[Tables] Grant AAD Permissions to Test Role (#16278)

2021-07-07 13:49:44 -07:00 · 2021-07-07 13:49:44 -07:00 · 5674f7b47c
--- a/sdk/tables/test-resources.json
+++ b/sdk/tables/test-resources.json
@ -8,6 +8,12 @@
        "description": "The base resource name."
      }
    },
+    "testApplicationOid": {
+      "type": "string",
+      "metadata": {
+        "description": "The principal to assign the role to. This is application object id."
+      }
+    },
    "tenantId": {
      "type": "string",
      "defaultValue": "72f988bf-86f1-41af-91ab-2d7cd011db47",
@ -25,6 +31,8 @@
  },
  "variables": {
    "storageApiVersion": "2019-06-01",
+    "authorizationApiVersion": "2018-09-01-preview",
+    "blobDataContributorRoleId": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Authorization/roleDefinitions/0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3')]",
    "location": "[resourceGroup().location]",
    "accountName": "[parameters('baseName')]",
    "resourceGroupName": "resourceGroup().name",
@ -38,6 +46,15 @@
    }
  },
  "resources": [
+    {
+      "type": "Microsoft.Authorization/roleAssignments",
+      "apiVersion": "[variables('authorizationApiVersion')]",
+      "name": "[guid(concat('tableDataContributorRoleId', resourceGroup().id))]",
+      "properties": {
+        "roleDefinitionId": "[variables('blobDataContributorRoleId')]",
+        "principalId": "[parameters('testApplicationOid')]"
+      }
+    },
    {
      "type": "Microsoft.Storage/storageAccounts",
      "apiVersion": "[variables('storageApiVersion')]",