AzRoleAdvertizer

last sync: 2025-Apr-29 17:15:48 UTC

DevCenter Project Admin

Azure BuiltIn RBAC Role definition

NameDevCenter Project Admin
Microsoft Learn
Id331c37c6-af14-46d9-b9f4-e1909e1b95a0
DescriptionProvides access to manage project resources.
CategoryDevOps
Microsoft Learn
CreatedOn2022-03-31 23:57:37 UTC
UpdatedOn2024-08-09 20:43:04 UTC
Permissions summary Effective control plane and data plane operations: 95 (unique operations)
•action: 38
•delete: 5
•read: 47
•write: 5

Actions: 4
Resolved control plane operations from Actions: 74
Effective control plane operations: 72
•action: 15
•delete: 5
•read: 47
•write: 5

NotActions: 2
Resolved control plane operations from NotActions: 2
Effective denied control plane operations: 16418

DataActions: 23
Resolved data plane operations: 23
Effective data plane operations: 23
•action: 23

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3348
Actions
Operation Description
Microsoft.Authorization/*/readwildcarded / no description
Microsoft.DevCenter/projects/*wildcarded / no description
Microsoft.Resources/deployments/*wildcarded / no description
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups.
NotActions
Operation Description
Microsoft.DevCenter/projects/deleteDeletes a project resource.
Microsoft.DevCenter/projects/writePartially updates a project.
DataActions
Operation Description
Microsoft.DevCenter/projects/users/devboxes/adminDelete/actionAllows a user to delete any Dev Box resource.
Microsoft.DevCenter/projects/users/devboxes/adminRead/actionAllows a user read access to any Dev Box resource.
Microsoft.DevCenter/projects/users/devboxes/adminStart/actionAllows a user to start any Dev Box resource.
Microsoft.DevCenter/projects/users/devboxes/adminStop/actionAllows a user to stop any Dev Box resource.
Microsoft.DevCenter/projects/users/devboxes/adminWrite/actionAllows a user write access to any Dev Box resource.
Microsoft.DevCenter/projects/users/devboxes/userActionManage/actionAllows a user to skip or delay dev box actions.
Microsoft.DevCenter/projects/users/devboxes/userActionRead/actionAllows a user to read dev box actions.
Microsoft.DevCenter/projects/users/devboxes/userCustomize/actionAllows a user to customize their own Dev Box resources.
Microsoft.DevCenter/projects/users/devboxes/userDelete/actionAllows a user to delete their own Dev Box resources.
Microsoft.DevCenter/projects/users/devboxes/userGetRemoteConnection/actionAllows a user to get the RDP connection information for their own Dev Box resources.
Microsoft.DevCenter/projects/users/devboxes/userRead/actionAllows a user to read their own Dev Box resources.
Microsoft.DevCenter/projects/users/devboxes/userStart/actionAllows a user to start their own Dev Box resources.
Microsoft.DevCenter/projects/users/devboxes/userStop/actionAllows a user to stop their own Dev Box resources.
Microsoft.DevCenter/projects/users/devboxes/userWrite/actionAllows a user to create and update their own Dev Box resources.
Microsoft.DevCenter/projects/users/environments/adminAction/actionAllows a project administrator to perform an action on all of the environments in a project.
Microsoft.DevCenter/projects/users/environments/adminActionManage/actionAllows an admin to skip, delay etc. environment actions.
Microsoft.DevCenter/projects/users/environments/adminActionRead/actionAllows an admin to read environment actions.
Microsoft.DevCenter/projects/users/environments/adminDelete/actionAllows a project administrator to delete all of the environments in a project.
Microsoft.DevCenter/projects/users/environments/adminOutputsRead/actionAllows an admin to read Output values from environment deployment.
Microsoft.DevCenter/projects/users/environments/adminRead/actionAllows a project administrator to read all of the environments in a project.
Microsoft.DevCenter/projects/users/environments/adminWrite/actionAllows a project administrator to write all of the environments in a project.
Microsoft.DevCenter/projects/users/environments/userDelete/actionAllows a user to delete the environments they have access to in a project.
Microsoft.DevCenter/projects/users/environments/userWrite/actionAllows a user to write the environments they have access to in a project.
NotDataActions n/a
Used in
BuiltIn Policy		 none
History
Date/Time (UTC ymd) (i) Change Change detail
2024-08-12 18:17:43 change: DataActions DataActions: 'add Microsoft.DevCenter/projects/users/devboxes/userCustomize/action'
2023-10-17 16:35:42 change: DataActions DataActions: 'add Microsoft.DevCenter/projects/users/environments/adminActionRead/action; add Microsoft.DevCenter/projects/users/environments/adminActionManage/action; add Microsoft.DevCenter/projects/users/environments/adminOutputsRead/action'
2023-06-26 17:52:14 change: DataActions DataActions: 'add Microsoft.DevCenter/projects/users/devboxes/userActionRead/action; add Microsoft.DevCenter/projects/users/devboxes/userActionManage/action'
2023-06-19 17:44:59 change: DataActions DataActions: 'add Microsoft.DevCenter/projects/users/environments/adminWrite/action'
2023-06-09 17:46:24 change: Actions, NotActions, DataActions Actions: 'remove Microsoft.Fidalgo/projects/*',
NotActions: 'remove Microsoft.Fidalgo/projects/write; remove Microsoft.Fidalgo/projects/delete',
DataActions: 'remove Microsoft.Fidalgo/projects/users/virtualMachines/adminStart/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/adminStop/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/adminRead/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/adminWrite/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/adminDelete/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/userStop/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/userStart/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/userGetRdpFileContent/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/userRead/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/userWrite/action; remove Microsoft.Fidalgo/projects/users/virtualMachines/userDelete/action'
2022-10-12 16:34:55 change: DataActions DataActions: 'add Microsoft.DevCenter/projects/users/environments/adminDelete/action'
2022-09-27 16:35:31 change: DataActions DataActions: 'add Microsoft.DevCenter/projects/users/environments/adminRead/action; add Microsoft.DevCenter/projects/users/environments/userWrite/action; add Microsoft.DevCenter/projects/users/environments/userDelete/action; add Microsoft.DevCenter/projects/users/environments/adminAction/action'
2022-07-25 16:32:45 change: Actions, NotActions, DataActions Actions: 'add Microsoft.DevCenter/projects/*',
NotActions: 'add Microsoft.DevCenter/projects/write; add Microsoft.DevCenter/projects/delete',
DataActions: 'add Microsoft.DevCenter/projects/users/devboxes/adminStart/action; add Microsoft.DevCenter/projects/users/devboxes/adminStop/action; add Microsoft.DevCenter/projects/users/devboxes/adminRead/action; add Microsoft.DevCenter/projects/users/devboxes/adminWrite/action; add Microsoft.DevCenter/projects/users/devboxes/adminDelete/action; add Microsoft.DevCenter/projects/users/devboxes/userStop/action; add Microsoft.DevCenter/projects/users/devboxes/userStart/action; add Microsoft.DevCenter/projects/users/devboxes/userGetRemoteConnection/action; add Microsoft.DevCenter/projects/users/devboxes/userRead/action; add Microsoft.DevCenter/projects/users/devboxes/userWrite/action; add Microsoft.DevCenter/projects/users/devboxes/userDelete/action'
2022-04-01 20:29:16 add: Role 331c37c6-af14-46d9-b9f4-e1909e1b95a0
JSON
api-version=2023-07-01-preview
Condition none