The roleAssignmentScheduleRequests resource type is an extension resource, which means you can apply it to another resource.
Use the scope
property on this resource to set the scope for this resource. See Set scope on extension resources in ARM templates.
Valid deployment scopes for the roleAssignmentScheduleRequests resource are:
For a list of changed properties in each API version, see change log.
To create a Microsoft.Authorization/roleAssignmentScheduleRequests resource, add the following JSON to your template.
{
"type": "Microsoft.Authorization/roleAssignmentScheduleRequests",
"apiVersion": "2022-04-01-preview",
"name": "string",
"scope": "string" or "/",
"properties": {
"condition": "string",
"conditionVersion": "string",
"justification": "string",
"linkedRoleEligibilityScheduleId": "string",
"principalId": "string",
"requestType": "string",
"roleDefinitionId": "string",
"scheduleInfo": {
"expiration": {
"duration": "string",
"endDateTime": "string",
"type": "string"
},
"startDateTime": "string"
},
"targetRoleAssignmentScheduleId": "string",
"targetRoleAssignmentScheduleInstanceId": "string",
"ticketInfo": {
"ticketNumber": "string",
"ticketSystem": "string"
}
}
}
Name | Description | Value |
---|---|---|
type | The resource type | 'Microsoft.Authorization/roleAssignmentScheduleRequests' |
apiVersion | The resource api version | '2022-04-01-preview' |
name | The resource name | string (required) |
scope | Use when creating an extension resource at a scope that is different than the deployment scope. | Target resource For JSON, set the value to the full name of the resource to apply the extension resource to. This resource type can also be applied to a tenant. For JSON, use "/" . |
properties | Role assignment schedule request properties. | RoleAssignmentScheduleRequestProperties |
Name | Description | Value |
---|---|---|
condition | The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container' | string |
conditionVersion | Version of the condition. Currently accepted value is '2.0' | string |
justification | Justification for the role assignment | string |
linkedRoleEligibilityScheduleId | The linked role eligibility schedule id - to activate an eligibility. | string |
principalId | The principal ID. | string (required) |
requestType | The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc | 'AdminAssign' 'AdminExtend' 'AdminRemove' 'AdminRenew' 'AdminUpdate' 'SelfActivate' 'SelfDeactivate' 'SelfExtend' 'SelfRenew' (required) |
roleDefinitionId | The role definition ID. | string (required) |
scheduleInfo | Schedule info of the role assignment schedule | RoleAssignmentScheduleRequestPropertiesScheduleInfo |
targetRoleAssignmentScheduleId | The resultant role assignment schedule id or the role assignment schedule id being updated | string |
targetRoleAssignmentScheduleInstanceId | The role assignment schedule instance id being updated | string |
ticketInfo | Ticket Info of the role assignment | RoleAssignmentScheduleRequestPropertiesTicketInfo |
Name | Description | Value |
---|---|---|
expiration | Expiration of the role assignment schedule | RoleAssignmentScheduleRequestPropertiesScheduleInfoE... |
startDateTime | Start DateTime of the role assignment schedule. | string |
Name | Description | Value |
---|---|---|
duration | Duration of the role assignment schedule in TimeSpan. | string |
endDateTime | End DateTime of the role assignment schedule. | string |
type | Type of the role assignment schedule expiration | 'AfterDateTime' 'AfterDuration' 'NoExpiration' |
Name | Description | Value |
---|---|---|
ticketNumber | Ticket number for the role assignment | string |
ticketSystem | Ticket system name for the role assignment | string |