands/role/assignment/_show.md b/Commands/role/assignment/_show.md new file mode 100644 index 000000000..3e476c748 --- /dev/null +++ b/Commands/role/assignment/_show.md @@ -0,0 +1,9 @@ +# [Command] _role assignment show_ + +Get a role assignment by scope and name. + +## Versions + +### [2022-04-01](/Resources/mgmt-plane/L3tzY29wZX0vcHJvdmlkZXJzL21pY3Jvc29mdC5hdXRob3JpemF0aW9uL3JvbGVhc3NpZ25tZW50cy97fQ==/2022-04-01.xml) **Stable** + + diff --git a/Commands/role/assignment/_update.md b/Commands/role/assignment/_update.md new file mode 100644 index 000000000..5b7303d61 --- /dev/null +++ b/Commands/role/assignment/_update.md @@ -0,0 +1,9 @@ +# [Command] _role assignment update_ + +Update a role assignment by scope and name. + +## Versions + +### [2022-04-01](/Resources/mgmt-plane/L3tzY29wZX0vcHJvdmlkZXJzL21pY3Jvc29mdC5hdXRob3JpemF0aW9uL3JvbGVhc3NpZ25tZW50cy97fQ==/2022-04-01.xml) **Stable** + + diff --git a/Commands/role/assignment/readme.md b/Commands/role/assignment/readme.md new file mode 100644 index 000000000..10b6b388b --- /dev/null +++ b/Commands/role/assignment/readme.md @@ -0,0 +1,20 @@ +# [Group] _role assignment_ + +Manage Role Assignment + +## Commands + +- [create](/Commands/role/assignment/_create.md) +: Create a role assignment by scope and name. + +- [delete](/Commands/role/assignment/_delete.md) +: Delete a role assignment by scope and name. + +- [list](/Commands/role/assignment/_list.md) +: List all role assignments that apply to a scope. + +- [show](/Commands/role/assignment/_show.md) +: Get a role assignment by scope and name. + +- [update](/Commands/role/assignment/_update.md) +: Update a role assignment by scope and name. diff --git a/Commands/role/readme.md b/Commands/role/readme.md new file mode 100644 index 000000000..b69803120 --- /dev/null +++ b/Commands/role/readme.md @@ -0,0 +1,8 @@ +# [Group] _role_ + +Manage Azure role-based access control (Azure RBAC) + +## Subgroups + +- [assignment](/Commands/role/assignment/readme.md) +: Manage Role Assignment diff --git a/Resources/mgmt-plane/L3tzY29wZX0vcHJvdmlkZXJzL21pY3Jvc29mdC5hdXRob3JpemF0aW9uL3JvbGVhc3NpZ25tZW50cw==/2022-04-01.json b/Resources/mgmt-plane/L3tzY29wZX0vcHJvdmlkZXJzL21pY3Jvc29mdC5hdXRob3JpemF0aW9uL3JvbGVhc3NpZ25tZW50cw==/2022-04-01.json new file mode 100644 index 000000000..2b9c935fd --- /dev/null +++ b/Resources/mgmt-plane/L3tzY29wZX0vcHJvdmlkZXJzL21pY3Jvc29mdC5hdXRob3JpemF0aW9uL3JvbGVhc3NpZ25tZW50cw==/2022-04-01.json @@ -0,0 +1 @@ +{"plane": "mgmt-plane", "resources": [{"id": "/{scope}/providers/microsoft.authorization/roleassignments", "version": "2022-04-01", "swagger": "mgmt-plane/authorization/ResourceProviders/Microsoft.Authorization/Paths/L3tzY29wZX0vcHJvdmlkZXJzL01pY3Jvc29mdC5BdXRob3JpemF0aW9uL3JvbGVBc3NpZ25tZW50cw==/V/MjAyMi0wNC0wMQ=="}], "commandGroups": [{"name": "role assignment", "commands": [{"name": "list", "version": "2022-04-01", "resources": [{"id": "/{scope}/providers/microsoft.authorization/roleassignments", "version": "2022-04-01", "swagger": "mgmt-plane/authorization/ResourceProviders/Microsoft.Authorization/Paths/L3tzY29wZX0vcHJvdmlkZXJzL01pY3Jvc29mdC5BdXRob3JpemF0aW9uL3JvbGVBc3NpZ25tZW50cw==/V/MjAyMi0wNC0wMQ=="}], "argGroups": [{"name": "", "args": [{"type": "string", "var": "$Path.scope", "options": ["scope"], "required": true, "help": {"short": "The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'"}}, {"type": "string", "var": "$Query.filter", "options": ["filter"], "help": {"short": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal."}}, {"type": "string", "var": "$Query.skipToken", "options": ["skip-token"], "help": {"short": "The skipToken to apply on the operation. Use $skipToken={skiptoken} to return paged role assignments following the skipToken passed. Only supported on provider level calls."}}, {"type": "string", "var": "$Query.tenantId", "options": ["tenant-id"], "help": {"short": "Tenant ID for cross-tenant request"}}]}], "operations": [{"operationId": "RoleAssignments_ListForScope", "http": {"path": "/{scope}/providers/Microsoft.Authorization/roleAssignments", "request": {"method": "get", "path": {"params": [{"type": "string", "name": "scope", "arg": "$Path.scope", "required": true, "skipUrlEncoding": true}]}, "query": {"params": [{"type": "string", "name": "$filter", "arg": "$Query.filter"}, {"type": "string", "name": "$skipToken", "arg": "$Query.skipToken"}, {"type": "string", "name": "tenantId", "arg": "$Query.tenantId"}], "consts": [{"readOnly": true, "const": true, "default": {"value": "2022-04-01"}, "type": "string", "name": "api-version", "required": true, "format": {"minLength": 1}}]}}, "responses": [{"statusCode": [200], "body": {"json": {"var": "$Instance", "schema": {"type": "object", "props": [{"readOnly": true, "type": "string", "name": "nextLink"}, {"type": "array", "name": "value", "item": {"type": "object", "props": [{"readOnly": true, "type": "ResourceId", "name": "id"}, {"readOnly": true, "type": "string", "name": "name"}, {"type": "object", "name": "properties", "props": [{"type": "string", "name": "condition"}, {"type": "string", "name": "conditionVersion"}, {"readOnly": true, "type": "string", "name": "createdBy"}, {"readOnly": true, "type": "dateTime", "name": "createdOn"}, {"type": "string", "name": "delegatedManagedIdentityResourceId"}, {"type": "string", "name": "description"}, {"type": "string", "name": "principalId", "required": true}, {"default": {"value": "User"}, "type": "string", "name": "principalType", "enum": {"items": [{"value": "Device"}, {"value": "ForeignGroup"}, {"value": "Group"}, {"value": "ServicePrincipal"}, {"value": "User"}]}}, {"type": "string", "name": "roleDefinitionId", "required": true}, {"readOnly": true, "type": "string", "name": "scope"}, {"readOnly": true, "type": "string", "name": "updatedBy"}, {"readOnly": true, "type": "dateTime", "name": "updatedOn"}], "clientFlatten": true}, {"readOnly": true, "type": "string", "name": "type"}]}}]}}}}, {"isError": true, "body": {"json": {"schema": {"type": "@MgmtErrorFormat"}}}}]}}], "outputs": [{"type": "array", "ref": "$Instance.value", "clientFlatten": true, "nextLink": "$Instance.nextLink"}]}]}]} \ No newline at end of file diff --git a/Resources/mgmt-plane/L3tzY29wZX0vcHJvdmlkZXJzL21pY3Jvc29mdC5hdXRob3JpemF0aW9uL3JvbGVhc3NpZ25tZW50cw==/2022-04-01.xml b/Resources/mgmt-plane/L3tzY29wZX0vcHJvdmlkZXJzL21pY3Jvc29mdC5hdXRob3JpemF0aW9uL3JvbGVhc3NpZ25tZW50cw==/2022-04-01.xml new file mode 100644 index 000000000..b85e49a3e --- /dev/null +++ b/Resources/mgmt-plane/L3tzY29wZX0vcHJvdmlkZXJzL21pY3Jvc29mdC5hdXRob3JpemF0aW9uL3JvbGVhc3NpZ25tZW50cw==/2022-04-01.xml @@ -0,0 +1,88 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Resources/mgmt-plane/L3tzY29wZX0vcHJvdmlkZXJzL21pY3Jvc29mdC5hdXRob3JpemF0aW9uL3JvbGVhc3NpZ25tZW50cy97fQ==/2022-04-01.json b/Resources/mgmt-plane/L3tzY29wZX0vcHJvdmlkZXJzL21pY3Jvc29mdC5hdXRob3JpemF0aW9uL3JvbGVhc3NpZ25tZW50cy97fQ==/2022-04-01.json new file mode 100644 index 000000000..fca544a03 --- /dev/null +++ b/Resources/mgmt-plane/L3tzY29wZX0vcHJvdmlkZXJzL21pY3Jvc29mdC5hdXRob3JpemF0aW9uL3JvbGVhc3NpZ25tZW50cy97fQ==/2022-04-01.json @@ -0,0 +1 @@ +{"plane": "mgmt-plane", "resources": [{"id": "/{scope}/providers/microsoft.authorization/roleassignments/{}", "version": "2022-04-01", "swagger": "mgmt-plane/authorization/ResourceProviders/Microsoft.Authorization/Paths/L3tzY29wZX0vcHJvdmlkZXJzL01pY3Jvc29mdC5BdXRob3JpemF0aW9uL3JvbGVBc3NpZ25tZW50cy97cm9sZUFzc2lnbm1lbnROYW1lfQ==/V/MjAyMi0wNC0wMQ=="}], "commandGroups": [{"name": "role assignment", "commands": [{"name": "show", "version": "2022-04-01", "resources": [{"id": "/{scope}/providers/microsoft.authorization/roleassignments/{}", "version": "2022-04-01", "swagger": "mgmt-plane/authorization/ResourceProviders/Microsoft.Authorization/Paths/L3tzY29wZX0vcHJvdmlkZXJzL01pY3Jvc29mdC5BdXRob3JpemF0aW9uL3JvbGVBc3NpZ25tZW50cy97cm9sZUFzc2lnbm1lbnROYW1lfQ==/V/MjAyMi0wNC0wMQ=="}], "argGroups": [{"name": "", "args": [{"type": "string", "var": "$Path.roleAssignmentName", "options": ["role-assignment-name"], "required": true, "help": {"short": "The name of the role assignment. It can be any valid GUID."}}, {"type": "string", "var": "$Path.scope", "options": ["scope"], "required": true, "help": {"short": "The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'"}}, {"type": "string", "var": "$Query.tenantId", "options": ["tenant-id"], "help": {"short": "Tenant ID for cross-tenant request"}}]}], "operations": [{"operationId": "RoleAssignments_Get", "http": {"path": "/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}", "request": {"method": "get", "path": {"params": [{"type": "string", "name": "roleAssignmentName", "arg": "$Path.roleAssignmentName", "required": true, "skipUrlEncoding": true}, {"type": "string", "name": "scope", "arg": "$Path.scope", "required": true, "skipUrlEncoding": true}]}, "query": {"params": [{"type": "string", "name": "tenantId", "arg": "$Query.tenantId"}], "consts": [{"readOnly": true, "const": true, "default": {"value": "2022-04-01"}, "type": "string", "name": "api-version", "required": true, "format": {"minLength": 1}}]}}, "responses": [{"statusCode": [200], "body": {"json": {"var": "$Instance", "schema": {"type": "object", "props": [{"readOnly": true, "type": "ResourceId", "name": "id"}, {"readOnly": true, "type": "string", "name": "name"}, {"type": "object", "name": "properties", "props": [{"type": "string", "name": "condition"}, {"type": "string", "name": "conditionVersion"}, {"readOnly": true, "type": "string", "name": "createdBy"}, {"readOnly": true, "type": "dateTime", "name": "createdOn"}, {"type": "string", "name": "delegatedManagedIdentityResourceId"}, {"type": "string", "name": "description"}, {"type": "string", "name": "principalId", "required": true}, {"default": {"value": "User"}, "type": "string", "name": "principalType", "enum": {"items": [{"value": "Device"}, {"value": "ForeignGroup"}, {"value": "Group"}, {"value": "ServicePrincipal"}, {"value": "User"}]}}, {"type": "string", "name": "roleDefinitionId", "required": true}, {"readOnly": true, "type": "string", "name": "scope"}, {"readOnly": true, "type": "string", "name": "updatedBy"}, {"readOnly": true, "type": "dateTime", "name": "updatedOn"}], "clientFlatten": true}, {"readOnly": true, "type": "string", "name": "type"}]}}}}, {"isError": true, "body": {"json": {"schema": {"type": "@MgmtErrorFormat"}}}}]}}], "outputs": [{"type": "object", "ref": "$Instance", "clientFlatten": true}]}, {"name": "delete", "version": "2022-04-01", "resources": [{"id": "/{scope}/providers/microsoft.authorization/roleassignments/{}", "version": "2022-04-01", "swagger": "mgmt-plane/authorization/ResourceProviders/Microsoft.Authorization/Paths/L3tzY29wZX0vcHJvdmlkZXJzL01pY3Jvc29mdC5BdXRob3JpemF0aW9uL3JvbGVBc3NpZ25tZW50cy97cm9sZUFzc2lnbm1lbnROYW1lfQ==/V/MjAyMi0wNC0wMQ=="}], "argGroups": [{"name": "", "args": [{"type": "string", "var": "$Path.roleAssignmentName", "options": ["role-assignment-name"], "required": true, "help": {"short": "The name of the role assignment. It can be any valid GUID."}}, {"type": "string", "var": "$Path.scope", "options": ["scope"], "required": true, "help": {"short": "The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'"}}, {"type": "string", "var": "$Query.tenantId", "options": ["tenant-id"], "help": {"short": "Tenant ID for cross-tenant request"}}]}], "operations": [{"operationId": "RoleAssignments_Delete", "http": {"path": "/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}", "request": {"method": "delete", "path": {"params": [{"type": "string", "name": "roleAssignmentName", "arg": "$Path.roleAssignmentName", "required": true, "skipUrlEncoding": true}, {"type": "string", "name": "scope", "arg": "$Path.scope", "required": true, "skipUrlEncoding": true}]}, "query": {"params": [{"type": "string", "name": "tenantId", "arg": "$Query.tenantId"}], "consts": [{"readOnly": true, "const": true, "default": {"value": "2022-04-01"}, "type": "string", "name": "api-version", "required": true, "format": {"minLength": 1}}]}}, "responses": [{"statusCode": [200], "body": {"json": {"var": "$Instance", "schema": {"type": "object", "props": [{"readOnly": true, "type": "ResourceId", "name": "id"}, {"readOnly": true, "type": "string", "name": "name"}, {"type": "object", "name": "properties", "props": [{"type": "string", "name": "condition"}, {"type": "string", "name": "conditionVersion"}, {"readOnly": true, "type": "string", "name": "createdBy"}, {"readOnly": true, "type": "dateTime", "name": "createdOn"}, {"type": "string", "name": "delegatedManagedIdentityResourceId"}, {"type": "string", "name": "description"}, {"type": "string", "name": "principalId", "required": true}, {"default": {"value": "User"}, "type": "string", "name": "principalType", "enum": {"items": [{"value": "Device"}, {"value": "ForeignGroup"}, {"value": "Group"}, {"value": "ServicePrincipal"}, {"value": "User"}]}}, {"type": "string", "name": "roleDefinitionId", "required": true}, {"readOnly": true, "type": "string", "name": "scope"}, {"readOnly": true, "type": "string", "name": "updatedBy"}, {"readOnly": true, "type": "dateTime", "name": "updatedOn"}], "clientFlatten": true}, {"readOnly": true, "type": "string", "name": "type"}]}}}}, {"statusCode": [204]}, {"isError": true, "body": {"json": {"schema": {"type": "@MgmtErrorFormat"}}}}]}}], "confirmation": "Are you sure you want to perform this operation?"}, {"name": "create", "version": "2022-04-01", "resources": [{"id": "/{scope}/providers/microsoft.authorization/roleassignments/{}", "version": "2022-04-01", "swagger": "mgmt-plane/authorization/ResourceProviders/Microsoft.Authorization/Paths/L3tzY29wZX0vcHJvdmlkZXJzL01pY3Jvc29mdC5BdXRob3JpemF0aW9uL3JvbGVBc3NpZ25tZW50cy97cm9sZUFzc2lnbm1lbnROYW1lfQ==/V/MjAyMi0wNC0wMQ=="}], "argGroups": [{"name": "", "args": [{"type": "string", "var": "$Path.roleAssignmentName", "options": ["role-assignment-name"], "required": true, "help": {"short": "The name of the role assignment. It can be any valid GUID."}}, {"type": "string", "var": "$Path.scope", "options": ["scope"], "required": true, "help": {"short": "The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'"}}]}, {"name": "Properties", "args": [{"type": "string", "var": "$parameters.properties.condition", "options": ["condition"], "group": "Properties", "help": {"short": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'"}}, {"type": "string", "var": "$parameters.properties.conditionVersion", "options": ["condition-version"], "group": "Properties", "help": {"short": "Version of the condition. Currently the only accepted value is '2.0'"}}, {"type": "string", "var": "$parameters.properties.delegatedManagedIdentityResourceId", "options": ["delegated-managed-identity-resource-id"], "group": "Properties", "help": {"short": "Id of the delegated managed identity resource"}}, {"type": "string", "var": "$parameters.properties.description", "options": ["description"], "group": "Properties", "help": {"short": "Description of role assignment"}}, {"type": "string", "var": "$parameters.properties.principalId", "options": ["principal-id"], "required": true, "group": "Properties", "help": {"short": "The principal ID."}}, {"type": "string", "var": "$parameters.properties.principalType", "options": ["principal-type"], "group": "Properties", "help": {"short": "The principal type of the assigned principal ID."}, "default": {"value": "User"}, "enum": {"items": [{"name": "Device", "value": "Device"}, {"name": "ForeignGroup", "value": "ForeignGroup"}, {"name": "Group", "value": "Group"}, {"name": "ServicePrincipal", "value": "ServicePrincipal"}, {"name": "User", "value": "User"}]}}, {"type": "string", "var": "$parameters.properties.roleDefinitionId", "options": ["role-definition-id"], "required": true, "group": "Properties", "help": {"short": "The role definition ID."}}]}], "operations": [{"operationId": "RoleAssignments_Create", "http": {"path": "/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}", "request": {"method": "put", "path": {"params": [{"type": "string", "name": "roleAssignmentName", "arg": "$Path.roleAssignmentName", "required": true, "skipUrlEncoding": true}, {"type": "string", "name": "scope", "arg": "$Path.scope", "required": true, "skipUrlEncoding": true}]}, "query": {"consts": [{"readOnly": true, "const": true, "default": {"value": "2022-04-01"}, "type": "string", "name": "api-version", "required": true, "format": {"minLength": 1}}]}, "body": {"json": {"schema": {"type": "object", "name": "parameters", "required": true, "props": [{"type": "object", "name": "properties", "required": true, "props": [{"type": "string", "name": "condition", "arg": "$parameters.properties.condition"}, {"type": "string", "name": "conditionVersion", "arg": "$parameters.properties.conditionVersion"}, {"type": "string", "name": "delegatedManagedIdentityResourceId", "arg": "$parameters.properties.delegatedManagedIdentityResourceId"}, {"type": "string", "name": "description", "arg": "$parameters.properties.description"}, {"type": "string", "name": "principalId", "arg": "$parameters.properties.principalId", "required": true}, {"default": {"value": "User"}, "type": "string", "name": "principalType", "arg": "$parameters.properties.principalType", "enum": {"items": [{"value": "Device"}, {"value": "ForeignGroup"}, {"value": "Group"}, {"value": "ServicePrincipal"}, {"value": "User"}]}}, {"type": "string", "name": "roleDefinitionId", "arg": "$parameters.properties.roleDefinitionId", "required": true}], "clientFlatten": true}], "clientFlatten": true}}}}, "responses": [{"statusCode": [200, 201], "body": {"json": {"var": "$Instance", "schema": {"type": "object", "props": [{"readOnly": true, "type": "ResourceId", "name": "id"}, {"readOnly": true, "type": "string", "name": "name"}, {"type": "object", "name": "properties", "props": [{"type": "string", "name": "condition"}, {"type": "string", "name": "conditionVersion"}, {"readOnly": true, "type": "string", "name": "createdBy"}, {"readOnly": true, "type": "dateTime", "name": "createdOn"}, {"type": "string", "name": "delegatedManagedIdentityResourceId"}, {"type": "string", "name": "description"}, {"type": "string", "name": "principalId", "required": true}, {"default": {"value": "User"}, "type": "string", "name": "principalType", "enum": {"items": [{"value": "Device"}, {"value": "ForeignGroup"}, {"value": "Group"}, {"value": "ServicePrincipal"}, {"value": "User"}]}}, {"type": "string", "name": "roleDefinitionId", "required": true}, {"readOnly": true, "type": "string", "name": "scope"}, {"readOnly": true, "type": "string", "name": "updatedBy"}, {"readOnly": true, "type": "dateTime", "name": "updatedOn"}], "clientFlatten": true}, {"readOnly": true, "type": "string", "name": "type"}]}}}}, {"isError": true, "body": {"json": {"schema": {"type": "@MgmtErrorFormat"}}}}]}}], "outputs": [{"type": "object", "ref": "$Instance", "clientFlatten": true}]}, {"name": "update", "version": "2022-04-01", "resources": [{"id": "/{scope}/providers/microsoft.authorization/roleassignments/{}", "version": "2022-04-01", "swagger": "mgmt-plane/authorization/ResourceProviders/Microsoft.Authorization/Paths/L3tzY29wZX0vcHJvdmlkZXJzL01pY3Jvc29mdC5BdXRob3JpemF0aW9uL3JvbGVBc3NpZ25tZW50cy97cm9sZUFzc2lnbm1lbnROYW1lfQ==/V/MjAyMi0wNC0wMQ=="}], "argGroups": [{"name": "", "args": [{"type": "string", "var": "$Path.roleAssignmentName", "options": ["role-assignment-name"], "required": true, "help": {"short": "The name of the role assignment. It can be any valid GUID."}}, {"type": "string", "var": "$Path.scope", "options": ["scope"], "required": true, "help": {"short": "The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'"}}]}, {"name": "Properties", "args": [{"nullable": true, "type": "string", "var": "$parameters.properties.condition", "options": ["condition"], "group": "Properties", "help": {"short": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'"}}, {"nullable": true, "type": "string", "var": "$parameters.properties.conditionVersion", "options": ["condition-version"], "group": "Properties", "help": {"short": "Version of the condition. Currently the only accepted value is '2.0'"}}, {"nullable": true, "type": "string", "var": "$parameters.properties.delegatedManagedIdentityResourceId", "options": ["delegated-managed-identity-resource-id"], "group": "Properties", "help": {"short": "Id of the delegated managed identity resource"}}, {"nullable": true, "type": "string", "var": "$parameters.properties.description", "options": ["description"], "group": "Properties", "help": {"short": "Description of role assignment"}}, {"type": "string", "var": "$parameters.properties.principalId", "options": ["principal-id"], "group": "Properties", "help": {"short": "The principal ID."}}, {"nullable": true, "type": "string", "var": "$parameters.properties.principalType", "options": ["principal-type"], "group": "Properties", "help": {"short": "The principal type of the assigned principal ID."}, "enum": {"items": [{"name": "Device", "value": "Device"}, {"name": "ForeignGroup", "value": "ForeignGroup"}, {"name": "Group", "value": "Group"}, {"name": "ServicePrincipal", "value": "ServicePrincipal"}, {"name": "User", "value": "User"}]}}, {"type": "string", "var": "$parameters.properties.roleDefinitionId", "options": ["role-definition-id"], "group": "Properties", "help": {"short": "The role definition ID."}}]}], "operations": [{"operationId": "RoleAssignments_Get", "http": {"path": "/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}", "request": {"method": "get", "path": {"params": [{"type": "string", "name": "roleAssignmentName", "arg": "$Path.roleAssignmentName", "required": true, "skipUrlEncoding": true}, {"type": "string", "name": "scope", "arg": "$Path.scope", "required": true, "skipUrlEncoding": true}]}, "query": {"consts": [{"readOnly": true, "const": true, "default": {"value": "2022-04-01"}, "type": "string", "name": "api-version", "required": true, "format": {"minLength": 1}}]}}, "responses": [{"statusCode": [200], "body": {"json": {"var": "$Instance", "schema": {"type": "object", "props": [{"readOnly": true, "type": "ResourceId", "name": "id"}, {"readOnly": true, "type": "string", "name": "name"}, {"type": "object", "name": "properties", "props": [{"type": "string", "name": "condition"}, {"type": "string", "name": "conditionVersion"}, {"readOnly": true, "type": "string", "name": "createdBy"}, {"readOnly": true, "type": "dateTime", "name": "createdOn"}, {"type": "string", "name": "delegatedManagedIdentityResourceId"}, {"type": "string", "name": "description"}, {"type": "string", "name": "principalId", "required": true}, {"default": {"value": "User"}, "type": "string", "name": "principalType", "enum": {"items": [{"value": "Device"}, {"value": "ForeignGroup"}, {"value": "Group"}, {"value": "ServicePrincipal"}, {"value": "User"}]}}, {"type": "string", "name": "roleDefinitionId", "required": true}, {"readOnly": true, "type": "string", "name": "scope"}, {"readOnly": true, "type": "string", "name": "updatedBy"}, {"readOnly": true, "type": "dateTime", "name": "updatedOn"}], "clientFlatten": true}, {"readOnly": true, "type": "string", "name": "type"}], "cls": "RoleAssignment_read"}}}}, {"isError": true, "body": {"json": {"schema": {"type": "@MgmtErrorFormat"}}}}]}}, {"instanceUpdate": {"ref": "$Instance", "json": {"schema": {"type": "object", "name": "parameters", "required": true, "props": [{"type": "object", "name": "properties", "required": true, "props": [{"type": "string", "name": "condition", "arg": "$parameters.properties.condition"}, {"type": "string", "name": "conditionVersion", "arg": "$parameters.properties.conditionVersion"}, {"type": "string", "name": "delegatedManagedIdentityResourceId", "arg": "$parameters.properties.delegatedManagedIdentityResourceId"}, {"type": "string", "name": "description", "arg": "$parameters.properties.description"}, {"type": "string", "name": "principalId", "arg": "$parameters.properties.principalId", "required": true}, {"default": {"value": "User"}, "type": "string", "name": "principalType", "arg": "$parameters.properties.principalType", "enum": {"items": [{"value": "Device"}, {"value": "ForeignGroup"}, {"value": "Group"}, {"value": "ServicePrincipal"}, {"value": "User"}]}}, {"type": "string", "name": "roleDefinitionId", "arg": "$parameters.properties.roleDefinitionId", "required": true}], "clientFlatten": true}], "clientFlatten": true}}}}, {"operationId": "RoleAssignments_Create", "http": {"path": "/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}", "request": {"method": "put", "path": {"params": [{"type": "string", "name": "roleAssignmentName", "arg": "$Path.roleAssignmentName", "required": true, "skipUrlEncoding": true}, {"type": "string", "name": "scope", "arg": "$Path.scope", "required": true, "skipUrlEncoding": true}]}, "query": {"consts": [{"readOnly": true, "const": true, "default": {"value": "2022-04-01"}, "type": "string", "name": "api-version", "required": true, "format": {"minLength": 1}}]}, "body": {"json": {"ref": "$Instance"}}}, "responses": [{"statusCode": [200, 201], "body": {"json": {"var": "$Instance", "schema": {"type": "@RoleAssignment_read"}}}}, {"isError": true, "body": {"json": {"schema": {"type": "@MgmtErrorFormat"}}}}]}}], "outputs": [{"type": "object", "ref": "$Instance", "clientFlatten": true}]}]}]} \ No newline at end of file diff --git a/Resources/mgmt-plane/L3tzY29wZX0vcHJvdmlkZXJzL21pY3Jvc29mdC5hdXRob3JpemF0aW9uL3JvbGVhc3NpZ25tZW50cy97fQ==/2022-04-01.xml b/Resources/mgmt-plane/L3tzY29wZX0vcHJvdmlkZXJzL21pY3Jvc29mdC5hdXRob3JpemF0aW9uL3JvbGVhc3NpZ25tZW50cy97fQ==/2022-04-01.xml new file mode 100644 index 000000000..c69bb5806 --- /dev/null +++ b/Resources/mgmt-plane/L3tzY29wZX0vcHJvdmlkZXJzL21pY3Jvc29mdC5hdXRob3JpemF0aW9uL3JvbGVhc3NpZ25tZW50cy97fQ==/2022-04-01.xml @@ -0,0 +1,434 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +