AzRoleAdvertizer

last sync: 2025-Oct-20 17:22:40 UTC

Azure Kubernetes Service Arc Contributor Role

Azure BuiltIn RBAC Role definition

NameAzure Kubernetes Service Arc Contributor Role
Microsoft Learn
Id5d3f1697-4507-4d08-bb4a-477695db5f82
DescriptionGrants access to read and write Azure Kubernetes Services hybrid clusters
CategoryContainers
Microsoft Learn
CreatedOn2024-03-07 00:25:44 UTC
UpdatedOn2025-09-25 18:20:47 UTC
Permissions summary Effective control plane and data plane operations: 37 (unique operations)
•action: 6
•delete: 8
•Read: 14
•write: 9

Actions: 37
Resolved control plane operations from Actions: 37
Effective control plane operations: 37
•action: 6
•delete: 8
•Read: 14
•write: 9

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 17330

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 4077
Actions
Operation Description
Microsoft.AzureStackHCI/clusters/readno description given
Microsoft.ExtendedLocation/customLocations/deploy/actionDeploy permissions to a Custom Location resource
Microsoft.ExtendedLocation/customLocations/readGets an Custom Location resource
Microsoft.HybridContainerService/kubernetesVersions/deleteDelete the kubernetes versions resource type
Microsoft.HybridContainerService/kubernetesVersions/readLists the supported kubernetes versions from the underlying custom location
Microsoft.HybridContainerService/kubernetesVersions/writePuts the kubernetes version resource type
Microsoft.HybridContainerService/Locations/operationStatuses/readread operationStatuses
Microsoft.HybridContainerService/Locations/operationStatuses/writewrite operationStatuses
Microsoft.HybridContainerService/Operations/readread Operations
Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/deleteDeletes the agent pool in the Hybrid AKS provisioned cluster instance
Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/readGets the agent pools in the Hybrid AKS provisioned cluster instance
Microsoft.HybridContainerService/provisionedClusterInstances/agentPools/writeUpdates the agent pool in the Hybrid AKS provisioned cluster instance
Microsoft.HybridContainerService/provisionedClusterInstances/deleteDeletes the Hybrid AKS provisioned cluster instance
Microsoft.HybridContainerService/provisionedClusterInstances/hybridIdentityMetadata/deleteDeletes the hybrid identity metadata proxy resource.
Microsoft.HybridContainerService/provisionedClusterInstances/hybridIdentityMetadata/writeCreates the hybrid identity metadata proxy resource that facilitates the managed identity provisioning.
Microsoft.HybridContainerService/provisionedClusterInstances/readGets the Hybrid AKS provisioned cluster instances associated with the connected cluster
Microsoft.HybridContainerService/provisionedClusterInstances/upgradeProfiles/readread upgradeProfiles
Microsoft.HybridContainerService/provisionedClusterInstances/writeCreates the Hybrid AKS provisioned cluster instance
Microsoft.HybridContainerService/skus/deleteDeletes the Vm Sku resource type
Microsoft.HybridContainerService/skus/readLists the supported VM SKUs from the underlying custom location
Microsoft.HybridContainerService/skus/writePuts the VM SKUs resource type
Microsoft.HybridContainerService/virtualNetworks/deleteDeletes the Hybrid AKS virtual network
Microsoft.HybridContainerService/virtualNetworks/readLists the Hybrid AKS virtual networks by subscription
Microsoft.HybridContainerService/virtualNetworks/writeno description given
Microsoft.Kubernetes/connectedClusters/DeleteDeletes connectedClusters
Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/actionList clusterUser credential
Microsoft.Kubernetes/connectedClusters/ReadRead connectedClusters
Microsoft.Kubernetes/connectedClusters/WriteWrites connectedClusters
Microsoft.Resources/deployments/cancel/actionAnnulla una distribuzione.
Microsoft.Resources/deployments/deleteElimina una distribuzione.
Microsoft.Resources/deployments/exportTemplate/actionEsporta il modello per una distribuzione
Microsoft.Resources/deployments/operations/readOttiene o elenca le operazioni di distribuzione.
Microsoft.Resources/deployments/operationstatuses/readOttiene o elenca gli stati dell'operazione di distribuzione.
Microsoft.Resources/deployments/readOttiene o elenca le distribuzioni.
Microsoft.Resources/deployments/validate/actionValidates a deployment.
Microsoft.Resources/deployments/whatIf/actionPrevede le modifiche della distribuzione modelli.
Microsoft.Resources/deployments/writeCrea o aggiorna una distribuzione.
NotActions n/a
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy		 none
History
Date/Time (UTC ymd) (i) Change Change detail
2025-09-26 17:22:44 change: Actions Actions: 'add Microsoft.HybridContainerService/Locations/operationStatuses/write; add Microsoft.HybridContainerService/provisionedClusterInstances/hybridIdentityMetadata/delete; add Microsoft.HybridContainerService/provisionedClusterInstances/hybridIdentityMetadata/write'
2025-09-18 17:22:45 change: Actions Actions: 'add Microsoft.Resources/deployments/read; add Microsoft.Resources/deployments/write; add Microsoft.Resources/deployments/delete; add Microsoft.Resources/deployments/cancel/action; add Microsoft.Resources/deployments/validate/action; add Microsoft.Resources/deployments/whatIf/action; add Microsoft.Resources/deployments/exportTemplate/action; add Microsoft.Resources/deployments/operations/read; add Microsoft.Resources/deployments/operationstatuses/read'
2024-04-17 17:45:34 change: Actions Actions: 'add Microsoft.AzureStackHCI/clusters/read'
2024-03-08 20:25:26 add: Role 5d3f1697-4507-4d08-bb4a-477695db5f82
JSON
api-version=2023-07-01-preview
Condition none