/// <summary>
/// Creates or updates a role definition.
/// </summary>
/// <param name='operations'>
/// Reference to the
/// Microsoft.Azure.Management.Authorization.IRoleDefinitionOperations.
/// </param>
/// <param name='roleDefinitionId'>
/// Required. Role definition id.
/// </param>
/// <param name='scope'>
/// Required. Scope
/// </param>
/// <param name='parameters'>
/// Required. Role definition.
/// </param>
/// <returns>
/// Role definition create or update operation result.
/// </returns>
public static RoleDefinitionCreateOrUpdateResult CreateOrUpdate(this IRoleDefinitionOperations operations, Guid roleDefinitionId, string scope, RoleDefinitionCreateOrUpdateParameters parameters)
{
return Task.Factory.StartNew((object s) =>
{
return ((IRoleDefinitionOperations)s).CreateOrUpdateAsync(roleDefinitionId, scope, parameters);
}
, operations, CancellationToken.None, TaskCreationOptions.None, TaskScheduler.Default).Unwrap().GetAwaiter().GetResult();
}
/// <summary>
/// Creates or updates a role definition.
/// </summary>
/// <param name='operations'>
/// Reference to the
/// Microsoft.Azure.Management.Authorization.IRoleDefinitionOperations.
/// </param>
/// <param name='roleDefinitionId'>
/// Required. Role definition id.
/// </param>
/// <param name='scope'>
/// Required. Scope
/// </param>
/// <param name='parameters'>
/// Required. Role definition.
/// </param>
/// <returns>
/// Role definition create or update operation result.
/// </returns>
public static Task<RoleDefinitionCreateOrUpdateResult> CreateOrUpdateAsync(this IRoleDefinitionOperations operations, Guid roleDefinitionId, string scope, RoleDefinitionCreateOrUpdateParameters parameters)
{
return operations.CreateOrUpdateAsync(roleDefinitionId, scope, parameters, CancellationToken.None);
}
private PSRoleDefinition CreateOrUpdateRoleDefinition(Guid roleDefinitionId, PSRoleDefinition roleDefinition)
{
RoleDefinitionCreateOrUpdateParameters parameters = new RoleDefinitionCreateOrUpdateParameters()
{
RoleDefinition = new RoleDefinition()
{
Name = roleDefinitionId,
Properties = new RoleDefinitionProperties()
{
AssignableScopes = roleDefinition.AssignableScopes,
Description = roleDefinition.Description,
Permissions = new List<Permission>()
{
new Permission()
{
Actions = roleDefinition.Actions,
NotActions = roleDefinition.NotActions
}
},
RoleName = roleDefinition.Name,
Type = "CustomRole"
}
}
};
PSRoleDefinition roleDef = null;
try
{
roleDef = AuthorizationManagementClient.RoleDefinitions.CreateOrUpdate(roleDefinitionId, roleDefinition.AssignableScopes.First(), parameters).RoleDefinition.ToPSRoleDefinition();
}
catch (CloudException ce)
{
if (ce.Response.StatusCode == HttpStatusCode.Unauthorized && ce.Error.Code.Equals("TenantNotAllowed", StringComparison.InvariantCultureIgnoreCase))
{
throw new InvalidOperationException("The tenant is not currently authorized to create/update Custom role definition. Please refer to http://aka.ms/customrolespreview for more details");
}
throw;
}
return roleDef;
}
