RoleAssignments
Displays all role assignments configured within the Azure AD environment.
Table Specific Information
Select
Most filters are handled server side, but the specific field of Id will change the endpoint we use to retrieve the data. It must be specified with an '=' or IN condition.
For example:
SELECT * FROM RoleAssignments WHERE Id = '4yeYchSc90m7G5YI8Va7uM8rSNTfthJJt-QfAs-zqcI-1' SELECT * FROM RoleAssignments WHERE RoleDefinitionId = '62e90394-69f5-4237-9190-012177145e10' SELECT * FROM RoleAssignments WHERE PrincipalId = 'e5d250bd-92b4-44b2-b002-bc559f6d79e5'
Columns
| Name | Type | Description |
| id [KEY] | String | The unique identifier for the role assignment, used to distinguish it within the system. |
| condition | String | Specifies the condition under which the role assignment is applicable, often used for conditional access scenarios. |
| roleDefinitionId | String | The unique identifier of the role definition linked to this assignment, defining the permissions granted. |
| principalId | String | The unique identifier of the principal (user, group, or service principal) assigned this role. |
| directoryScopeId | String | The unique identifier for the directory scope in which this role assignment is effective, such as a specific Azure AD object or resource. |
| appScopeId | String | The unique identifier for the application scope of the role assignment, typically used for application-specific roles. |