AzRoleAdvertizer

last sync: 2025-Jul-18 17:22:55 UTC

Storage Blob Data Reader

Azure BuiltIn RBAC Role definition

Name

Storage Blob Data Reader
Microsoft Learn

2a2b9908-6ea1-4ae2-8e65-a410df84e7d1

Description

Allows for read access to Azure Storage blob containers and data

Category

Storage
Microsoft Learn

CreatedOn

2017-12-21 00:01:24 UTC

UpdatedOn

2021-11-11 20:13:55 UTC

Permissions summary

Effective control plane and data plane operations: 3 (unique operations)
•action: 1
•read: 2

Actions: 2
Resolved control plane operations from Actions: 2
Effective control plane operations: 2
•action: 1
•read: 1

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 16834

DataActions: 1
Resolved data plane operations: 1
Effective data plane operations: 1
•read: 1

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3570

Actions

Operation	Description
Microsoft.Storage/storageAccounts/blobServices/containers/read	Returns list of containers
Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action	Returns a user delegation key for the blob service

NotActions

n/a

DataActions

Operation	Description
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read	Returns a blob or a list of blobs

NotDataActions

n/a

Used in
BuiltIn Policy

none

History

none

JSON

api-version=2023-07-01-preview

Condition

none