AzRoleAdvertizer

last sync: 2024-Apr-22 16:33:19 UTC

DevCenter Project Admin

Azure BuiltIn RBAC Role definition

NameDevCenter Project Admin
Id331c37c6-af14-46d9-b9f4-e1909e1b95a0
DescriptionProvides access to manage project resources.
CreatedOn2022-04-01 01:58:38 UTC
UpdatedOn2023-10-17 15:25:28 UTC
History
Date/Time (UTC ymd) (i) Change Change detail
2023-10-17 16:35:42 change: DataActions DataActions: 'add Microsoft.DevCenter/projects/users/environments/adminActionRead/action; add Microsoft.DevCenter/projects/users/environments/adminActionManage/action; add Microsoft.DevCenter/projects/users/environments/adminOutputsRead/action'
2023-06-26 17:52:14 change: DataActions DataActions: 'add Microsoft.DevCenter/projects/users/devboxes/userActionRead/action; add Microsoft.DevCenter/projects/users/devboxes/userActionManage/action'
2023-06-19 17:44:59 change: DataActions DataActions: 'add Microsoft.DevCenter/projects/users/environments/adminWrite/action'
2023-06-09 17:46:24 change: Actions, NotActions, DataActions Actions: 'remove Microsoft.Fidalgo/projects/*',
NotActions: 'remove Microsoft.Fidalgo/projects/write; remove Microsoft.Fidalgo/projects/delete',
DataActions: 'remove Microsoft.Fidalgo/projects/users/virtualMachines/adminStart/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/adminStop/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/adminRead/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/adminWrite/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/adminDelete/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/userStop/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/userStart/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/userGetRdpFileContent/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/userRead/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/userWrite/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/userDelete/action'
2022-10-12 16:34:55 change: DataActions DataActions: 'add Microsoft.DevCenter/projects/users/environments/adminDelete/action'
2022-09-27 16:35:31 change: DataActions DataActions: 'add Microsoft.DevCenter/projects/users/environments/adminRead/action; add Microsoft.DevCenter/projects/users/environments/userWrite/action; add Microsoft.DevCenter/projects/users/environments/userDelete/action; add Microsoft.DevCenter/projects/users/environments/adminAction/action'
2022-07-25 16:32:45 change: Actions, NotActions, DataActions Actions: 'add Microsoft.DevCenter/projects/*',
NotActions: 'add Microsoft.DevCenter/projects/write; add Microsoft.DevCenter/projects/delete',
DataActions: 'add Microsoft.DevCenter/projects/users/devboxes/adminStart/action; add Microsoft.DevCenter/projects/users/devboxes/adminStop/action; add Microsoft.DevCenter/projects/users/devboxes/adminRead/action; add Microsoft.DevCenter/projects/users/devboxes/adminWrite/action; add Microsoft.DevCenter/projects/users/devboxes/adminDelete/action; add Microsoft.DevCenter/projects/users/devboxes/userStop/action; add Microsoft.DevCenter/projects/users/devboxes/userStart/action; add Microsoft.DevCenter/projects/users/devboxes/userGetRemoteConnection/action; add Microsoft.DevCenter/projects/users/devboxes/userRead/action; add Microsoft.DevCenter/projects/users/devboxes/userWrite/action; add Microsoft.DevCenter/projects/users/devboxes/userDelete/action'
2022-04-01 20:29:16 add: Role 331c37c6-af14-46d9-b9f4-e1909e1b95a0
Permissions summary Effective control plane and data plane operations: 73 (unique operations)
•action: 27
•delete: 4
•read: 38
•write: 4

Actions: 4
Resolved control plane operations from Actions: 53
Effective control plane operations: 51
•action: 5
•delete: 4
•read: 38
•write: 4

NotActions: 2
Resolved control plane operations from NotActions: 2
Effective denied control plane operations: 15323

DataActions: 22
Resolved data plane operations: 22
Effective data plane operations: 22
•action: 22

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3098
Actions
Operation Description
Microsoft.Authorization/*/readwildcarded / no description
Microsoft.DevCenter/projects/*wildcarded / no description
Microsoft.Resources/deployments/*wildcarded / no description
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups.
NotActions
Operation Description
Microsoft.DevCenter/projects/deleteDeletes a project resource.
Microsoft.DevCenter/projects/writePartially updates a project.
DataActions
Operation Description
Microsoft.DevCenter/projects/users/devboxes/adminDelete/actionAllows a user to delete any Dev Box resource.
Microsoft.DevCenter/projects/users/devboxes/adminRead/actionAllows a user read access to any Dev Box resource.
Microsoft.DevCenter/projects/users/devboxes/adminStart/actionAllows a user to start any Dev Box resource.
Microsoft.DevCenter/projects/users/devboxes/adminStop/actionAllows a user to stop any Dev Box resource.
Microsoft.DevCenter/projects/users/devboxes/adminWrite/actionAllows a user write access to any Dev Box resource.
Microsoft.DevCenter/projects/users/devboxes/userActionManage/actionAllows a user to skip or delay dev box actions.
Microsoft.DevCenter/projects/users/devboxes/userActionRead/actionAllows a user to read dev box actions.
Microsoft.DevCenter/projects/users/devboxes/userDelete/actionAllows a user to delete their own Dev Box resources.
Microsoft.DevCenter/projects/users/devboxes/userGetRemoteConnection/actionAllows a user to get the RDP connection information for their own Dev Box resources.
Microsoft.DevCenter/projects/users/devboxes/userRead/actionAllows a user to read their own Dev Box resources.
Microsoft.DevCenter/projects/users/devboxes/userStart/actionAllows a user to start their own Dev Box resources.
Microsoft.DevCenter/projects/users/devboxes/userStop/actionAllows a user to stop their own Dev Box resources.
Microsoft.DevCenter/projects/users/devboxes/userWrite/actionAllows a user to create and update their own Dev Box resources.
Microsoft.DevCenter/projects/users/environments/adminAction/actionAllows a project administrator to perform an action on all of the environments in a project.
Microsoft.DevCenter/projects/users/environments/adminActionManage/actionAllows an admin to skip, delay etc. environment actions.
Microsoft.DevCenter/projects/users/environments/adminActionRead/actionAllows an admin to read environment actions.
Microsoft.DevCenter/projects/users/environments/adminDelete/actionAllows a project administrator to delete all of the environments in a project.
Microsoft.DevCenter/projects/users/environments/adminOutputsRead/actionAllows an admin to read Output values from environment deployment.
Microsoft.DevCenter/projects/users/environments/adminRead/actionAllows a project administrator to read all of the environments in a project.
Microsoft.DevCenter/projects/users/environments/adminWrite/actionAllows a project administrator to write all of the environments in a project.
Microsoft.DevCenter/projects/users/environments/userDelete/actionAllows a user to delete the environments they have access to in a project.
Microsoft.DevCenter/projects/users/environments/userWrite/actionAllows a user to write the environments they have access to in a project.
NotDataActions n/a
Used in
BuiltIn Policy		 none
JSON
api-version=2022-05-01-preview
Condition none