Az
Role
Advertizer
Show Menu
Hide Menu
Home
Policy
Changes
All
Policy rules
Initiative
Changes
All
Alias
Changes
All
Compliance
aggregated
byPolicy
RBAC Role
Changes
All
ResProvOps
Other
last sync: 2023-Jun-07 17:44:45 UTC
Azure RBAC Role definition
Network Contributor
All Azure RBAC Role definitions
Changes on Azure RBAC Role definitions
Name
Network Contributor
Microsoft docs
Id
4d97b98b-1d4f-4787-a291-c67834d212e7
Description
Lets you manage networks, but not access to them.
CreatedOn
2015-06-02 00:18:27 UTC
UpdatedOn
2021-11-11 20:13:44 UTC
History
none
Actions
Operation
Description
Used in other Roles
Microsoft.Authorization/*/read
no description given
API Management Service Contributor
,
API Management Service Operator Role
,
API Management Service Reader Role
179
,
API Management Service Workspace API Developer
,
API Management Service Workspace API Product Manager
,
API Management Workspace API Developer
,
API Management Workspace API Product Manager
,
API Management Workspace Contributor
,
API Management Workspace Reader
,
Application Group Contributor
,
Application Insights Component Contributor
,
Application Insights Snapshot Debugger
,
Automation Contributor
,
Automation Job Operator
,
Automation Operator
,
Automation Runbook Operator
,
Autonomous Development Platform Data Contributor (Preview)
,
Autonomous Development Platform Data Owner (Preview)
,
Autonomous Development Platform Data Reader (Preview)
,
Avere Contributor
,
Azure Arc Enabled Kubernetes Cluster User Role
,
Azure Arc Kubernetes Admin
,
Azure Arc Kubernetes Cluster Admin
,
Azure Arc Kubernetes Viewer
,
Azure Arc Kubernetes Writer
,
Azure Arc ScVmm Administrator role
,
Azure Arc ScVmm Private Cloud User
,
Azure Arc ScVmm Private Clouds Onboarding
,
Azure Arc ScVmm VM Contributor
,
Azure Arc VMware Administrator role
,
Azure Arc VMware Private Cloud User
,
Azure Arc VMware Private Clouds Onboarding
,
Azure Arc VMware VM Contributor
,
Azure Center for SAP solutions administrator
,
Azure Center for SAP solutions reader
,
Azure Kubernetes Fleet Manager RBAC Admin
,
Azure Kubernetes Fleet Manager RBAC Cluster Admin
,
Azure Kubernetes Fleet Manager RBAC Reader
,
Azure Kubernetes Fleet Manager RBAC Writer
,
Azure Kubernetes Service RBAC Admin
,
Azure Kubernetes Service RBAC Cluster Admin
,
Azure Kubernetes Service RBAC Reader
,
Azure Kubernetes Service RBAC Writer
,
Azure Maps Contributor
,
Azure Sphere Contributor
,
Azure Sphere Publisher
,
Azure Sphere Reader
,
Azure VM Managed identities restore Contributor
,
Backup Contributor
,
Backup Operator
,
Backup Reader
,
Billing Reader
,
BizTalk Contributor
,
Blueprint Contributor
,
Blueprint Operator
,
CDN Endpoint Contributor
,
CDN Endpoint Reader
,
CDN Profile Contributor
,
CDN Profile Reader
,
Chamber Admin
,
Chamber User
,
Classic Network Contributor
,
Classic Storage Account Contributor
,
Classic Virtual Machine Contributor
,
ClearDB MySQL DB Contributor
,
Code Signing Certificate Profile Signer
,
Cognitive Services Contributor
,
Collaborative Data Contributor
,
Collaborative Runtime Operator
,
ContainerApp Reader
,
Cosmos DB Account Reader Role
,
Cosmos DB Operator
,
Data Box Contributor
,
Data Box Reader
,
Data Factory Contributor
,
Data Lake Analytics Developer
,
Deployment Environments User
,
Desktop Virtualization Application Group Contributor
,
Desktop Virtualization Application Group Reader
,
Desktop Virtualization Contributor
,
Desktop Virtualization Host Pool Contributor
,
Desktop Virtualization Host Pool Reader
,
Desktop Virtualization Power On Contributor
,
Desktop Virtualization Power On Off Contributor
,
Desktop Virtualization Reader
,
Desktop Virtualization Session Host Operator
,
Desktop Virtualization User Session Operator
,
Desktop Virtualization Virtual Machine Contributor
,
Desktop Virtualization Workspace Contributor
,
Desktop Virtualization Workspace Reader
,
DevCenter Dev Box User
,
DevCenter Project Admin
,
Device Update Administrator
,
Device Update Content Administrator
,
Device Update Content Reader
,
Device Update Deployments Administrator
,
Device Update Deployments Reader
,
Device Update Reader
,
DevTest Labs User
,
Disk Backup Reader
,
Disk Pool Operator
,
Disk Restore Operator
,
Disk Snapshot Contributor
,
DNS Resolver Contributor
,
DNS Zone Contributor
,
DocumentDB Account Contributor
,
Domain Services Contributor
,
Domain Services Reader
,
Elastic SAN Owner
,
EventGrid Contributor
,
EventGrid Data Sender
,
EventGrid EventSubscription Contributor
,
EventGrid EventSubscription Reader
,
HDInsight Cluster Operator
,
Integration Service Environment Contributor
,
Integration Service Environment Developer
,
Intelligent Systems Account Contributor
,
Key Vault Administrator
,
Key Vault Certificates Officer
,
Key Vault Contributor
,
Key Vault Crypto Officer
,
Key Vault Reader
,
Key Vault Secrets Officer
,
Kubernetes Cluster - Azure Arc Onboarding
,
Kubernetes Extension Contributor
,
Lab Assistant
,
Lab Contributor
,
Lab Creator
,
Lab Operator
,
Lab Services Contributor
,
Lab Services Reader
,
Load Test Contributor
,
Load Test Owner
,
Load Test Reader
,
LocalNGFirewallAdministrator role
,
LocalRulestacksAdministrator role
,
Logic App Contributor
,
Logic App Operator
,
Managed Identity Contributor
,
Managed Identity Operator
,
Management Group Contributor
,
Management Group Reader
,
Media Services Account Administrator
,
Media Services Live Events Administrator
,
Media Services Media Operator
,
Media Services Policy Administrator
,
Media Services Streaming Endpoints Administrator
,
Microsoft Sentinel Automation Contributor
,
Microsoft Sentinel Contributor
,
Microsoft Sentinel Reader
,
Microsoft Sentinel Responder
,
New Relic APM Account Contributor
,
PlayFab Contributor
,
PlayFab Reader
,
Private DNS Zone Contributor
,
Quota Request Operator
,
Redis Cache Contributor
,
Scheduler Job Collections Contributor
,
Search Service Contributor
,
Security Admin
,
Security Manager (Legacy)
,
Security Reader
,
Services Hub Operator
,
SignalR AccessKey Reader
,
SignalR/Web PubSub Contributor
,
Site Recovery Contributor
,
Site Recovery Operator
,
Site Recovery Reader
,
SQL DB Contributor
,
SQL Managed Instance Contributor
,
SQL Security Manager
,
SQL Server Contributor
,
Storage Account Backup Contributor
,
Storage Account Contributor
,
Support Request Contributor
,
Tag Contributor
,
Template Spec Contributor
,
Traffic Manager Contributor
,
Virtual Machine Contributor
,
Web Plan Contributor
,
Website Contributor
,
Windows365SubscriptionReader
Microsoft.Insights/alertRules/*
no description given
API Management Service Contributor
,
API Management Service Operator Role
,
API Management Service Reader Role
106
,
Application Group Contributor
,
Application Insights Component Contributor
,
Application Insights Snapshot Debugger
,
Automation Job Operator
,
Automation Operator
,
Automation Runbook Operator
,
Avere Contributor
,
Azure Arc Enabled Kubernetes Cluster User Role
,
Azure Arc Kubernetes Admin
,
Azure Arc Kubernetes Cluster Admin
,
Azure Arc Kubernetes Viewer
,
Azure Arc Kubernetes Writer
,
Azure Center for SAP solutions administrator
,
Azure Center for SAP solutions reader
,
Azure Sphere Contributor
,
BizTalk Contributor
,
CDN Endpoint Contributor
,
CDN Endpoint Reader
,
CDN Profile Contributor
,
CDN Profile Reader
,
Classic Network Contributor
,
Classic Storage Account Contributor
,
Classic Virtual Machine Contributor
,
ClearDB MySQL DB Contributor
,
Cognitive Services Contributor
,
Collaborative Data Contributor
,
Collaborative Runtime Operator
,
ContainerApp Reader
,
Cosmos DB Operator
,
Data Factory Contributor
,
Data Lake Analytics Developer
,
Desktop Virtualization Application Group Contributor
,
Desktop Virtualization Contributor
,
Desktop Virtualization Host Pool Contributor
,
Desktop Virtualization Power On Contributor
,
Desktop Virtualization Power On Off Contributor
,
Desktop Virtualization Session Host Operator
,
Desktop Virtualization User Session Operator
,
Desktop Virtualization Virtual Machine Contributor
,
Desktop Virtualization Workspace Contributor
,
Device Update Administrator
,
Device Update Content Administrator
,
Device Update Content Reader
,
Device Update Deployments Administrator
,
Device Update Deployments Reader
,
Device Update Reader
,
Disk Pool Operator
,
DNS Resolver Contributor
,
DNS Zone Contributor
,
DocumentDB Account Contributor
,
EventGrid Contributor
,
EventGrid EventSubscription Contributor
,
HDInsight Cluster Operator
,
Intelligent Systems Account Contributor
,
Key Vault Administrator
,
Key Vault Certificates Officer
,
Key Vault Contributor
,
Key Vault Crypto Officer
,
Key Vault Reader
,
Key Vault Secrets Officer
,
Kubernetes Cluster - Azure Arc Onboarding
,
Kubernetes Extension Contributor
,
Lab Assistant
,
Lab Contributor
,
Lab Creator
,
Lab Operator
,
Lab Services Contributor
,
Load Test Contributor
,
Load Test Owner
,
Load Test Reader
,
LocalNGFirewallAdministrator role
,
LocalRulestacksAdministrator role
,
Log Analytics Contributor
,
Logic App Contributor
,
Managed Identity Contributor
,
Managed Identity Operator
,
Media Services Account Administrator
,
Media Services Live Events Administrator
,
Media Services Media Operator
,
Media Services Policy Administrator
,
Media Services Streaming Endpoints Administrator
,
Microsoft Sentinel Contributor
,
Microsoft Sentinel Reader
,
Microsoft Sentinel Responder
,
Monitoring Contributor
,
New Relic APM Account Contributor
,
Private DNS Zone Contributor
,
Quota Request Operator
,
Redis Cache Contributor
,
Scheduler Job Collections Contributor
,
Search Service Contributor
,
Security Admin
,
Security Manager (Legacy)
,
SignalR/Web PubSub Contributor
,
Site Recovery Contributor
,
Site Recovery Operator
,
SQL DB Contributor
,
SQL Managed Instance Contributor
,
SQL Security Manager
,
SQL Server Contributor
,
Storage Account Contributor
,
Tag Contributor
,
Traffic Manager Contributor
,
Virtual Machine Contributor
,
Web Plan Contributor
,
Website Contributor
Microsoft.Network/*
no description given
none
Microsoft.ResourceHealth/availabilityStatuses/read
Gets the availability statuses for all resources in the specified scope
API Management Service Contributor
,
API Management Service Operator Role
,
API Management Service Reader Role
52
,
Application Insights Component Contributor
,
Automation Operator
,
Azure Arc ScVmm Administrator role
,
Azure Arc ScVmm Private Cloud User
,
Azure Arc ScVmm Private Clouds Onboarding
,
Azure Arc ScVmm VM Contributor
,
Azure Arc VMware Administrator role
,
Azure Arc VMware Private Cloud User
,
Azure Arc VMware Private Clouds Onboarding
,
Azure Arc VMware VM Contributor
,
Azure Center for SAP solutions administrator
,
Azure Center for SAP solutions reader
,
BizTalk Contributor
,
Classic Network Contributor
,
Classic Storage Account Contributor
,
Classic Virtual Machine Contributor
,
ClearDB MySQL DB Contributor
,
Cognitive Services Contributor
,
Cognitive Services User
,
Cosmos DB Operator
,
Data Box Contributor
,
Data Box Reader
,
Data Factory Contributor
,
Data Lake Analytics Developer
,
DNS Zone Contributor
,
DocumentDB Account Contributor
,
Elastic SAN Owner
,
Elastic SAN Reader
,
Intelligent Systems Account Contributor
,
LocalNGFirewallAdministrator role
,
LocalRulestacksAdministrator role
,
Media Services Account Administrator
,
Media Services Live Events Administrator
,
Media Services Media Operator
,
Media Services Policy Administrator
,
Media Services Streaming Endpoints Administrator
,
New Relic APM Account Contributor
,
Redis Cache Contributor
,
Scheduler Job Collections Contributor
,
Search Service Contributor
,
Security Manager (Legacy)
,
Site Recovery Contributor
,
Site Recovery Operator
,
SQL DB Contributor
,
SQL Managed Instance Contributor
,
SQL Security Manager
,
SQL Server Contributor
,
Storage Account Contributor
,
Traffic Manager Contributor
,
Virtual Machine Contributor
,
Web Plan Contributor
,
Website Contributor
Microsoft.Resources/deployments/*
no description given
API Management Service Contributor
,
API Management Service Operator Role
,
API Management Service Reader Role
123
,
Application Group Contributor
,
Application Insights Component Contributor
,
Application Insights Snapshot Debugger
,
Automation Contributor
,
Automation Job Operator
,
Automation Operator
,
Automation Runbook Operator
,
Avere Contributor
,
Azure Center for SAP solutions administrator
,
Azure Center for SAP solutions reader
,
Azure Center for SAP solutions service role
,
Azure Connected Machine Resource Administrator
,
Azure Kubernetes Fleet Manager Contributor Role
,
Azure Kubernetes Service Contributor Role
,
Azure Kubernetes Service Policy Add-on Deployment
,
Azure Maps Contributor
,
Azure Sphere Contributor
,
Backup Contributor
,
Backup Operator
,
BizTalk Contributor
,
Blueprint Contributor
,
Blueprint Operator
,
CDN Endpoint Contributor
,
CDN Endpoint Reader
,
CDN Profile Contributor
,
CDN Profile Reader
,
Chamber Admin
,
Chamber User
,
Classic Network Contributor
,
Classic Storage Account Contributor
,
Classic Virtual Machine Contributor
,
ClearDB MySQL DB Contributor
,
Code Signing Certificate Profile Signer
,
Cognitive Services Contributor
,
Collaborative Data Contributor
,
Collaborative Runtime Operator
,
ContainerApp Reader
,
Cosmos DB Operator
,
Data Box Contributor
,
Data Factory Contributor
,
Data Lake Analytics Developer
,
Desktop Virtualization Application Group Contributor
,
Desktop Virtualization Contributor
,
Desktop Virtualization Host Pool Contributor
,
Desktop Virtualization Power On Contributor
,
Desktop Virtualization Power On Off Contributor
,
Desktop Virtualization Session Host Operator
,
Desktop Virtualization User Session Operator
,
Desktop Virtualization Virtual Machine Contributor
,
Desktop Virtualization Workspace Contributor
,
DevCenter Project Admin
,
Device Update Administrator
,
Device Update Content Administrator
,
Device Update Content Reader
,
Device Update Deployments Administrator
,
Device Update Deployments Reader
,
Device Update Reader
,
Disk Pool Operator
,
DNS Resolver Contributor
,
DNS Zone Contributor
,
DocumentDB Account Contributor
,
Elastic SAN Owner
,
EventGrid Contributor
,
EventGrid EventSubscription Contributor
,
Guest Configuration Resource Contributor
,
Intelligent Systems Account Contributor
,
Key Vault Administrator
,
Key Vault Certificates Officer
,
Key Vault Contributor
,
Key Vault Crypto Officer
,
Key Vault Reader
,
Key Vault Secrets Officer
,
Kubernetes Extension Contributor
,
Lab Assistant
,
Lab Contributor
,
Lab Creator
,
Lab Operator
,
Lab Services Contributor
,
Lab Services Reader
,
Load Test Contributor
,
Load Test Owner
,
Load Test Reader
,
LocalNGFirewallAdministrator role
,
LocalRulestacksAdministrator role
,
Log Analytics Contributor
,
Logic App Contributor
,
Managed Application Contributor Role
,
Managed Applications Reader
,
Managed Identity Contributor
,
Managed Identity Operator
,
Media Services Account Administrator
,
Media Services Live Events Administrator
,
Media Services Media Operator
,
Media Services Policy Administrator
,
Media Services Streaming Endpoints Administrator
,
Microsoft Sentinel Contributor
,
Microsoft Sentinel Reader
,
Microsoft Sentinel Responder
,
New Relic APM Account Contributor
,
PlayFab Contributor
,
Private DNS Zone Contributor
,
Quota Request Operator
,
Redis Cache Contributor
,
Resource Policy Contributor
,
Scheduler Job Collections Contributor
,
Search Service Contributor
,
Security Admin
,
Security Manager (Legacy)
,
Services Hub Operator
,
SignalR/Web PubSub Contributor
,
Site Recovery Contributor
,
Site Recovery Operator
,
SQL DB Contributor
,
SQL Managed Instance Contributor
,
SQL Security Manager
,
SQL Server Contributor
,
Storage Account Contributor
,
Tag Contributor
,
Template Spec Contributor
,
Traffic Manager Contributor
,
Virtual Machine Contributor
,
Web Plan Contributor
,
Website Contributor
Microsoft.Resources/subscriptions/resourceGroups/read
Gets or lists resource groups.
API Management Service Contributor
,
API Management Service Operator Role
,
API Management Service Reader Role
180
,
App Compliance Automation Administrator
,
Application Group Contributor
,
Application Insights Component Contributor
,
Application Insights Snapshot Debugger
,
Automation Contributor
,
Automation Job Operator
,
Automation Operator
,
Automation Runbook Operator
,
Autonomous Development Platform Data Contributor (Preview)
,
Autonomous Development Platform Data Owner (Preview)
,
Autonomous Development Platform Data Reader (Preview)
,
Avere Contributor
,
Avere Operator
,
Azure Arc Enabled Kubernetes Cluster User Role
,
Azure Arc Kubernetes Admin
,
Azure Arc Kubernetes Cluster Admin
,
Azure Arc Kubernetes Viewer
,
Azure Arc Kubernetes Writer
,
Azure Arc ScVmm Administrator role
,
Azure Arc ScVmm Private Cloud User
,
Azure Arc ScVmm Private Clouds Onboarding
,
Azure Arc ScVmm VM Contributor
,
Azure Arc VMware Administrator role
,
Azure Arc VMware Private Cloud User
,
Azure Arc VMware Private Clouds Onboarding
,
Azure Arc VMware VM Contributor
,
Azure Center for SAP solutions administrator
,
Azure Center for SAP solutions reader
,
Azure Center for SAP solutions service role
,
Azure Front Door Domain Contributor
,
Azure Front Door Domain Reader
,
Azure Front Door Secret Contributor
,
Azure Front Door Secret Reader
,
Azure Kubernetes Fleet Manager RBAC Admin
,
Azure Kubernetes Fleet Manager RBAC Cluster Admin
,
Azure Kubernetes Fleet Manager RBAC Reader
,
Azure Kubernetes Fleet Manager RBAC Writer
,
Azure Kubernetes Service RBAC Admin
,
Azure Kubernetes Service RBAC Cluster Admin
,
Azure Kubernetes Service RBAC Reader
,
Azure Kubernetes Service RBAC Writer
,
Azure Maps Contributor
,
Azure Sphere Contributor
,
Azure Sphere Publisher
,
Azure Sphere Reader
,
Azure Stack HCI registration role
,
Backup Contributor
,
Backup Operator
,
BizTalk Contributor
,
Blueprint Contributor
,
Blueprint Operator
,
CDN Endpoint Contributor
,
CDN Endpoint Reader
,
CDN Profile Contributor
,
CDN Profile Reader
,
Chamber Admin
,
Chamber User
,
Classic Network Contributor
,
Classic Storage Account Contributor
,
Classic Virtual Machine Contributor
,
ClearDB MySQL DB Contributor
,
Code Signing Certificate Profile Signer
,
Cognitive Services Contributor
,
Cognitive Services User
,
Collaborative Data Contributor
,
Collaborative Runtime Operator
,
ContainerApp Reader
,
Cosmos DB Account Reader Role
,
Cosmos DB Operator
,
Cost Management Contributor
,
Cost Management Reader
,
Data Box Contributor
,
Data Factory Contributor
,
Data Lake Analytics Developer
,
Deployment Environments User
,
Desktop Virtualization Application Group Contributor
,
Desktop Virtualization Application Group Reader
,
Desktop Virtualization Contributor
,
Desktop Virtualization Host Pool Contributor
,
Desktop Virtualization Host Pool Reader
,
Desktop Virtualization Power On Contributor
,
Desktop Virtualization Power On Off Contributor
,
Desktop Virtualization Reader
,
Desktop Virtualization Session Host Operator
,
Desktop Virtualization User Session Operator
,
Desktop Virtualization Virtual Machine Contributor
,
Desktop Virtualization Workspace Contributor
,
Desktop Virtualization Workspace Reader
,
DevCenter Dev Box User
,
DevCenter Project Admin
,
Device Update Administrator
,
Device Update Content Administrator
,
Device Update Content Reader
,
Device Update Deployments Administrator
,
Device Update Deployments Reader
,
Device Update Reader
,
DevTest Labs User
,
Disk Pool Operator
,
Disk Restore Operator
,
Disk Snapshot Contributor
,
DNS Resolver Contributor
,
DNS Zone Contributor
,
DocumentDB Account Contributor
,
Domain Services Contributor
,
Domain Services Reader
,
Elastic SAN Owner
,
Elastic SAN Reader
,
EventGrid Contributor
,
EventGrid Data Sender
,
EventGrid EventSubscription Contributor
,
EventGrid EventSubscription Reader
,
Experimentation Administrator
,
Experimentation Contributor
,
HDInsight Cluster Operator
,
Intelligent Systems Account Contributor
,
Key Vault Administrator
,
Key Vault Certificates Officer
,
Key Vault Contributor
,
Key Vault Crypto Officer
,
Key Vault Reader
,
Key Vault Secrets Officer
,
Kubernetes Cluster - Azure Arc Onboarding
,
Kubernetes Extension Contributor
,
Lab Assistant
,
Lab Contributor
,
Lab Creator
,
Lab Operator
,
Lab Services Contributor
,
Lab Services Reader
,
Load Test Contributor
,
Load Test Owner
,
Load Test Reader
,
LocalNGFirewallAdministrator role
,
LocalRulestacksAdministrator role
,
Logic App Contributor
,
Logic App Operator
,
Managed Identity Contributor
,
Managed Identity Operator
,
Media Services Account Administrator
,
Media Services Live Events Administrator
,
Media Services Media Operator
,
Media Services Policy Administrator
,
Media Services Streaming Endpoints Administrator
,
Microsoft Sentinel Contributor
,
Microsoft Sentinel Reader
,
Microsoft Sentinel Responder
,
Monitoring Metrics Publisher
,
MySQL Backup And Export Operator
,
New Relic APM Account Contributor
,
PlayFab Contributor
,
PlayFab Reader
,
Private DNS Zone Contributor
,
Quota Request Operator
,
Redis Cache Contributor
,
Reservation Purchaser
,
SaaS Hub Contributor
,
Scheduler Job Collections Contributor
,
Search Service Contributor
,
Security Admin
,
Security Manager (Legacy)
,
Security Reader
,
Services Hub Operator
,
SignalR AccessKey Reader
,
SignalR/Web PubSub Contributor
,
Site Recovery Contributor
,
Site Recovery Operator
,
SQL DB Contributor
,
SQL Managed Instance Contributor
,
SQL Security Manager
,
SQL Server Contributor
,
Storage Account Backup Contributor
,
Storage Account Contributor
,
Support Request Contributor
,
Tag Contributor
,
Template Spec Contributor
,
Traffic Manager Contributor
,
Virtual Machine Contributor
,
Web Plan Contributor
,
Website Contributor
,
Windows365NetworkInterfaceContributor
Microsoft.Support/*
no description given
API Management Service Contributor
,
API Management Service Operator Role
,
API Management Service Reader Role
112
,
Application Group Contributor
,
Application Insights Component Contributor
,
Application Insights Snapshot Debugger
,
Automation Contributor
,
Automation Job Operator
,
Automation Operator
,
Automation Runbook Operator
,
Avere Contributor
,
Azure Arc Enabled Kubernetes Cluster User Role
,
Azure Arc Kubernetes Admin
,
Azure Arc Kubernetes Cluster Admin
,
Azure Arc Kubernetes Viewer
,
Azure Arc Kubernetes Writer
,
Backup Contributor
,
Backup Operator
,
Billing Reader
,
BizTalk Contributor
,
Blueprint Contributor
,
Blueprint Operator
,
CDN Endpoint Contributor
,
CDN Endpoint Reader
,
CDN Profile Contributor
,
CDN Profile Reader
,
Classic Network Contributor
,
Classic Storage Account Contributor
,
Classic Virtual Machine Contributor
,
ClearDB MySQL DB Contributor
,
Cognitive Services Contributor
,
Cognitive Services User
,
Collaborative Data Contributor
,
Collaborative Runtime Operator
,
Cosmos DB Account Reader Role
,
Cosmos DB Operator
,
Cost Management Contributor
,
Cost Management Reader
,
Data Box Contributor
,
Data Box Reader
,
Data Factory Contributor
,
Data Lake Analytics Developer
,
Desktop Virtualization Application Group Contributor
,
Desktop Virtualization Application Group Reader
,
Desktop Virtualization Contributor
,
Desktop Virtualization Host Pool Contributor
,
Desktop Virtualization Host Pool Reader
,
Desktop Virtualization Reader
,
Desktop Virtualization Session Host Operator
,
Desktop Virtualization User Session Operator
,
Desktop Virtualization Workspace Contributor
,
Desktop Virtualization Workspace Reader
,
Device Update Administrator
,
Device Update Content Administrator
,
Device Update Content Reader
,
Device Update Deployments Administrator
,
Device Update Deployments Reader
,
Device Update Reader
,
DNS Zone Contributor
,
DocumentDB Account Contributor
,
EventGrid Contributor
,
EventGrid EventSubscription Contributor
,
HDInsight Cluster Operator
,
Integration Service Environment Contributor
,
Integration Service Environment Developer
,
Intelligent Systems Account Contributor
,
Key Vault Administrator
,
Key Vault Certificates Officer
,
Key Vault Contributor
,
Key Vault Crypto Officer
,
Key Vault Reader
,
Key Vault Secrets Officer
,
Kubernetes Cluster - Azure Arc Onboarding
,
Lab Creator
,
LocalNGFirewallAdministrator role
,
LocalRulestacksAdministrator role
,
Log Analytics Contributor
,
Log Analytics Reader
,
Logic App Contributor
,
Logic App Operator
,
Managed Identity Contributor
,
Managed Identity Operator
,
Microsoft Sentinel Contributor
,
Microsoft Sentinel Reader
,
Microsoft Sentinel Responder
,
Monitoring Contributor
,
Monitoring Metrics Publisher
,
Monitoring Reader
,
New Relic APM Account Contributor
,
Private DNS Zone Contributor
,
Quota Request Operator
,
Redis Cache Contributor
,
Resource Policy Contributor
,
Role Based Access Control Administrator (Preview)
,
Scheduler Job Collections Contributor
,
Search Service Contributor
,
Security Admin
,
Security Manager (Legacy)
,
SignalR AccessKey Reader
,
SignalR/Web PubSub Contributor
,
Site Recovery Contributor
,
Site Recovery Operator
,
Site Recovery Reader
,
SQL DB Contributor
,
SQL Managed Instance Contributor
,
SQL Security Manager
,
SQL Server Contributor
,
Storage Account Contributor
,
Support Request Contributor
,
Tag Contributor
,
Traffic Manager Contributor
,
User Access Administrator
,
Virtual Machine Contributor
,
Web Plan Contributor
,
Website Contributor
NotActions
n/a
DataActions
n/a
NotDataActions
n/a
Used in Policy
Policy DisplayName
Policy Id
Category
State
[Preview]: Configure Azure Key Vault Managed HSM with private endpoints
d1d6d8bb-cc7c-420f-8c7d-6f6f5279a844
Key Vault
Preview
[Preview]: Configure Azure Recovery Services vaults to use private DNS zones
942bd215-1a66-44be-af65-6a1c0318dbe2
Site Recovery
Preview
[Preview]: Configure private endpoints on Azure Recovery Services vaults
e95a8a5c-0987-421f-84ab-df4d88ebf7d1
Site Recovery
Preview
[Preview]: Configure Recovery Services vaults to use private DNS zones for backup
af783da1-4ad1-42be-800d-d19c70038820
Backup
Preview
[Preview]: Configure Recovery Services vaults to use private endpoints for backup
8015d6ed-3641-4534-8d0b-5c67b67ff7de
Backup
Preview
Configure a private DNS Zone ID for blob groupID
75973700-529f-4de2-b794-fb9b6781b6b0
Storage
GA
Configure a private DNS Zone ID for blob_secondary groupID
d847d34b-9337-4e2d-99a5-767e5ac9c582
Storage
GA
Configure a private DNS Zone ID for dfs groupID
83c6fe0f-2316-444a-99a1-1ecd8a7872ca
Storage
GA
Configure a private DNS Zone ID for dfs_secondary groupID
90bd4cb3-9f59-45f7-a6ca-f69db2726671
Storage
GA
Configure a private DNS Zone ID for file groupID
6df98d03-368a-4438-8730-a93c4d7693d6
Storage
GA
Configure a private DNS Zone ID for queue groupID
bcff79fb-2b0d-47c9-97e5-3023479b00d1
Storage
GA
Configure a private DNS Zone ID for queue_secondary groupID
da9b4ae8-5ddc-48c5-b9c0-25f8abf7a3d6
Storage
GA
Configure a private DNS Zone ID for table groupID
028bbd88-e9b5-461f-9424-a1b63a7bee1a
Storage
GA
Configure a private DNS Zone ID for table_secondary groupID
c1d634a5-f73d-4cdd-889f-2cc7006eb47f
Storage
GA
Configure a private DNS Zone ID for web groupID
9adab2a5-05ba-4fbd-831a-5bf958d04218
Storage
GA
Configure a private DNS Zone ID for web_secondary groupID
d19ae5f1-b303-4b82-9ca8-7682749faf0c
Storage
GA
Configure App Service apps to use private DNS zones
b318f84a-b872-429b-ac6d-a01b96814452
App Service
GA
Configure Azure Arc Private Link Scopes to use private DNS zones
55c4db33-97b0-437b-8469-c4f4498f5df9
Azure Arc
GA
Configure Azure Arc Private Link Scopes with private endpoints
d6eeba80-df61-4de5-8772-bc1b7852ba6b
Azure Arc
GA
Configure Azure Automation accounts with private DNS zones
6dd01e4f-1be1-4e80-9d0b-d109e04cb064
Automation
GA
Configure Azure Cache for Redis to use private DNS zones
e016b22b-e0eb-436d-8fd7-160c4eaed6e2
Cache
GA
Configure Azure Cognitive Search services to disable public network access
9cee519f-d9c1-4fd9-9f79-24ec3449ed30
Search
GA
Configure Azure Cognitive Search services to use private DNS zones
fbc14a67-53e4-4932-abcc-2049c6706009
Search
GA
Configure Azure Cognitive Search services with private endpoints
b698b005-b660-4837-b833-a7aaab26ddba
Search
GA
Configure Azure Data Explorer clusters with private endpoints
a47272e1-1d5d-4b0b-b366-4873f1432fe0
Azure Data Explorer
GA
Configure Azure Databricks workspace to use private DNS zones
0eddd7f3-3d9b-4927-a07a-806e8ac9486c
Azure Databricks
GA
Configure Azure Device Update for IoT Hub accounts to use private DNS zones
a222b93a-e6c2-4c01-817f-21e092455b2a
Internet of Things
GA
Configure Azure Device Update for IoT Hub accounts with private endpoint
5b9d063f-c5fd-4750-a489-1258d1fefcbf
Internet of Things
GA
Configure Azure File Sync to use private DNS zones
06695360-db88-47f6-b976-7500d4297475
Storage
GA
Configure Azure HDInsight clusters to use private DNS zones
43d6e3bd-fc6a-4b44-8b4d-2151d8736a11
HDInsight
GA
Configure Azure Key Vaults to use private DNS zones
ac673a9a-f77d-4846-b2d8-a57f8e1c01d4
Key Vault
GA
Configure Azure Key Vaults with private endpoints
9d4fad1f-5189-4a42-b29e-cf7929c6b6df
Key Vault
GA
Configure Azure Machine Learning workspace to use private DNS zones
ee40564d-486e-4f68-a5ca-7a621edae0fb
Machine Learning
GA
Configure Azure Machine Learning workspaces with private endpoints
7838fd83-5cbb-4b5d-888c-bfa240972597
Machine Learning
GA
Configure Azure Managed Grafana workspaces to use private DNS zones
4c8537f8-cd1b-49ec-b704-18e82a42fd58
Managed Grafana
GA
Configure Azure Media Services to use private DNS zones
b4a7f6c1-585e-4177-ad5b-c2c93f4bb991
Media Services
GA
Configure Azure Media Services with private endpoints
c5632066-946d-4766-9544-cd79bcc1286e
Media Services
GA
Configure Azure Migrate resources to use private DNS zones
7590a335-57cf-4c95-babd-ecbc8fafeb1f
Migrate
GA
Configure Azure Monitor Private Link Scope to use private DNS zones
437914ee-c176-4fff-8986-7e05eb971365
Monitoring
GA
Configure Azure SQL Server to enable private endpoint connections
8e8ca470-d980-4831-99e6-dc70d9f6af87
SQL
GA
Configure Azure Synapse workspaces to use private DNS zones
1e5ed725-f16c-478b-bd4b-7bfa2f7940b9
Synapse
GA
Configure Azure Virtual Desktop hostpool resources to use private DNS zones
9427df23-0f42-4e1e-bf99-a6133d841c4a
Desktop Virtualization
GA
Configure Azure Virtual Desktop workspace resources to use private DNS zones
34804460-d88b-4922-a7ca-537165e060ed
Desktop Virtualization
GA
Configure Azure Web PubSub Service to use private DNS zones
0b026355-49cb-467b-8ac4-f777874e175a
Web PubSub
GA
Configure Azure Web PubSub Service with private endpoints
1b9c0b58-fc7b-42c8-8010-cdfa1d1b8544
Web PubSub
GA
Configure BotService resources to use private DNS zones
6a4e6f44-f2af-4082-9702-033c9e88b9f8
Bot Service
GA
Configure BotService resources with private endpoints
29261f8e-efdb-4255-95b8-8215414515d6
Bot Service
GA
Configure Cognitive Services accounts to use private DNS zones
c4bc6f10-cb41-49eb-b000-d5ab82e2a091
Cognitive Services
GA
Configure Cognitive Services accounts with private endpoints
db630ad5-52e9-4f4d-9c44-53912fe40053
Cognitive Services
GA
Configure Container registries to use private DNS zones
e9585a95-5b8c-4d03-b193-dc7eb5ac4c32
Container Registry
GA
Configure CosmosDB accounts to use private DNS zones
a63cc0bd-cda4-4178-b705-37dc439d3e0f
Cosmos DB
GA
Configure disk access resources to use private DNS zones
bc05b96c-0b36-4ca9-82f0-5c53f96ce05a
Compute
GA
Configure Event Hub namespaces to use private DNS zones
ed66d4f5-8220-45dc-ab4a-20d1749c74e6
Event Hub
GA
Configure Event Hub namespaces with private endpoints
91678b7c-d721-4fc5-b179-3cdf74e96b1c
Event Hub
GA
Configure private DNS zones for private endpoints connected to App Configuration
7a860e27-9ca2-4fc6-822d-c2d248c300df
App Configuration
GA
Configure private DNS zones for private endpoints that connect to Azure Data Factory
86cd96e1-1745-420d-94d4-d3f2fe415aa4
Data Factory
GA
Configure private endpoint connections on Azure Automation accounts
c0c3130e-7dda-4187-aed0-ee4a472eaa60
Automation
GA
Configure private endpoints for Data factories
496ca26b-f669-4322-a1ad-06b7b5e41882
Data Factory
GA
Configure private endpoints to Azure SignalR Service
ef45854f-b33f-49a3-8041-9057e915d88f
SignalR
GA
Configure Private Link for Azure AD to use private DNS zones
7e4301f9-5f32-4738-ad9f-7ec2d15563ad
Azure Active Directory
GA
Configure Service Bus namespaces to use private DNS zones
f0fcf93c-c063-4071-9668-c47474bd3564
Service Bus
GA
Configure Service Bus namespaces with private endpoints
7d890f7f-100c-473d-baa1-2777e2266535
Service Bus
GA
Configure Storage account to use a private link connection
9f766f00-8d11-464e-80e1-4091d7874074
Storage
GA
Deploy - Configure Azure Event Grid domains to use private DNS zones
d389df0a-e0d7-4607-833c-75a6fdac2c2d
Event Grid
GA
Deploy - Configure Azure Event Grid domains with private endpoints
36f4658a-848a-467b-881c-e6fa20cf75fc
Event Grid
GA
Deploy - Configure Azure Event Grid topics to use private DNS zones
baf19753-7502-405f-8745-370519b20483
Event Grid
GA
Deploy - Configure Azure Event Grid topics with private endpoints
6fcec95c-fbdf-45e8-91e1-e3175d9c9eca
Event Grid
GA
Deploy - Configure Azure IoT Hubs to use private DNS zones
c99ce9c1-ced7-4c3e-aca0-10e69ce0cb02
Internet of Things
GA
Deploy - Configure Azure IoT Hubs with private endpoints
bf684997-3909-404e-929c-d4a38ed23b2e
Internet of Things
GA
Deploy - Configure IoT Central to use private DNS zones
d627d7c6-ded5-481a-8f2e-7e16b1e6faf6
Internet of Things
GA
Deploy - Configure IoT Central with private endpoints
c854b0f0-02d0-4f94-9b42-fd175fbd4d49
Internet of Things
GA
Deploy - Configure private DNS zones for private endpoints connect to Azure SignalR Service
b0e86710-7fb7-4a6c-a064-32e9b829509e
SignalR
GA
Deploy - Configure private DNS zones for private endpoints that connect to Batch accounts
4ec38ebc-381f-45ee-81a4-acbc4be878f8
Batch
GA
Deploy network watcher when virtual networks are created
a9b99dd8-06c5-4317-8629-9d86a3c6e7d9
Network
GA
Virtual networks should be protected by Azure DDoS Protection Standard
94de2ad3-e0c1-4caf-ad78-5d47bbc83d3d
Network
GA
JSON
Copy definition