Active Directory Unified Role Definition

Docs > DDSQL Reference > Data Directory > Active Directory Unified Role Definition

This table represents the Active Directory Unified Role Definition resource from Microsoft Azure.

azure.ad_unified_role_definition

Fields

ID	Type	Data Type	Description
_key	core	string
description	core	string	The description for the unifiedRoleDefinition. Read-only when isBuiltIn is true.
id	core	string	The unique identifier for an entity. Read-only.
inherits_permissions_from	core	json	Read-only collection of role definitions that the given role definition inherits from. Only Microsoft Entra built-in roles (isBuiltIn is true) support this attribute. Supports $expand.
is_built_in	core	bool	Flag indicating whether the role definition is part of the default set included in Microsoft Entra or a custom definition. Read-only. Supports $filter (eq, in).
is_enabled	core	bool	Flag indicating whether the role is enabled for assignment. If false the role is not available for assignment. Read-only when isBuiltIn is true.
name	core	string
resource_group	core	string
resource_scopes	core	array<string>	List of the scopes or permissions the role definition applies to. Currently only / is supported. Read-only when isBuiltIn is true. DO NOT USE. This will be deprecated soon. Attach scope to role assignment.
role_permissions	core	json	List of permissions included in the role. Read-only when isBuiltIn is true. Required.
subscription_id	core	string
subscription_name	core	string
tags	core	hstore
template_id	core	string	Custom template identifier that can be set when isBuiltIn is false but is read-only when isBuiltIn is true. This identifier is typically used if one needs an identifier to be the same across different directories.
version	core	string	Indicates version of the role definition. Read-only when isBuiltIn is true.