roleassignments

Role assignments refer to the mappings that connect a principal, such as a user, group, service account, or application, to a role within a defined scope. A role is a collection of permissions that permit specific actions on resources. An assignment grants those permissions by associating a principal with a role at a particular scope, such as a project, resource group, database, or individual resource. Scopes can be nested, allowing permissions to propagate to sub-scopes unless overridden, and assignments can be revoked or modified to adjust access.

As a core mechanism of role-based access control (RBAC), role assignments support least-privilege access by ensuring

Applications across platforms share the same principle. In cloud environments, a role assignment binds an identity