AzRoleAdvertizer

last sync: 2025-Oct-23 17:22:49 UTC

Secrets Store Extension Owner

Azure BuiltIn RBAC Role definition

NameSecrets Store Extension Owner
Id5c227a58-cff3-4b51-9fa3-51bdafb6ca55
DescriptionRead, create and modify secretsync and secretproviderclass objects. Register and deregister the provider from the subscription.
CategoryNone
CreatedOn2025-05-01 11:14:17 UTC
UpdatedOn2025-05-01 11:14:17 UTC
Permissions summary Effective control plane and data plane operations: 60 (unique operations)
•: 1
•Action: 9
•Delete: 4
•read: 41
•Write: 5

Actions: 15
Resolved control plane operations from Actions: 60
Effective control plane operations: 60
•: 1
•Action: 9
•Delete: 4
•read: 41
•Write: 5

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 17316

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 4081
Actions
Operation Description
Microsoft.Authorization/*/readwildcarded / no description
Microsoft.Insights/alertRules/*wildcarded / no description
Microsoft.Resources/deployments/*wildcarded / no description
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups.
Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/deleteDeletes an AzureKeyVaultSecretProviderClass instance.
Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/readGets the properties of an AzureKeyVaultSecretProviderClass instance.
Microsoft.SecretSyncController/azureKeyVaultSecretProviderClasses/writeUpdates an AzureKeyVaultSecretProviderClass instance.
Microsoft.SecretSyncController/locations/operationStatuses/readread operationStatuses
Microsoft.SecretSyncController/locations/operationStatuses/writewrite operationStatuses
Microsoft.SecretSyncController/operations/readread operations
Microsoft.SecretSyncController/register/actionRegister the subscription for Microsoft.SecretSyncController
Microsoft.SecretSyncController/secretSyncs/deleteDeletes a SecretSync instance.
Microsoft.SecretSyncController/secretSyncs/readGets the properties of a SecretSync instance.
Microsoft.SecretSyncController/secretSyncs/writeUpdates a SecretSync instance.
Microsoft.SecretSyncController/unregister/actionUnregister the subscription for Microsoft.SecretSyncController
NotActions n/a
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy		 none
History
Date/Time (UTC ymd) (i) Change Change detail
2025-05-01 19:36:20 add: Role 5c227a58-cff3-4b51-9fa3-51bdafb6ca55
JSON
api-version=2023-07-01-preview
Condition none