last sync: 2025-Jul-16 17:22:33 UTC

DevCenter Owner

Azure BuiltIn RBAC Role definition

NameDevCenter Owner
Id4c6569b6-f23e-4295-9b90-bd4cc4ff3292
DescriptionProvides access to manage all Microsoft.DevCenter resources, and to manage access to Microsoft.DevCenter resources by adding or removing role assignments for the DevCenter Project Admin and DevCenter Dev Box roles.
CategoryNone
CreatedOn2025-06-16 15:06:49 UTC
UpdatedOn2025-07-03 17:24:32 UTC
Permissions summary Effective control plane and data plane operations: 124 (unique operations)
•action: 26
•delete: 15
•read: 67
•write: 16

Actions: 6
Resolved control plane operations from Actions: 124
Effective control plane operations: 124
•action: 26
•delete: 15
•read: 67
•write: 16

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 16702

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3571
Actions
Operation Description
Microsoft.Authorization/*/readwildcarded / no description
Microsoft.Authorization/roleAssignments/delete conditionedDelete a role assignment at the specified scope.
Microsoft.Authorization/roleAssignments/write conditionedCreate a role assignment at the specified scope.
Microsoft.DevCenter/*wildcarded / no description
Microsoft.Resources/deployments/*wildcarded / no description
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups.
NotActions n/a
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy
none
History
Date/Time (UTC ymd) (i) Change Change detail
2025-07-04 17:23:19 change: Actions Actions: 'add Microsoft.Authorization/roleAssignments/write; add Microsoft.Authorization/roleAssignments/delete'
2025-06-16 17:23:05 add: Role 4c6569b6-f23e-4295-9b90-bd4cc4ff3292
JSON
api-version=2023-07-01-preview
Condition

    (
        (
            !
            (
                ActionMatches {
                'Microsoft.Authorization/roleAssignments/write'
                }
            )
        )
        OR
        (
            @Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals {
            331c37c6-af14-46d9-b9f4-e1909e1b95a0 (DevCenter Project Admin),
            45d50f46-0b78-4001-a660-4198cbe8cd05 (DevCenter Dev Box User)
            }
        )
    )
    AND
    (
        (
            !
            (
                ActionMatches {
                'Microsoft.Authorization/roleAssignments/delete'
                }
            )
        )
        OR
        (
            @Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals {
            331c37c6-af14-46d9-b9f4-e1909e1b95a0 (DevCenter Project Admin),
            45d50f46-0b78-4001-a660-4198cbe8cd05 (DevCenter Dev Box User)
            }
        )
    )