AzRoleAdvertizer

last sync: 2025-Jul-10 17:22:37 UTC

Microsoft Discovery Platform Contributor (Preview)

Azure BuiltIn RBAC Role definition

NameMicrosoft Discovery Platform Contributor (Preview)
Id01288891-85ee-45a7-b367-9db3b752fc65
DescriptionGrants permissions to view and operate on most Discovery platform resources, including workspaces, supercomputers, storages, agents, bookshelves, data containers, models, tools, workflows, and investigations, as well as perform data plane actions, but does not allow creating, updating, or deleting core resources such as workspaces, supercomputers, storages, bookshelves, node pools, or projects. This role is in preview and subject to change.
CategoryNone
CreatedOn2025-07-01 15:14:22 UTC
UpdatedOn2025-07-01 15:14:22 UTC
Permissions summary Effective control plane and data plane operations: 88 (unique operations)
•action: 10
•delete: 12
•read: 56
•write: 10

Actions: 19
Resolved control plane operations from Actions: 73
Effective control plane operations: 73
•Action: 7
•delete: 8
•read: 50
•write: 8

NotActions: 12
Resolved control plane operations from NotActions: 12
Effective denied control plane operations: 16713

DataActions: 1
Resolved data plane operations: 15
Effective data plane operations: 15
•action: 3
•delete: 4
•read: 6
•write: 2

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3556
Actions
Operation Description
Microsoft.Authorization/*/readwildcarded / no description
Microsoft.Discovery/agents/*wildcarded / no description
Microsoft.Discovery/bookshelves/readGet a Bookshelf
Microsoft.Discovery/dataContainers/*wildcarded / no description
Microsoft.Discovery/dataContainers/dataAssets/*wildcarded / no description
Microsoft.Discovery/locations/operationStatuses/readread operationStatuses
Microsoft.Discovery/models/*wildcarded / no description
Microsoft.Discovery/operations/readread operations
Microsoft.Discovery/operations/readread operations
Microsoft.Discovery/storages/readGet a Storage
Microsoft.Discovery/supercomputers/nodePools/readGet a NodePool
Microsoft.Discovery/supercomputers/readGet a Supercomputer
Microsoft.Discovery/tools/*wildcarded / no description
Microsoft.Discovery/workflows/*wildcarded / no description
Microsoft.Discovery/workspaces/projects/readGet a Project
Microsoft.Discovery/workspaces/readGet a Workspace
Microsoft.Insights/AlertRules/*wildcarded / no description
Microsoft.Resources/deployments/*wildcarded / no description
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups.
NotActions
Operation Description
Microsoft.Discovery/bookshelves/deleteDelete a Bookshelf
Microsoft.Discovery/bookshelves/writeUpdate a Bookshelf
Microsoft.Discovery/storages/deleteDelete a Storage
Microsoft.Discovery/storages/writeUpdate a Storage
Microsoft.Discovery/supercomputers/deleteDelete a Supercomputer
Microsoft.Discovery/supercomputers/nodePools/deleteDelete a NodePool
Microsoft.Discovery/supercomputers/nodePools/writeUpdate a NodePool
Microsoft.Discovery/supercomputers/writeUpdate a Supercomputer
Microsoft.Discovery/workspaces/deleteDelete a Workspace
Microsoft.Discovery/workspaces/projects/deleteDelete a Project
Microsoft.Discovery/workspaces/projects/writeUpdate a Project
Microsoft.Discovery/workspaces/writeUpdate a Workspace
DataActions
Operation Description
Microsoft.Discovery/*wildcarded / no description
NotDataActions n/a
Used in
BuiltIn Policy		 none
History
Date/Time (UTC ymd) (i) Change Change detail
2025-07-01 17:22:32 add: Role 01288891-85ee-45a7-b367-9db3b752fc65
JSON
api-version=2023-07-01-preview
Condition none