last sync: 2025-Sep-18 17:22:45 UTC

Managed HSM contributor

Azure BuiltIn RBAC Role definition

NameManaged HSM contributor
Microsoft Learn
Id18500a29-7fe2-46b2-a342-b16a415e101d
DescriptionLets you manage managed HSM pools, but not access to them.
CategorySecurity
Microsoft Learn
CreatedOn2020-09-16 21:47:01 UTC
UpdatedOn2022-03-08 00:35:44 UTC
Permissions summary Effective control plane and data plane operations: 23 (unique operations)
•action: 3
•delete: 3
•read: 12
•write: 5

Actions: 5
Resolved control plane operations from Actions: 23
Effective control plane operations: 23
•action: 3
•delete: 3
•read: 12
•write: 5

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 17158

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 4064
Actions
Operation Description
Microsoft.KeyVault/deletedManagedHsms/readView the properties of a deleted managed hsm
Microsoft.KeyVault/locations/deletedManagedHsms/purge/actionPurge a soft deleted managed hsm
Microsoft.KeyVault/locations/deletedManagedHsms/readView the properties of a deleted managed hsm
Microsoft.KeyVault/locations/managedHsmOperationResults/readCheck the result of a long run operation
Microsoft.KeyVault/managedHSMs/*wildcarded / no description
NotActions n/a
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy
Loading extensions...
Rows: 1-2 / 2
Records:
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

TableFilter v0.7.3

https://www.tablefilter.com/
©2015-2025 Max Guglielmi
?
Page of 1
Policy DisplayName Policy Id Category State
[Preview]: Configure Azure Key Vault Managed HSM to disable public network access 84d327c3-164a-4685-b453-900478614456 Key Vault Preview
[Preview]: Configure Azure Key Vault Managed HSM with private endpoints d1d6d8bb-cc7c-420f-8c7d-6f6f5279a844 Key Vault Preview
History
Date/Time (UTC ymd) (i) Change Change detail
2022-03-08 17:46:41 change: Actions Actions: 'add Microsoft.KeyVault/deletedManagedHsms/read; add Microsoft.KeyVault/locations/deletedManagedHsms/read; add Microsoft.KeyVault/locations/deletedManagedHsms/purge/action; add Microsoft.KeyVault/locations/managedHsmOperationResults/read'
2020-09-17 14:31:34 add: Role 18500a29-7fe2-46b2-a342-b16a415e101d
JSON
api-version=2023-07-01-preview
{9 items
  • roleName: "Managed HSM contributor",
  • type: "BuiltInRole",
  • description: "Lets you manage managed HSM pools, but not access to them.",
  • assignableScopes: [1 item
    • "/"
    ],
  • permissions: [1 item
    • {4 items
      • actions: [5 items
        • "Microsoft.KeyVault/managedHSMs/*",
        • "Microsoft.KeyVault/deletedManagedHsms/read",
        • "Microsoft.KeyVault/locations/deletedManagedHsms/read",
        • "Microsoft.KeyVault/locations/deletedManagedHsms/purge/action",
        • "Microsoft.KeyVault/locations/managedHsmOperationResults/read"
        ],
      • notActions: [],
      • dataActions: [],
      • notDataActions: []
      }
    ],
  • createdOn: "2020-09-16T21:47:01.1291104Z",
  • updatedOn: "2022-03-08T00:35:44.4196909Z",
  • createdBy: null,
  • updatedBy: null
}
Condition none