How to find all the Azure Built-In Roles for Azure RBAC with Azure CLI, PowerShell, Docs, or AzAdvertizer
1 min read
Here are a bunch of ways you can find which roles are built into Azure. This will come in super handy when you need to assign a role to a service principal or user with Azure CLI commands like this:
az role assignment create --assignee 3db3ad97-06be-4c28-aa96-f1bac93aeed3 --role "Azure Maps Data Reader"
```markdown
## Azure CLI
1. Query the big honking json
```bash
az role definition list
```text
1. Query all, but only return Name and Id in a nice table
```bash
az role definition list --query "sort_by([].{Name:roleName,Id:name}, &Name)" --output table
```text
1. Filter by name contains:
This one filters for roles with “Map” in the name:
```bash
az role definition list --query "sort_by([?contains(roleName, 'Map')].{Name:roleName,Id:name}, &Name)" --output table
```markdown
## Azure PowerShell
[https://docs.microsoft.com/en-us/powershell/module/az.resources/get-azroledefinition?view=azps-3.8.0](https://docs.microsoft.com/en-us/powershell/module/az.resources/get-azroledefinition?view=azps-3.8.0)
```powershell
Get-AzRoleDefinitionDocs
This page has all the built in roles: https://docs.microsoft.com/azure/role-based-access-control/built-in-roles
AzAdvertizer
Just found this site today by Julian Hayward. It’s a great way to find roles
https://www.azadvertizer.net/azrolesadvertizer_all.html
Share: