Skip to content

Commit 8342708

Browse files
rolyonrolyon
committed
List all role definitions
1 parent 75a8882 commit 8342708

File tree

1 file changed

+85
-0
lines changed

1 file changed

+85
-0
lines changed

articles/role-based-access-control/role-definitions-list.md

Lines changed: 85 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -337,6 +337,91 @@ You must use the following version:
337337

338338
For more information, see [API versions of Azure RBAC REST APIs](/rest/api/authorization/versions).
339339

340+
### List all role definitions
341+
342+
To list role definitions in a tenant, use the [Role Definitions - List](/rest/api/authorization/role-definitions/list) REST API.
343+
344+
- The following example lists all role definitions in a tenant:
345+
346+
**Request**
347+
348+
```http
349+
GET https://management.azure.com/providers/Microsoft.Authorization/roleDefinitions?api-version=2022-04-01
350+
```
351+
352+
**Response**
353+
354+
```json
355+
{
356+
"value": [
357+
{
358+
"properties": {
359+
"roleName": "Billing Reader Plus",
360+
"type": "CustomRole",
361+
"description": "Read billing data and download invoices",
362+
"assignableScopes": [
363+
"/subscriptions/473a4f86-11e3-48cb-9358-e13c220a2f15"
364+
],
365+
"permissions": [
366+
{
367+
"actions": [
368+
"Microsoft.Authorization/*/read",
369+
"Microsoft.Billing/*/read",
370+
"Microsoft.Commerce/*/read",
371+
"Microsoft.Consumption/*/read",
372+
"Microsoft.Management/managementGroups/read",
373+
"Microsoft.CostManagement/*/read",
374+
"Microsoft.Billing/invoices/download/action",
375+
"Microsoft.CostManagement/exports/*"
376+
],
377+
"notActions": [
378+
"Microsoft.CostManagement/exports/delete"
379+
],
380+
"dataActions": [],
381+
"notDataActions": []
382+
}
383+
],
384+
"createdOn": "2021-05-22T21:57:23.5764138Z",
385+
"updatedOn": "2021-05-22T21:57:23.5764138Z",
386+
"createdBy": "68f66d4c-c0eb-4009-819b-e5315d677d70",
387+
"updatedBy": "68f66d4c-c0eb-4009-819b-e5315d677d70"
388+
},
389+
"id": "/providers/Microsoft.Authorization/roleDefinitions/17adabda-4bf1-4f4e-8c97-1f0cab6dea1c",
390+
"type": "Microsoft.Authorization/roleDefinitions",
391+
"name": "17adabda-4bf1-4f4e-8c97-1f0cab6dea1c"
392+
},
393+
{
394+
"properties": {
395+
"roleName": "AcrPush",
396+
"type": "BuiltInRole",
397+
"description": "acr push",
398+
"assignableScopes": [
399+
"/"
400+
],
401+
"permissions": [
402+
{
403+
"actions": [
404+
"Microsoft.ContainerRegistry/registries/pull/read",
405+
"Microsoft.ContainerRegistry/registries/push/write"
406+
],
407+
"notActions": [],
408+
"dataActions": [],
409+
"notDataActions": []
410+
}
411+
],
412+
"createdOn": "2018-10-29T17:52:32.5201177Z",
413+
"updatedOn": "2021-11-11T20:13:07.4993029Z",
414+
"createdBy": null,
415+
"updatedBy": null
416+
},
417+
"id": "/providers/Microsoft.Authorization/roleDefinitions/8311e382-0749-4cb8-b61a-304f252e45ec",
418+
"type": "Microsoft.Authorization/roleDefinitions",
419+
"name": "8311e382-0749-4cb8-b61a-304f252e45ec"
420+
}
421+
]
422+
}
423+
```
424+
340425
### List role definitions
341426
342427
To list role definitions, use the [Role Definitions - List](/rest/api/authorization/role-definitions/list) REST API. To refine your results, you specify a scope and an optional filter.

0 commit comments

Comments
 (0)