61 lines
1.7 KiB
JSON
61 lines
1.7 KiB
JSON
{
|
|
"principals": {
|
|
"principal1": {
|
|
"principal_name": "sp-app-ops",
|
|
"principal_id": "00000000-0000-0000-0000-000000000011",
|
|
"principal_type": "ServicePrincipal",
|
|
"role_assignments": {
|
|
"subscription": {
|
|
"scope": "/subscriptions/00000000-0000-0000-0000-000000000000",
|
|
"roles": [
|
|
"Reader"
|
|
],
|
|
"delegable_roles": [
|
|
"Reader",
|
|
"Contributor"
|
|
]
|
|
},
|
|
"rg_app": {
|
|
"scope": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-app",
|
|
"roles": [
|
|
"Contributor"
|
|
],
|
|
"delegable_roles": [
|
|
"Reader",
|
|
"Contributor"
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"principal2": {
|
|
"principal_name": "sg-security-reviewers",
|
|
"principal_id": "00000000-0000-0000-0000-000000000022",
|
|
"principal_type": "Group",
|
|
"role_assignments": {
|
|
"rg_security": {
|
|
"scope": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-security",
|
|
"roles": [
|
|
"Owner"
|
|
],
|
|
"restricted_roles": [
|
|
"Owner",
|
|
"User Access Administrator",
|
|
"Role Based Access Control Administrator"
|
|
]
|
|
},
|
|
"rg_logs": {
|
|
"scope": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-logs",
|
|
"roles": [
|
|
"Role Based Access Control Administrator"
|
|
],
|
|
"restricted_roles": [
|
|
"Owner",
|
|
"User Access Administrator",
|
|
"Role Based Access Control Administrator"
|
|
]
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|