AzRoleAdvertizer

last sync: 2025-Apr-29 17:15:48 UTC

Management Group Contributor

Azure BuiltIn RBAC Role definition

Name

Management Group Contributor
Microsoft Learn

5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c

Description

Management Group Contributor Role

Category

Management and governance
Microsoft Learn

CreatedOn

2018-06-22 00:28:29 UTC

UpdatedOn

2022-09-19 15:10:03 UTC

Permissions summary

Effective control plane and data plane operations: 36 (unique operations)
•delete: 2
•read: 32
•write: 2

Actions: 7
Resolved control plane operations from Actions: 36
Effective control plane operations: 36
•delete: 2
•read: 32
•write: 2

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 16454

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3371

Actions

Operation	Description
Microsoft.Authorization/*/read	wildcarded / no description
Microsoft.Management/managementGroups/delete	Delete management group.
Microsoft.Management/managementGroups/read	List management groups for the authenticated user.
Microsoft.Management/managementGroups/subscriptions/delete	De-associates subscription from the management group.
Microsoft.Management/managementGroups/subscriptions/read	Lists subscription under the given management group.
Microsoft.Management/managementGroups/subscriptions/write	Associates existing subscription with the management group.
Microsoft.Management/managementGroups/write	Create or update a management group.

NotActions

n/a

DataActions

n/a

NotDataActions

n/a

Used in
BuiltIn Policy

none

History

Date/Time (UTC ymd) (i)	Change	Change detail
2022-09-19 16:35:35	change: Actions	Actions: 'add Microsoft.Authorization/*/read'

JSON

api-version=2023-07-01-preview

Condition

none