Documentation
¶
Index ¶
- func Create(ctx context.Context, armConfig *armauth.ArmConfig, ...) (*armauthorization.RoleAssignment, error)
- func Delete(ctx context.Context, armConfig *armauth.ArmConfig, roleID string) error
- func GetRoleDefinitionID(ctx context.Context, armConfig *armauth.ArmConfig, ...) (roleDefinitionID string, err error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Create ¶
func Create(ctx context.Context, armConfig *armauth.ArmConfig, subscriptionID, principalID, scope, roleNameOrID string) (*armauthorization.RoleAssignment, error)
Create checks if a role assignment already exists for a given managed identity, and if not, creates a new role assignment. If an error is encountered, it is retried up to 100 times. principalID - The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group. scope - fully qualified identifier of the scope of the role assignment to create. Example: '/subscriptions/{subscription-id}/', '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' roleNameOrID - Name of the role ('Reader') or definition id ('acdd72a7-3385-48ef-bd42-f606fba81ae7') for the role to be assigned.
func Delete ¶
Delete parses the roleID, creates a role assignments client, and deletes the role assignment with the given roleID, returning an error if one occurs.
func GetRoleDefinitionID ¶
func GetRoleDefinitionID(ctx context.Context, armConfig *armauth.ArmConfig, subscriptionID, scope, roleNameOrID string) (roleDefinitionID string, err error)
GetRoleDefinitionID checks if the provided roleNameOrID is a role definition ID or a role name, and returns the corresponding role definition ID. roleDefinitionID: fully qualified identifier of role definition, example: "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c"
Types ¶
This section is empty.
Source Files