[Role] az role assignment list: Add --fill-role-definition-name

[jiasli]

Related command
az role assignment list

Description
With the ever-increasing number of built-in roles, the list returned by Role Definitions - List API is getting bigger and bigger (#30579), making az role assignment list command slower.

In our test subscription, role_defs at

azure-cli/src/azure-cli/azure/cli/command_modules/role/custom.py

Lines 273 to 274 in 919923c

	role_defs = list(definitions_client.list(
	scope=scope or ('/subscriptions/' + definitions_client._config.subscription_id)))

contains 653 items with the size of 588563 bytes, bloating recording files to megabytes big, exceeding the limit of Git diff.

This PR adds --fill-role-definition-name to allow omitting roleDefinitionName property, similar to #30693.

#30587 uses roleName filter to accelerate az role definition list, but for az role assignment list, this would require making a REST call for each role definition. Giving the user the choice whether to fill roleDefinitionName property is still mandatory.

Testing Guide
Without --fill-role-definition-name false:

> az role assignment list --role Reader --scope /subscriptions/xxx
[
  {
    ...
    "roleDefinitionId": "/subscriptions/xxx/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7",
    "roleDefinitionName": "Reader",
    ...
  }
]

With --fill-role-definition-name false:

> az role assignment list --role Reader --scope /subscriptions/xxx --fill-role-definition-name false
[
  {
    ...
    "roleDefinitionId": "/subscriptions/0b1f6471-1bf0-4dda-aec3-cb9272f09590/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7",
    ...
  }
]

History Notes

[Role] az role assignment list: Add --fill-role-definition-name argument. Use --fill-role-definition-name false to omit roleDefinitionName property and bypass the role definitions query

[azure-client-tools-bot-prd]

️✔️AzureCLI-FullTest

️✔️acr

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

️✔️acs

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

️✔️advisor

️✔️latest

️✔️3.12

️✔️3.9

️✔️ams

️✔️latest

️✔️3.12

️✔️3.9

️✔️apim

️✔️latest

️✔️3.12

️✔️3.9

️✔️appconfig

️✔️latest

️✔️3.12

️✔️3.9

️✔️appservice

️✔️latest

️✔️3.12

️✔️3.9

️✔️aro

️✔️latest

️✔️3.12

️✔️3.9

️✔️backup

️✔️latest

️✔️3.12

️✔️3.9

️✔️batch

️✔️latest

️✔️3.12

️✔️3.9

️✔️batchai

️✔️latest

️✔️3.12

️✔️3.9

️✔️billing

️✔️latest

️✔️3.12

️✔️3.9

️✔️botservice

️✔️latest

️✔️3.12

️✔️3.9

️✔️cdn

️✔️latest

️✔️3.12

️✔️3.9

️✔️cloud

️✔️latest

️✔️3.12

️✔️3.9

️✔️cognitiveservices

️✔️latest

️✔️3.12

️✔️3.9

️✔️compute_recommender

️✔️latest

️✔️3.12

️✔️3.9

️✔️computefleet

️✔️latest

️✔️3.12

️✔️3.9

️✔️config

️✔️latest

️✔️3.12

️✔️3.9

️✔️configure

️✔️latest

️✔️3.12

️✔️3.9

️✔️consumption

️✔️latest

️✔️3.12

️✔️3.9

️✔️container

️✔️latest

️✔️3.12

️✔️3.9

️✔️containerapp

️✔️latest

️✔️3.12

️✔️3.9

️✔️core

️✔️2018-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2019-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

️✔️cosmosdb

️✔️latest

️✔️3.12

️✔️3.9

️✔️databoxedge

️✔️2019-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

️✔️dls

️✔️latest

️✔️3.12

️✔️3.9

️✔️dms

️✔️latest

️✔️3.12

️✔️3.9

️✔️eventgrid

️✔️latest

️✔️3.12

️✔️3.9

️✔️eventhubs

️✔️latest

️✔️3.12

️✔️3.9

️✔️feedback

️✔️latest

️✔️3.12

️✔️3.9

️✔️find

️✔️latest

️✔️3.12

️✔️3.9

️✔️hdinsight

️✔️latest

️✔️3.12

️✔️3.9

️✔️identity

️✔️latest

️✔️3.12

️✔️3.9

️✔️iot

️✔️2019-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

️✔️keyvault

️✔️2018-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

️✔️lab

️✔️latest

️✔️3.12

️✔️3.9

️✔️managedservices

️✔️latest

️✔️3.12

️✔️3.9

️✔️maps

️✔️latest

️✔️3.12

️✔️3.9

️✔️marketplaceordering

️✔️latest

️✔️3.12

️✔️3.9

️✔️monitor

️✔️latest

️✔️3.12

️✔️3.9

️✔️mysql

️✔️latest

️✔️3.12

️✔️3.9

️✔️netappfiles

️✔️latest

️✔️3.12

️✔️3.9

️✔️network

️✔️2018-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

️✔️policyinsights

️✔️latest

️✔️3.12

️✔️3.9

️✔️privatedns

️✔️latest

️✔️3.12

️✔️3.9

️✔️profile

️✔️latest

️✔️3.12

️✔️3.9

️✔️rdbms

️✔️latest

️✔️3.12

️✔️3.9

️✔️redis

️✔️latest

️✔️3.12

️✔️3.9

️✔️relay

️✔️latest

️✔️3.12

️✔️3.9

️✔️resource

️✔️2018-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2019-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

️✔️role

️✔️latest

️✔️3.12

️✔️3.9

️✔️search

️✔️latest

️✔️3.12

️✔️3.9

️✔️security

️✔️latest

️✔️3.12

️✔️3.9

️✔️servicebus

️✔️latest

️✔️3.12

️✔️3.9

️✔️serviceconnector

️✔️latest

️✔️3.12

️✔️3.9

️✔️servicefabric

️✔️latest

️✔️3.12

️✔️3.9

️✔️signalr

️✔️latest

️✔️3.12

️✔️3.9

️✔️sql

️✔️latest

️✔️3.12

️✔️3.9

️✔️sqlvm

️✔️latest

️✔️3.12

️✔️3.9

️✔️storage

️✔️2018-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2019-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

️✔️synapse

️✔️latest

️✔️3.12

️✔️3.9

️✔️telemetry

️✔️2018-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2019-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

️✔️util

️✔️latest

️✔️3.12

️✔️3.9

️✔️vm

️✔️2018-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2019-03-01-hybrid

️✔️3.12

️✔️3.9

️✔️2020-09-01-hybrid

️✔️3.12

️✔️3.9

️✔️latest

️✔️3.12

️✔️3.9

[azure-client-tools-bot-prd]

⚠️AzureCLI-BreakingChangeTest

⚠️role

rule	cmd_name	rule_message	suggest_message
⚠️ 1006 - ParaAdd	role assignment list	cmd role assignment list added parameter fill_role_definition_name

[github-actions]

The git hooks are available for azure-cli and azure-cli-extensions repos. They could help you run required checks before creating the PR.

Please sync the latest code with latest dev branch (for azure-cli) or main branch (for azure-cli-extensions).
After that please run the following commands to enable git hooks:

pip install azdev --upgrade
azdev setup -c <your azure-cli repo path> -r <your azure-cli-extensions repo path>

[yonzhan]

Thank you for your contribution! We will review the pull request and get back to you soon.

[jiasli]

This recording file previously contains 8 requests with /providers/Microsoft.Authorization/roleDefinitions?api-version=2022-05-01-preview. Now it contains only 4.

[bebound]

az role assignment list saves 0.7second with --fill-role-definition-name false, nice work.

Please fix the PR description, the command name is az role definition instead of az role assignment.

[jiasli]

Please fix the PR description, the command name is az role definition instead of az role assignment.

Nice catch. Fixed.

[jiasli]

--asignee requires Graph query and --assignee-object-id is not supported yet (#30469), so we can only use --scope+atScope() query for now:

azure-cli/src/azure-cli/azure/cli/command_modules/role/custom.py

Lines 582 to 586 in d4147a7

	if scope:
	f = 'atScope()' # atScope() excludes role assignments at subscopes
	if assignee_object_id and include_groups:
	f = f + " and assignedTo('{}')".format(assignee_object_id)
	assignments = list(assignments_client.list_for_scope(scope=scope, filter=f))

This records the subscription assignments, making the recording file big.

Once --assignee-object-id is not supported (#30469), we can switch to

azure-cli/src/azure-cli/azure/cli/command_modules/role/custom.py

Lines 587 to 592 in d4147a7

	elif assignee_object_id:
	if include_groups:
	f = "assignedTo('{}')".format(assignee_object_id)
	else:
	f = "principalId eq '{}'".format(assignee_object_id)
	assignments = list(assignments_client.list_for_subscription(filter=f))