From 2e23ce167f9c8014872cb8a8758abc2ecc2843dd Mon Sep 17 00:00:00 2001
From: Michele Cereda <cereda.michele@gmail.com>
Date: Wed, 29 Nov 2023 19:02:47 +0100
Subject: [PATCH] chore: role definition-related cli command examples

---
 knowledge base/azure/cli.md | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/knowledge base/azure/cli.md b/knowledge base/azure/cli.md
index be5a03d..054eba5 100644
--- a/knowledge base/azure/cli.md	
+++ b/knowledge base/azure/cli.md	
@@ -98,6 +98,26 @@ az account list-locations -o 'table'
 az account get-access-token
 az account get-access-token --query 'accessToken' -o 'tsv'
 
+# List and show role definitions.
+az role definition list --name 'role_display_name'
+az role definition list -g 'resource_group_name' --custom-role-only true
+
+# Create role definitions.
+az role definition create --role-definition 'full_json_definition'
+
+# Update role definitions.
+az role definition update --role-definition 'full_json_definition'
+az role definition update --role-definition <( \
+  az role definition list -g 'resource_group_name' --name 'role_display_name' \
+  | jq -Mc '
+    .[] | .assignableScopes += [
+      "/subscription/subscription_id/resourceGroups/resource_group_name"
+    ] ' - \
+)
+
+# Delete role definitions.
+az role definition delete --name 'role_display_name'
+
 # List role assignments.
 az role assignment list
 az role assignment list --all