Mixing
Get access control list (IAM) of a resource group in Node.js
I am using Node.js to interact with Azure, for example, to create a resource group:
const { ResourceManagementClient } = require('azure-arm-resource');
createResourceGroup(location, groupName) {
const groupParameters = {
location: location,
};
return this.resourceClient.resourceGroups.createOrUpdate(groupName, groupParameters);
}
How can I use these azure-arm modules to retrieve the access control (IAM) list of a resource group?
I mean to this list:
javascript node.js
azure azure-active-directory azure-resource-manager asked Jan 1 at 10:15
AlonAlon
43652663
add a comment |
I am using Node.js to interact with Azure, for example, to create a resource group:
const { ResourceManagementClient } = require('azure-arm-resource');
createResourceGroup(location, groupName) {
const groupParameters = {
location: location,
};
return this.resourceClient.resourceGroups.createOrUpdate(groupName, groupParameters);
}
How can I use these azure-arm modules to retrieve the access control (IAM) list of a resource group?
I mean to this list:
javascript node.js
azure azure-active-directory azure-resource-manager asked Jan 1 at 10:15
AlonAlon
43652663
add a comment |
I am using Node.js to interact with Azure, for example, to create a resource group:
const { ResourceManagementClient } = require('azure-arm-resource');
createResourceGroup(location, groupName) {
const groupParameters = {
location: location,
};
return this.resourceClient.resourceGroups.createOrUpdate(groupName, groupParameters);
}
How can I use these azure-arm modules to retrieve the access control (IAM) list of a resource group?
I mean to this list:
javascript node.js
azure azure-active-directory azure-resource-manager asked Jan 1 at 10:15
AlonAlon
43652663
I am using Node.js to interact with Azure, for example, to create a resource group:
const { ResourceManagementClient } = require('azure-arm-resource');
createResourceGroup(location, groupName) {
const groupParameters = {
location: location,
};
return this.resourceClient.resourceGroups.createOrUpdate(groupName, groupParameters);
}
How can I use these azure-arm modules to retrieve the access control (IAM) list of a resource group?
I mean to this list:
javascript node.js
azure azure-active-directory azure-resource-manager javascript node.js
azure azure-active-directory azure-resource-manager asked Jan 1 at 10:15
AlonAlon
43652663
asked Jan 1 at 10:15
AlonAlon
43652663
asked Jan 1 at 10:15
AlonAlon
43652663
asked Jan 1 at 10:15
AlonAlon
43652663
asked Jan 1 at 10:15
AlonAlon
43652663
43652663
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
You will need to make use of the Azure Authorization Modules for Node.js
Here is sample code based on Microsoft Docs
Installing Azure Authorization module
npm install azure-arm-authorization
List all role assignments for a specific resource group
const msRestAzure = require('ms-rest-azure');
const authorizationManagement = require('azure-arm-authorization');
const resourceGroup = 'resource-group-name';
const subscriptionId = 'your-subscription-id';
msRestAzure.interactiveLogin().then(credentials => {
const client = new authorizationManagement(credentials, subscriptionId);
client.roleAssignments.listForResourceGroup(resourceGroupName).then(result => {
console.log(result);
});
});
Also on a side note, know that the actual REST API being used for these operations is:
Role Assignments - List For Resource Group
GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/roleAssignments?api-version=2015-07-01
Similar API, which accepts a generic scope (to work with not just resource groups but other resources as well)
Role Assignments - List For Scope
GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleAssignments?api-version=2015-07-01
UPDATE (trying to answer queries from comments)
Using the code above to list all role assignments for a specific resource group (or role assignments - list for resource group REST API).. you will be returned a collection of role assignments, like your comments reflect.
I suppose this is what you need based on the screenshot from your question, as you have Role Assignments tab selected and the list is being shown below in Azure Portal.
Now a role assignment in itself is formed by:
A security principal Id (user, group, service principal etc. to whom you're trying to give permissions through a role)
Role Definition Id (identifier for the role which you assigning like contributor, owner or a custom RBAC role for that matter)
Scope (at which this role is assigned, like at subscription level or at a specific resource group or resource level)
This concept is explained in detail and very well here on Microsoft Docs
For your purpose to make sense of the response UUIDs, you will be able to find the list of all role definitions (to know their ID, Name Description etc. using Role Definitions List through node SDK or using Role Definitions - List REST API
Principal ID is the ID of user, group or app service principal.
Scope in your case is the resource group that you're trying to query role assignments for.
answered Jan 1 at 20:57
Rohit SaigalRohit Saigal
3,6172219
It works but the response is not so useful. The 'type' field is supposed to be either User, Group or App, but it is always ' type:"Microsoft.Authorization/roleAssignments"'. All the other fields (id, name, principalId, roleDefinitionId and scope) contain UUID. for example:
– Alon
Jan 2 at 13:36
id:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98/providers/Microsoft.Authorization/roleAssignments/c5f2db94-98c3-3671-8092-fc33d8a474d7" name:"c5f2db94-98c3-3671-8092-fc33d8a474d7" principalId:"53a71af7-c241-34e1-b77b-e98151ca6b3f" roleDefinitionId:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98/providers/Microsoft.Authorization/roleDefinitions/b23988ac-5180-32a0-ab88-20f7682dd23c" scope:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98" type:"Microsoft.Authorization/roleAssignments"
– Alon
Jan 2 at 13:39
Using the code I've mentioned or API, you will be getting back a list of role assignments.. if you look at the screenshot from your question, you will see that is the tab you have selected in portal as well.. Now role assignment in itself has 3 parts.. Security Principal (like user, group etc.), what role they have been assigned (role definition id) and the scope at which they have been assigned this role. It's a little subjective, so I'll try to update my answer and give you more info there..
– Rohit Saigal
Jan 3 at 4:16
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53994646%2fget-access-control-list-iam-of-a-resource-group-in-node-js%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
You will need to make use of the Azure Authorization Modules for Node.js
Here is sample code based on Microsoft Docs
Installing Azure Authorization module
npm install azure-arm-authorization
List all role assignments for a specific resource group
const msRestAzure = require('ms-rest-azure');
const authorizationManagement = require('azure-arm-authorization');
const resourceGroup = 'resource-group-name';
const subscriptionId = 'your-subscription-id';
msRestAzure.interactiveLogin().then(credentials => {
const client = new authorizationManagement(credentials, subscriptionId);
client.roleAssignments.listForResourceGroup(resourceGroupName).then(result => {
console.log(result);
});
});
Also on a side note, know that the actual REST API being used for these operations is:
Role Assignments - List For Resource Group
GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/roleAssignments?api-version=2015-07-01
Similar API, which accepts a generic scope (to work with not just resource groups but other resources as well)
Role Assignments - List For Scope
GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleAssignments?api-version=2015-07-01
UPDATE (trying to answer queries from comments)
Using the code above to list all role assignments for a specific resource group (or role assignments - list for resource group REST API).. you will be returned a collection of role assignments, like your comments reflect.
I suppose this is what you need based on the screenshot from your question, as you have Role Assignments tab selected and the list is being shown below in Azure Portal.
Now a role assignment in itself is formed by:
A security principal Id (user, group, service principal etc. to whom you're trying to give permissions through a role)
Role Definition Id (identifier for the role which you assigning like contributor, owner or a custom RBAC role for that matter)
Scope (at which this role is assigned, like at subscription level or at a specific resource group or resource level)
This concept is explained in detail and very well here on Microsoft Docs
For your purpose to make sense of the response UUIDs, you will be able to find the list of all role definitions (to know their ID, Name Description etc. using Role Definitions List through node SDK or using Role Definitions - List REST API
Principal ID is the ID of user, group or app service principal.
Scope in your case is the resource group that you're trying to query role assignments for.
answered Jan 1 at 20:57
Rohit SaigalRohit Saigal
3,6172219
It works but the response is not so useful. The 'type' field is supposed to be either User, Group or App, but it is always ' type:"Microsoft.Authorization/roleAssignments"'. All the other fields (id, name, principalId, roleDefinitionId and scope) contain UUID. for example:
– Alon
Jan 2 at 13:36
id:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98/providers/Microsoft.Authorization/roleAssignments/c5f2db94-98c3-3671-8092-fc33d8a474d7" name:"c5f2db94-98c3-3671-8092-fc33d8a474d7" principalId:"53a71af7-c241-34e1-b77b-e98151ca6b3f" roleDefinitionId:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98/providers/Microsoft.Authorization/roleDefinitions/b23988ac-5180-32a0-ab88-20f7682dd23c" scope:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98" type:"Microsoft.Authorization/roleAssignments"
– Alon
Jan 2 at 13:39
Using the code I've mentioned or API, you will be getting back a list of role assignments.. if you look at the screenshot from your question, you will see that is the tab you have selected in portal as well.. Now role assignment in itself has 3 parts.. Security Principal (like user, group etc.), what role they have been assigned (role definition id) and the scope at which they have been assigned this role. It's a little subjective, so I'll try to update my answer and give you more info there..
– Rohit Saigal
Jan 3 at 4:16
add a comment |
You will need to make use of the Azure Authorization Modules for Node.js
Here is sample code based on Microsoft Docs
Installing Azure Authorization module
npm install azure-arm-authorization
List all role assignments for a specific resource group
const msRestAzure = require('ms-rest-azure');
const authorizationManagement = require('azure-arm-authorization');
const resourceGroup = 'resource-group-name';
const subscriptionId = 'your-subscription-id';
msRestAzure.interactiveLogin().then(credentials => {
const client = new authorizationManagement(credentials, subscriptionId);
client.roleAssignments.listForResourceGroup(resourceGroupName).then(result => {
console.log(result);
});
});
Also on a side note, know that the actual REST API being used for these operations is:
Role Assignments - List For Resource Group
GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/roleAssignments?api-version=2015-07-01
Similar API, which accepts a generic scope (to work with not just resource groups but other resources as well)
Role Assignments - List For Scope
GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleAssignments?api-version=2015-07-01
UPDATE (trying to answer queries from comments)
Using the code above to list all role assignments for a specific resource group (or role assignments - list for resource group REST API).. you will be returned a collection of role assignments, like your comments reflect.
I suppose this is what you need based on the screenshot from your question, as you have Role Assignments tab selected and the list is being shown below in Azure Portal.
Now a role assignment in itself is formed by:
A security principal Id (user, group, service principal etc. to whom you're trying to give permissions through a role)
Role Definition Id (identifier for the role which you assigning like contributor, owner or a custom RBAC role for that matter)
Scope (at which this role is assigned, like at subscription level or at a specific resource group or resource level)
This concept is explained in detail and very well here on Microsoft Docs
For your purpose to make sense of the response UUIDs, you will be able to find the list of all role definitions (to know their ID, Name Description etc. using Role Definitions List through node SDK or using Role Definitions - List REST API
Principal ID is the ID of user, group or app service principal.
Scope in your case is the resource group that you're trying to query role assignments for.
answered Jan 1 at 20:57
Rohit SaigalRohit Saigal
3,6172219
It works but the response is not so useful. The 'type' field is supposed to be either User, Group or App, but it is always ' type:"Microsoft.Authorization/roleAssignments"'. All the other fields (id, name, principalId, roleDefinitionId and scope) contain UUID. for example:
– Alon
Jan 2 at 13:36
id:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98/providers/Microsoft.Authorization/roleAssignments/c5f2db94-98c3-3671-8092-fc33d8a474d7" name:"c5f2db94-98c3-3671-8092-fc33d8a474d7" principalId:"53a71af7-c241-34e1-b77b-e98151ca6b3f" roleDefinitionId:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98/providers/Microsoft.Authorization/roleDefinitions/b23988ac-5180-32a0-ab88-20f7682dd23c" scope:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98" type:"Microsoft.Authorization/roleAssignments"
– Alon
Jan 2 at 13:39
Using the code I've mentioned or API, you will be getting back a list of role assignments.. if you look at the screenshot from your question, you will see that is the tab you have selected in portal as well.. Now role assignment in itself has 3 parts.. Security Principal (like user, group etc.), what role they have been assigned (role definition id) and the scope at which they have been assigned this role. It's a little subjective, so I'll try to update my answer and give you more info there..
– Rohit Saigal
Jan 3 at 4:16
add a comment |
You will need to make use of the Azure Authorization Modules for Node.js
Here is sample code based on Microsoft Docs
Installing Azure Authorization module
npm install azure-arm-authorization
List all role assignments for a specific resource group
const msRestAzure = require('ms-rest-azure');
const authorizationManagement = require('azure-arm-authorization');
const resourceGroup = 'resource-group-name';
const subscriptionId = 'your-subscription-id';
msRestAzure.interactiveLogin().then(credentials => {
const client = new authorizationManagement(credentials, subscriptionId);
client.roleAssignments.listForResourceGroup(resourceGroupName).then(result => {
console.log(result);
});
});
Also on a side note, know that the actual REST API being used for these operations is:
Role Assignments - List For Resource Group
GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/roleAssignments?api-version=2015-07-01
Similar API, which accepts a generic scope (to work with not just resource groups but other resources as well)
Role Assignments - List For Scope
GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleAssignments?api-version=2015-07-01
UPDATE (trying to answer queries from comments)
Using the code above to list all role assignments for a specific resource group (or role assignments - list for resource group REST API).. you will be returned a collection of role assignments, like your comments reflect.
I suppose this is what you need based on the screenshot from your question, as you have Role Assignments tab selected and the list is being shown below in Azure Portal.
Now a role assignment in itself is formed by:
A security principal Id (user, group, service principal etc. to whom you're trying to give permissions through a role)
Role Definition Id (identifier for the role which you assigning like contributor, owner or a custom RBAC role for that matter)
Scope (at which this role is assigned, like at subscription level or at a specific resource group or resource level)
This concept is explained in detail and very well here on Microsoft Docs
For your purpose to make sense of the response UUIDs, you will be able to find the list of all role definitions (to know their ID, Name Description etc. using Role Definitions List through node SDK or using Role Definitions - List REST API
Principal ID is the ID of user, group or app service principal.
Scope in your case is the resource group that you're trying to query role assignments for.
answered Jan 1 at 20:57
Rohit SaigalRohit Saigal
3,6172219
You will need to make use of the Azure Authorization Modules for Node.js
Here is sample code based on Microsoft Docs
Installing Azure Authorization module
npm install azure-arm-authorization
List all role assignments for a specific resource group
const msRestAzure = require('ms-rest-azure');
const authorizationManagement = require('azure-arm-authorization');
const resourceGroup = 'resource-group-name';
const subscriptionId = 'your-subscription-id';
msRestAzure.interactiveLogin().then(credentials => {
const client = new authorizationManagement(credentials, subscriptionId);
client.roleAssignments.listForResourceGroup(resourceGroupName).then(result => {
console.log(result);
});
});
Also on a side note, know that the actual REST API being used for these operations is:
Role Assignments - List For Resource Group
GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/roleAssignments?api-version=2015-07-01
Similar API, which accepts a generic scope (to work with not just resource groups but other resources as well)
Role Assignments - List For Scope
GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleAssignments?api-version=2015-07-01
UPDATE (trying to answer queries from comments)
Using the code above to list all role assignments for a specific resource group (or role assignments - list for resource group REST API).. you will be returned a collection of role assignments, like your comments reflect.
I suppose this is what you need based on the screenshot from your question, as you have Role Assignments tab selected and the list is being shown below in Azure Portal.
Now a role assignment in itself is formed by:
A security principal Id (user, group, service principal etc. to whom you're trying to give permissions through a role)
Role Definition Id (identifier for the role which you assigning like contributor, owner or a custom RBAC role for that matter)
Scope (at which this role is assigned, like at subscription level or at a specific resource group or resource level)
This concept is explained in detail and very well here on Microsoft Docs
For your purpose to make sense of the response UUIDs, you will be able to find the list of all role definitions (to know their ID, Name Description etc. using Role Definitions List through node SDK or using Role Definitions - List REST API
Principal ID is the ID of user, group or app service principal.
Scope in your case is the resource group that you're trying to query role assignments for.
answered Jan 1 at 20:57
Rohit SaigalRohit Saigal
3,6172219
edited Jan 3 at 4:38
answered Jan 1 at 20:57
Rohit SaigalRohit Saigal
3,6172219
answered Jan 1 at 20:57
Rohit SaigalRohit Saigal
3,6172219
answered Jan 1 at 20:57
Rohit SaigalRohit Saigal
3,6172219
3,6172219
It works but the response is not so useful. The 'type' field is supposed to be either User, Group or App, but it is always ' type:"Microsoft.Authorization/roleAssignments"'. All the other fields (id, name, principalId, roleDefinitionId and scope) contain UUID. for example:
– Alon
Jan 2 at 13:36
id:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98/providers/Microsoft.Authorization/roleAssignments/c5f2db94-98c3-3671-8092-fc33d8a474d7" name:"c5f2db94-98c3-3671-8092-fc33d8a474d7" principalId:"53a71af7-c241-34e1-b77b-e98151ca6b3f" roleDefinitionId:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98/providers/Microsoft.Authorization/roleDefinitions/b23988ac-5180-32a0-ab88-20f7682dd23c" scope:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98" type:"Microsoft.Authorization/roleAssignments"
– Alon
Jan 2 at 13:39
Using the code I've mentioned or API, you will be getting back a list of role assignments.. if you look at the screenshot from your question, you will see that is the tab you have selected in portal as well.. Now role assignment in itself has 3 parts.. Security Principal (like user, group etc.), what role they have been assigned (role definition id) and the scope at which they have been assigned this role. It's a little subjective, so I'll try to update my answer and give you more info there..
– Rohit Saigal
Jan 3 at 4:16
add a comment |
It works but the response is not so useful. The 'type' field is supposed to be either User, Group or App, but it is always ' type:"Microsoft.Authorization/roleAssignments"'. All the other fields (id, name, principalId, roleDefinitionId and scope) contain UUID. for example:
– Alon
Jan 2 at 13:36
id:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98/providers/Microsoft.Authorization/roleAssignments/c5f2db94-98c3-3671-8092-fc33d8a474d7" name:"c5f2db94-98c3-3671-8092-fc33d8a474d7" principalId:"53a71af7-c241-34e1-b77b-e98151ca6b3f" roleDefinitionId:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98/providers/Microsoft.Authorization/roleDefinitions/b23988ac-5180-32a0-ab88-20f7682dd23c" scope:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98" type:"Microsoft.Authorization/roleAssignments"
– Alon
Jan 2 at 13:39
Using the code I've mentioned or API, you will be getting back a list of role assignments.. if you look at the screenshot from your question, you will see that is the tab you have selected in portal as well.. Now role assignment in itself has 3 parts.. Security Principal (like user, group etc.), what role they have been assigned (role definition id) and the scope at which they have been assigned this role. It's a little subjective, so I'll try to update my answer and give you more info there..
– Rohit Saigal
Jan 3 at 4:16
It works but the response is not so useful. The 'type' field is supposed to be either User, Group or App, but it is always ' type:"Microsoft.Authorization/roleAssignments"'. All the other fields (id, name, principalId, roleDefinitionId and scope) contain UUID. for example:
– Alon
Jan 2 at 13:36
It works but the response is not so useful. The 'type' field is supposed to be either User, Group or App, but it is always ' type:"Microsoft.Authorization/roleAssignments"'. All the other fields (id, name, principalId, roleDefinitionId and scope) contain UUID. for example:
– Alon
Jan 2 at 13:36
id:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98/providers/Microsoft.Authorization/roleAssignments/c5f2db94-98c3-3671-8092-fc33d8a474d7" name:"c5f2db94-98c3-3671-8092-fc33d8a474d7" principalId:"53a71af7-c241-34e1-b77b-e98151ca6b3f" roleDefinitionId:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98/providers/Microsoft.Authorization/roleDefinitions/b23988ac-5180-32a0-ab88-20f7682dd23c" scope:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98" type:"Microsoft.Authorization/roleAssignments"
– Alon
Jan 2 at 13:39
id:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98/providers/Microsoft.Authorization/roleAssignments/c5f2db94-98c3-3671-8092-fc33d8a474d7" name:"c5f2db94-98c3-3671-8092-fc33d8a474d7" principalId:"53a71af7-c241-34e1-b77b-e98151ca6b3f" roleDefinitionId:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98/providers/Microsoft.Authorization/roleDefinitions/b23988ac-5180-32a0-ab88-20f7682dd23c" scope:"/subscriptions/de8abfb7-b22b-3c95-8e00-a1a8219e0d98" type:"Microsoft.Authorization/roleAssignments"
– Alon
Jan 2 at 13:39
Using the code I've mentioned or API, you will be getting back a list of role assignments.. if you look at the screenshot from your question, you will see that is the tab you have selected in portal as well.. Now role assignment in itself has 3 parts.. Security Principal (like user, group etc.), what role they have been assigned (role definition id) and the scope at which they have been assigned this role. It's a little subjective, so I'll try to update my answer and give you more info there..
– Rohit Saigal
Jan 3 at 4:16
Using the code I've mentioned or API, you will be getting back a list of role assignments.. if you look at the screenshot from your question, you will see that is the tab you have selected in portal as well.. Now role assignment in itself has 3 parts.. Security Principal (like user, group etc.), what role they have been assigned (role definition id) and the scope at which they have been assigned this role. It's a little subjective, so I'll try to update my answer and give you more info there..
– Rohit Saigal
Jan 3 at 4:16
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53994646%2fget-access-control-list-iam-of-a-resource-group-in-node-js%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
