add azure_rm_roleassginment_facts (#52626)

2026-05-06 13:22:48 +00:00 · 2019-03-21 12:48:55 +08:00
parent f34a43f2c7
commit fb5f85d2c1
2 changed files with 307 additions and 0 deletions
--- a/test/integration/targets/azure_rm_roledefinition/tasks/main.yml
+++ b/test/integration/targets/azure_rm_roledefinition/tasks/main.yml
@@ -2,6 +2,7 @@
  set_fact:
    role_name: "{{ (resource_group | replace('-','x'))[-8:] }}{{ 1000 | random }}testrole"
    subscription_id: "{{ lookup('env','AZURE_SUBSCRIPTION_ID') }}"
+    principal_id: "{{ lookup('env','AZURE_CLIENT_ID') }}"
  run_once: yes

 - name: Create a role definition (Check Mode)
@@ -117,6 +118,62 @@
    that:
      - output.changed

+- name: Get role definition facts
+  azure_rm_roledefinition_facts:
+    role_name: "{{ role_name }}"
+    scope: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}"
+    type: custom
+  register: roledef
+
+- name: Assert role definition facts
+  assert:
+    that:
+      - roledef['roledefinitions'] | length > 1
+      - roledef['roledefinitions'][0]['id']
+
+- name: Create a role assignment (Check Mode)
+  azure_rm_roleassignment:
+    scope: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}"
+    assignee_object_id: "{{ principal_id }}"
+    role_definition_id: "{{ roledef['roledefinitions'][0]['id'] }}"
+    check_mode: yes
+  register: output
+
+- name: Assert creating role definition check mode
+  assert:
+    that:
+      - output.changed
+
+- name: Create a role assignment
+  azure_rm_roleassignment:
+    scope: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}"
+    assignee_object_id: "{{ principal_id }}"
+    role_definition_id: "{{ roledef['roledefinitions'][0]['id'] }}"
+  register: output
+
+- name: Assert creating role definition
+  assert:
+    that:
+      - output.changed
+
+- name: Get facts
+  azure_rm_roleassignment_facts:
+    scope: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}"
+    assignee: "{{ principal_id }}"
+  register: facts
+
+- name: assert role assignment facts
+  assert:
+    that:
+      - facts['roleassignments'] | length > 1
+      - facts['roleassignments'][0]['id']
+
+- name: delete role assignment
+  azure_rm_roleassignment:
+    name: facts['roleassignments'][0]['id']
+    scope: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resource_group }}"
+    state: absent
+
 - name: Delete the role definition (Check Mode)
  azure_rm_roledefinition:
    name: "{{ role_name }}"