AzRoleAdvertizer

last sync: 2024-Jul-26 18:17:46 UTC

Storage Blob Data Reader

Azure BuiltIn RBAC Role definition

Name

Storage Blob Data Reader

2a2b9908-6ea1-4ae2-8e65-a410df84e7d1

Description

Allows for read access to Azure Storage blob containers and data

CreatedOn

2017-12-21 00:01:24 UTC

UpdatedOn

2021-11-11 20:13:55 UTC

History

none

Permissions summary

Effective control plane and data plane operations: 3 (unique operations)
•action: 1
•read: 2

Actions: 2
Resolved control plane operations from Actions: 2
Effective control plane operations: 2
•action: 1
•read: 1

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 15626

DataActions: 1
Resolved data plane operations: 1
Effective data plane operations: 1
•read: 1

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3218

Actions

Operation	Description
Microsoft.Storage/storageAccounts/blobServices/containers/read	Returns list of containers
Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action	Returns a user delegation key for the blob service

NotActions

n/a

DataActions

Operation	Description
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read	Returns a blob or a list of blobs

NotDataActions

n/a

Used in
BuiltIn Policy

none

JSON

api-version=2023-07-01-preview

Condition

none