Use this data source to access the properties of a built-in Role Definition. To access information about a custom Role Definition, please see the azurerm_role_definition
data source instead.
data "azurerm_builtin_role_definition" "contributor" { name = "Contributor" } output "contributor_role_definition_id" { value = "${data.azurerm_builtin_role_definition.contributor.id}" }
name
- (Required) Specifies the name of the built-in Role Definition. Possible values are: Contributor
, Owner
, Reader
and VirtualMachineContributor
. id
- the ID of the built-in Role Definition. description
- the Description of the built-in Role. type
- the Type of the Role. permissions
- a permissions
block as documented below. assignable_scopes
- One or more assignable scopes for this Role Definition, such as /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333
, /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup
, or /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM
. A permissions
block contains:
actions
- a list of actions supported by this role not_actions
- a list of actions which are denied by this role
© 2018 HashiCorpLicensed under the MPL 2.0 License.
https://www.terraform.io/docs/providers/azurerm/d/builtin_role_definition.html