az cosmosdb sql role assignment
Manage Azure Cosmos DB SQL role assignments.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az cosmosdb sql role assignment create |
Create a SQL role assignment under an Azure Cosmos DB account. |
Core | GA |
| az cosmosdb sql role assignment delete |
Delete a SQL role assignment under an Azure Cosmos DB account. |
Core | GA |
| az cosmosdb sql role assignment exists |
Check if an Azure Cosmos DB role assignment exists. |
Core | GA |
| az cosmosdb sql role assignment list |
List all SQL role assignments under an Azure Cosmos DB account. |
Core | GA |
| az cosmosdb sql role assignment show |
Show the properties of a SQL role assignment under an Azure Cosmos DB account. |
Core | GA |
| az cosmosdb sql role assignment update |
Update a SQL role assignment under an Azure Cosmos DB account. |
Core | GA |
| az cosmosdb sql role assignment wait |
Poll on a SQL role assignment until a specific condition is met. |
Core | GA |
az cosmosdb sql role assignment create
Create a SQL role assignment under an Azure Cosmos DB account.
az cosmosdb sql role assignment create --account-name
--principal-id
--resource-group
--scope
[--no-wait]
[--role-assignment-id]
[--role-definition-id]
[--role-definition-name]Examples
Create a SQL role assignment under an Azure Cosmos DB account using Role Definition Name.
az cosmosdb sql role assignment create --account-name MyAccount --resource-group MyResourceGroup \
--role-assignment-id cb8ed2d7-2371-4e3c-bd31-6cc1560e84f8 \
--role-definition-name "My Read Only Role" \
--scope "/dbs/mydb/colls/mycontainer" \
--principal-id 6328f5f7-dbf7-4244-bba8-fbb9d8066506Create a SQL role assignment under an Azure Cosmos DB account using Role Definition ID.
az cosmosdb sql role assignment create --account-name MyAccount --resource-group MyResourceGroup \
--role-assignment-id cb8ed2d7-2371-4e3c-bd31-6cc1560e84f8 \
--role-definition-id be79875a-2cc4-40d5-8958-566017875b39 \
--scope "/dbs/mydb/colls/mycontainer" \
--principal-id 6328f5f7-dbf7-4244-bba8-fbb9d8066506Required Parameters
Cosmosdb account name.
AAD Object ID of the principal to which this Role Assignment is being granted.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Data plane resource path at which this Role Assignment is being granted.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Default value: | False |
Optional for Create. Unique ID for the Role Assignment. If not provided, a new GUID will be used.
Unique ID of the Role Definition that this Role Assignment refers to.
Unique Name of the Role Definition that this Role Assignment refers to. Eg. 'Contoso Reader Role'.
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az cosmosdb sql role assignment delete
Delete a SQL role assignment under an Azure Cosmos DB account.
az cosmosdb sql role assignment delete --account-name
--resource-group
--role-assignment-id
[--no-wait]
[--yes]Examples
Delete a SQL role assignment under an Azure Cosmos DB account.
az cosmosdb sql role assignment delete --account-name MyAccount --resource-group MyResourceGroup --role-assignment-id cb8ed2d7-2371-4e3c-bd31-6cc1560e84f8Required Parameters
Cosmosdb account name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional for Create. Unique ID for the Role Assignment. If not provided, a new GUID will be used.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Default value: | False |
Do not prompt for confirmation.
| Property | Value |
|---|---|
| Default value: | False |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az cosmosdb sql role assignment exists
Check if an Azure Cosmos DB role assignment exists.
az cosmosdb sql role assignment exists --account-name
--resource-group
--role-assignment-idExamples
Check if an Azure Cosmos DB role assignment exists.
az cosmosdb sql role assignment exists --account-name MyAccount --resource-group MyResourceGroup --role-assignment-id cb8ed2d7-2371-4e3c-bd31-6cc1560e84f8Required Parameters
Cosmosdb account name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional for Create. Unique ID for the Role Assignment. If not provided, a new GUID will be used.
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az cosmosdb sql role assignment list
List all SQL role assignments under an Azure Cosmos DB account.
az cosmosdb sql role assignment list --account-name
--resource-groupExamples
List all SQL role assignments under an Azure Cosmos DB account.
az cosmosdb sql role assignment list --account-name MyAccount --resource-group MyResourceGroupRequired Parameters
Cosmosdb account name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az cosmosdb sql role assignment show
Show the properties of a SQL role assignment under an Azure Cosmos DB account.
az cosmosdb sql role assignment show --account-name
--resource-group
--role-assignment-idExamples
Show the properties of a SQL role assignment under an Azure Cosmos DB account.
az cosmosdb sql role assignment show --account-name MyAccount --resource-group MyResourceGroup --role-assignment-id cb8ed2d7-2371-4e3c-bd31-6cc1560e84f8Required Parameters
Cosmosdb account name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional for Create. Unique ID for the Role Assignment. If not provided, a new GUID will be used.
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az cosmosdb sql role assignment update
Update a SQL role assignment under an Azure Cosmos DB account.
az cosmosdb sql role assignment update --account-name
--resource-group
--role-assignment-id
[--no-wait]
[--principal-id]
[--role-definition-id]
[--role-definition-name]
[--scope]Examples
Update a SQL role assignment under an Azure Cosmos DB account.
az cosmosdb sql role assignment update --account-name MyAccount --resource-group MyResourceGroup \
--role-assignment-id cb8ed2d7-2371-4e3c-bd31-6cc1560e84f8 \
--role-definition-id updated-role-definition-idRequired Parameters
Cosmosdb account name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional for Create. Unique ID for the Role Assignment. If not provided, a new GUID will be used.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Default value: | False |
AAD Object ID of the principal to which this Role Assignment is being granted.
Unique ID of the Role Definition that this Role Assignment refers to.
Unique Name of the Role Definition that this Role Assignment refers to. Eg. 'Contoso Reader Role'.
Data plane resource path at which this Role Assignment is being granted.
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az cosmosdb sql role assignment wait
Poll on a SQL role assignment until a specific condition is met.
az cosmosdb sql role assignment wait --account-name
--resource-group
--role-assignment-id
[--created]
[--custom]
[--deleted]
[--exists]
[--interval]
[--timeout]
[--updated]Examples
Poll on a SQL role assignment until it is deleted.
az cosmosdb sql role assignment wait --account-name MyAccount --resource-group MyResourceGroup --role-assignment-id cb8ed2d7-2371-4e3c-bd31-6cc1560e84f8 --deletedRequired Parameters
Cosmosdb account name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional for Create. Unique ID for the Role Assignment. If not provided, a new GUID will be used.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Wait until created with 'provisioningState' at 'Succeeded'.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
Wait until deleted.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
Wait until the resource exists.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
Polling interval in seconds.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | 30 |
Maximum wait in seconds.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | 3600 |
Wait until updated with provisioningState at 'Succeeded'.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
