AzPolicyAdvertizer

last sync: 2025-Oct-24 17:23:08 UTC

Allowed Role Definitions

Community Policy definition

Source Repository Community-Policy GitHub
JSON Community-Policy GitHub
Deploy policy 486c3b41-81fb-4433-abd0-81167a2762da (1.0.0) to Azure
Display name Allowed Role Definitions
Id 486c3b41-81fb-4433-abd0-81167a2762da
Version 1.0.0
Details on versioning
Category Authorization
Microsoft Learn
Description This policy defines an allow list of role definitions that can be used in IAM
Mode All
Type Custom Community
Effect Default
Audit
Allowed
Deny, Audit, Disabled
RBAC role(s) none
Rule aliases IF (2)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Authorization/roleAssignments/principalId Microsoft.Authorization roleAssignments properties.principalId True False
Microsoft.Authorization/roleAssignments/roleDefinitionId Microsoft.Authorization roleAssignments properties.roleDefinitionId True False
Rule resource types IF (1)
Microsoft.Authorization/roleAssignments
JSON
EPAC
Deploy policy 486c3b41-81fb-4433-abd0-81167a2762da (1.0.0) to Azure