How to get Role Definition using Azure CLI
I am using the below commands to get the role definition details
az role definition list --name "Storage Blob Data Owner"
Or
az role definition list --name "b7e6dc6d-f1e8-4753-8033-0f276bb0955b"
And it is working fine however for other roles like readerRoleId 00000000-0000-0000-0000-000000000001 it does not work and returns empty.
What command should I use instead?
Solution
Note that 00000000-0000-0000-0000-000000000001 is role ID for Cosmos DB Built-in Data Reader Role. It is not a standard Azure RBAC role, so it cannot be retrieved using the az role definition list command.
Initially, I too got blank results when I run below Azure CLI command:
az role definition list --name "00000000-0000-0000-0000-000000000001"
Response:
To retrieve the role definition for a Cosmos DB SQL role, use this Azure CLI command:
az cosmosdb sql role definition show --account-name cosmosdbname --resource-group rgname --id "00000000-0000-0000-0000-000000000001"
Response:
Reference:
Use data plane role-based access control - Azure Cosmos DB for NoSQL | Microsoft
- "Schema" property not found in Postgres Connector
- Downloading file from Azure blob storage via Memory Stream
- Reading env variable from template.yaml
- HTTP Error 500.30 - ASP.NET Core app failed to start - Azure
- Azure DevOps Pipelines: TerraformTaskV4: init with different subscription and Workflow Identity Federation
- Enabling HTTPS for a Azure blob static website
- How to search across many Azure Devops Git project and find all files which contain specific text AND which filename contains "Resource"
- Hosting SPA with Static Website option on Azure Blob Storage (clean URLs and Deep links)
- Using Managed Identity to Access Azure OpenAI Service
- Azure data factory not loading
- Transfer encrypted dataprotection keys from a windows vm to azure keyvault
- Refresh powerBI data with additional column
- Azure Application Insights AKS - How to Create 1 custom alert rule which will trigger multiple alerts, but with different names (per pod name)?
- gRPC and REST side by side in Azure App Service, Linux Container
- Connecting to a SignalR WSS stream but not getting the response i am looking for
- SignalR prevent user from opening multiple sessions in different tabs
- Application Insights -_logger.LogInformation
- CosmosDB is not allowing serverless capabalities to NoSQL, it says I must use CapacityMode
- Azure Webapp / Website Swap : HTTP Ping Error
- Microsoft Graph API - Update phoneMethods is no longer working
- Use Azure Key Vault secret in Header section of Web Activity
- Azure Storage blob getting the io.netty.channel.StacklessClosedChannelException while generating /downloading the from SasUrl
- How do I save and later load Azure AnalyzeResult object in python?
- Office 365 Exchange Online permission is not visible for registered application in azure active directory
- Azure ADF - HTTP : Table from list
- Self hosted azure devops build agent not getting tool from $PATH
- Azure devops pipeline stages template nesting
- Azure APIM is returning the incorrect HTTP response error when call is missing mandatory querystring parameter
- Azure DevOps build pipeline logid for a specific task - dynamically
- PS script to fetch the list non-compliance resource list with respect to policy from multiple subscriptions