/// <summary>
 /// Creates or updates a role definition.
 /// </summary>
 /// <param name='operations'>
 /// Reference to the
 /// Microsoft.Azure.Management.Authorization.IRoleDefinitionOperations.
 /// </param>
 /// <param name='roleDefinitionId'>
 /// Required. Role definition id.
 /// </param>
 /// <param name='scope'>
 /// Required. Scope
 /// </param>
 /// <param name='parameters'>
 /// Required. Role definition.
 /// </param>
 /// <returns>
 /// Role definition create or update operation result.
 /// </returns>
 public static RoleDefinitionCreateOrUpdateResult CreateOrUpdate(this IRoleDefinitionOperations operations, Guid roleDefinitionId, string scope, RoleDefinitionCreateOrUpdateParameters parameters)
 {
     return Task.Factory.StartNew((object s) => 
     {
         return ((IRoleDefinitionOperations)s).CreateOrUpdateAsync(roleDefinitionId, scope, parameters);
     }
     , operations, CancellationToken.None, TaskCreationOptions.None, TaskScheduler.Default).Unwrap().GetAwaiter().GetResult();
 }
 /// <summary>
 /// Creates or updates a role definition.
 /// </summary>
 /// <param name='operations'>
 /// Reference to the
 /// Microsoft.Azure.Management.Authorization.IRoleDefinitionOperations.
 /// </param>
 /// <param name='roleDefinitionId'>
 /// Required. Role definition id.
 /// </param>
 /// <param name='scope'>
 /// Required. Scope
 /// </param>
 /// <param name='parameters'>
 /// Required. Role definition.
 /// </param>
 /// <returns>
 /// Role definition create or update operation result.
 /// </returns>
 public static Task<RoleDefinitionCreateOrUpdateResult> CreateOrUpdateAsync(this IRoleDefinitionOperations operations, Guid roleDefinitionId, string scope, RoleDefinitionCreateOrUpdateParameters parameters)
 {
     return operations.CreateOrUpdateAsync(roleDefinitionId, scope, parameters, CancellationToken.None);
 }
        private PSRoleDefinition CreateOrUpdateRoleDefinition(Guid roleDefinitionId, PSRoleDefinition roleDefinition)
        {
            RoleDefinitionCreateOrUpdateParameters parameters = new RoleDefinitionCreateOrUpdateParameters()
            {
                RoleDefinition = new RoleDefinition()
                {
                    Name = roleDefinitionId,
                    Properties = new RoleDefinitionProperties()
                    {
                        AssignableScopes = roleDefinition.AssignableScopes,
                        Description = roleDefinition.Description,
                        Permissions = new List<Permission>()
                        {
                            new Permission()
                            {
                                Actions = roleDefinition.Actions,
                                NotActions = roleDefinition.NotActions
                            }
                        },
                        RoleName = roleDefinition.Name,
                        Type = "CustomRole"
                    }
                }
            };

            PSRoleDefinition roleDef = null;
            try
            {
                roleDef = AuthorizationManagementClient.RoleDefinitions.CreateOrUpdate(roleDefinitionId, roleDefinition.AssignableScopes.First(), parameters).RoleDefinition.ToPSRoleDefinition();
            }
            catch (CloudException ce)
            {
                if (ce.Response.StatusCode == HttpStatusCode.Unauthorized && ce.Error.Code.Equals("TenantNotAllowed", StringComparison.InvariantCultureIgnoreCase))
                {
                    throw new InvalidOperationException("The tenant is not currently authorized to create/update Custom role definition. Please refer to http://aka.ms/customrolespreview for more details");
                }

                throw;
            }

            return roleDef;
        }