Use this data source to access the properties of a built-in Role Definition. To access information about a custom Role Definition, please see the azurerm_role_definition data source instead.
data "azurerm_builtin_role_definition" "contributor" {
name = "Contributor"
}
output "contributor_role_definition_id" {
value = "${data.azurerm_builtin_role_definition.contributor.id}"
}
name - (Required) Specifies the name of the built-in Role Definition. Possible values are: Contributor, Owner, Reader and VirtualMachineContributor. id - the ID of the built-in Role Definition. description - the Description of the built-in Role. type - the Type of the Role. permissions - a permissions block as documented below. assignable_scopes - One or more assignable scopes for this Role Definition, such as /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333, /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup, or /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM. A permissions block contains:
actions - a list of actions supported by this role not_actions - a list of actions which are denied by this role
© 2018 HashiCorpLicensed under the MPL 2.0 License.
https://www.terraform.io/docs/providers/azurerm/d/builtin_role_definition.html