Prerequisites for Azure role assignment conditions
To add or edit Azure role assignment conditions, you must have the following prerequisites.
For conditions that use blob index tags, you must use a storage account that is compatible with the blob index feature. For example, only General Purpose v2 (GPv2) storage accounts with hierarchical namespace (HNS) disabled are currently supported. For more information, see Manage and find Azure Blob data with blob index tags
When using Azure PowerShell to add or update conditions, you must use the following versions:
- Az module 5.5.0 or later
- Az.Resources module 3.2.1 or later
- Included with Az module v5.5.0 and later, but can be manually installed through PowerShell Gallery
- Az.Storage preview module 2.5.2-preview or later
When using Azure CLI to add or update conditions, you must use the following versions:
When using the REST API to add or update conditions, you must use the following versions:
2020-04-01-previewor later if you want to utilize the
descriptionproperty for role assignments
2022-04-01is the first stable version
For more information, see API versions of Azure RBAC REST APIs.
Just like role assignments, to add or update conditions, you must be signed in to Azure with a user that has the
Microsoft.Authorization/roleAssignments/delete permissions, such as User Access Administrator or Owner.