last sync: 2020-Sep-18 14:08:07 UTC

Azure Role

DevTest Labs User

Role Name DevTest Labs User
Role Id 76283e04-6283-4c54-8f91-bcf1374a3c64
Role Description Lets you connect, start, restart, and shutdown your virtual machines in your Azure DevTest Labs.
Role Changes no changes
Actions
Operation Description Used in other Role(s)
Microsoft.Authorization/*/read API Management Service Contributor, API Management Service Operator Role, API Management Service Reader Role , Application Insights Component Contributor, Application Insights Snapshot Debugger, Automation Job Operator, Automation Runbook Operator, Automation Operator, Avere Contributor, Backup Contributor, Billing Reader, Backup Operator, Backup Reader, BizTalk Contributor, CDN Endpoint Contributor, CDN Endpoint Reader, CDN Profile Contributor, CDN Profile Reader, Classic Network Contributor, Classic Storage Account Contributor, ClearDB MySQL DB Contributor, Classic Virtual Machine Contributor, Cognitive Services Contributor, Cosmos DB Account Reader Role, Data Box Contributor, Data Box Reader, Data Factory Contributor, Data Lake Analytics Developer, DocumentDB Account Contributor, DNS Zone Contributor, EventGrid EventSubscription Contributor, EventGrid EventSubscription Reader, Intelligent Systems Account Contributor, Key Vault Contributor, Lab Creator, Logic App Operator, Logic App Contributor, Managed Identity Operator, Managed Identity Contributor, Network Contributor, New Relic APM Account Contributor, Redis Cache Contributor, Scheduler Job Collections Contributor, Search Service Contributor, Security Admin, Security Manager (Legacy), Security Reader, Site Recovery Contributor, Site Recovery Operator, Site Recovery Reader, SQL Managed Instance Contributor, SQL DB Contributor, SQL Security Manager, Storage Account Contributor, SQL Server Contributor, Support Request Contributor, Traffic Manager Contributor, Virtual Machine Contributor, Web Plan Contributor, Website Contributor, HDInsight Cluster Operator, Cosmos DB Operator, Private DNS Zone Contributor, Blueprint Contributor, Blueprint Operator, Azure Sentinel Contributor, Azure Sentinel Responder, Azure Sentinel Reader, SignalR AccessKey Reader, SignalR Contributor, Kubernetes Cluster - Azure Arc Onboarding, Tag Contributor, Integration Service Environment Developer, Integration Service Environment Contributor, Marketplace Admin, Key Vault Administrator (preview), Key Vault Crypto Officer (preview), Key Vault Secrets Officer (preview), Key Vault Certificates Officer (preview), Key Vault Reader (preview), Azure Arc Kubernetes Viewer, Azure Arc Kubernetes Writer, Azure Arc Kubernetes Cluster Admin, Azure Arc Kubernetes Admin, Azure Kubernetes Service RBAC Cluster Admin, Azure Kubernetes Service RBAC Admin, Azure Kubernetes Service RBAC Reader, Azure Kubernetes Service RBAC Writer, Azure Arc Enabled Kubernetes Cluster User Role, Collaborative Data Contributor, Device Update Reader, Device Update Administrator, Device Update Content Administrator, Device Update Deployments Administrator, Device Update Deployments Reader, Device Update Content Reader
Microsoft.Compute/availabilitySets/read Get the properties of an availability set
Microsoft.Compute/virtualMachines/*/read Virtual Machine Administrator Login, Virtual Machine User Login
Microsoft.Compute/virtualMachines/deallocate/action Powers off the virtual machine and releases the compute resources
Microsoft.Compute/virtualMachines/read Get the properties of a virtual machine Avere Operator
Microsoft.Compute/virtualMachines/restart/action Restarts the virtual machine
Microsoft.Compute/virtualMachines/start/action Starts the virtual machine
Microsoft.DevTestLab/*/read
Microsoft.DevTestLab/labs/claimAnyVm/action Claim a random claimable virtual machine in the lab.
Microsoft.DevTestLab/labs/createEnvironment/action Create virtual machines in a lab.
Microsoft.DevTestLab/labs/ensureCurrentUserProfile/action Ensure the current user has a valid profile in the lab.
Microsoft.DevTestLab/labs/formulas/delete Delete formulas.
Microsoft.DevTestLab/labs/formulas/read Read formulas.
Microsoft.DevTestLab/labs/formulas/write Add or modify formulas.
Microsoft.DevTestLab/labs/policySets/evaluatePolicies/action Evaluates lab policy.
Microsoft.DevTestLab/labs/virtualMachines/claim/action Take ownership of an existing virtual machine
Microsoft.DevTestLab/labs/virtualmachines/listApplicableSchedules/action Lists the applicable start/stop schedules, if any.
Microsoft.DevTestLab/labs/virtualMachines/getRdpFileContents/action Gets a string that represents the contents of the RDP file for the virtual machine
Microsoft.Network/loadBalancers/backendAddressPools/join/action Joins a load balancer backend address pool. Not Alertable. Virtual Machine Contributor
Microsoft.Network/loadBalancers/inboundNatRules/join/action Joins a load balancer inbound nat rule. Not Alertable. Virtual Machine Contributor
Microsoft.Network/networkInterfaces/*/read
Microsoft.Network/networkInterfaces/join/action Joins a Virtual Machine to a network interface. Not Alertable.
Microsoft.Network/networkInterfaces/read Gets a network interface definition. Avere Operator, Virtual Machine Administrator Login, Virtual Machine User Login
Microsoft.Network/networkInterfaces/write Creates a network interface or updates an existing network interface. Avere Operator
Microsoft.Network/publicIPAddresses/*/read
Microsoft.Network/publicIPAddresses/join/action Joins a public ip address. Not Alertable. Virtual Machine Contributor
Microsoft.Network/publicIPAddresses/read Gets a public ip address definition. Virtual Machine Administrator Login, Virtual Machine User Login, Virtual Machine Contributor
Microsoft.Network/virtualNetworks/subnets/join/action Joins a virtual network. Not Alertable. Avere Contributor, Avere Operator, Virtual Machine Contributor
Microsoft.Resources/deployments/operations/read Gets or lists deployment operations. Cognitive Services User, Cognitive Services Contributor, Logic App Operator , HDInsight Cluster Operator
Microsoft.Resources/deployments/read Gets or lists deployments.
Microsoft.Resources/subscriptions/resourceGroups/read Gets or lists resource groups. API Management Service Contributor, API Management Service Operator Role, API Management Service Reader Role , Application Insights Component Contributor, Application Insights Snapshot Debugger, Automation Job Operator, Automation Runbook Operator, Automation Operator, Avere Contributor, Avere Operator, Backup Contributor, Backup Operator, BizTalk Contributor, CDN Endpoint Contributor, CDN Endpoint Reader, CDN Profile Contributor, CDN Profile Reader, Classic Network Contributor, Classic Storage Account Contributor, ClearDB MySQL DB Contributor, Classic Virtual Machine Contributor, Cognitive Services User, Cognitive Services Contributor, Cosmos DB Account Reader Role, Cost Management Contributor, Cost Management Reader, Data Box Contributor, Data Factory Contributor, Data Lake Analytics Developer, DocumentDB Account Contributor, DNS Zone Contributor, EventGrid EventSubscription Contributor, EventGrid EventSubscription Reader, Intelligent Systems Account Contributor, Key Vault Contributor, Lab Creator, Logic App Operator, Logic App Contributor, Managed Identity Operator, Managed Identity Contributor, Monitoring Metrics Publisher, Network Contributor, New Relic APM Account Contributor, Redis Cache Contributor, Scheduler Job Collections Contributor, Search Service Contributor, Security Admin, Security Manager (Legacy), Security Reader, Site Recovery Contributor, Site Recovery Operator, SQL Managed Instance Contributor, SQL DB Contributor, SQL Security Manager, Storage Account Contributor, SQL Server Contributor, Support Request Contributor, Traffic Manager Contributor, Virtual Machine Contributor, Web Plan Contributor, Website Contributor, HDInsight Cluster Operator, Cosmos DB Operator, Private DNS Zone Contributor, Blueprint Contributor, Blueprint Operator, Azure Sentinel Contributor, Azure Sentinel Responder, Azure Sentinel Reader, SignalR AccessKey Reader, SignalR Contributor, Kubernetes Cluster - Azure Arc Onboarding, Experimentation Contributor, Experimentation Administrator, Tag Contributor, Key Vault Administrator (preview), Key Vault Crypto Officer (preview), Key Vault Secrets Officer (preview), Key Vault Certificates Officer (preview), Key Vault Reader (preview), Azure Arc Kubernetes Viewer, Azure Arc Kubernetes Writer, Azure Arc Kubernetes Cluster Admin, Azure Arc Kubernetes Admin, Azure Kubernetes Service RBAC Cluster Admin, Azure Kubernetes Service RBAC Admin, Azure Kubernetes Service RBAC Reader, Azure Kubernetes Service RBAC Writer, Azure Arc Enabled Kubernetes Cluster User Role, Collaborative Data Contributor, Device Update Reader, Device Update Administrator, Device Update Content Administrator, Device Update Deployments Administrator, Device Update Deployments Reader, Device Update Content Reader
Microsoft.Storage/storageAccounts/listKeys/action Returns the access keys for the specified storage account. Log Analytics Contributor, Logic App Contributor, Reader and Data Access , Storage Account Key Operator Service Role, Virtual Machine Contributor
NotActions
Operation Description Used in other Role(s)
Microsoft.Compute/virtualMachines/vmSizes/read Lists available sizes the virtual machine can be updated to
DataActions
NotDataActions
Used in Policy
Role Definition (Json)
{
  "Name": "DevTest Labs User",
  "Id": "76283e04-6283-4c54-8f91-bcf1374a3c64",
  "IsCustom": false,
  "Description": "Lets you connect, start, restart, and shutdown your virtual machines in your Azure DevTest Labs.",
  "Actions": [
    "Microsoft.Authorization/*/read",
    "Microsoft.Compute/availabilitySets/read",
    "Microsoft.Compute/virtualMachines/*/read",
    "Microsoft.Compute/virtualMachines/deallocate/action",
    "Microsoft.Compute/virtualMachines/read",
    "Microsoft.Compute/virtualMachines/restart/action",
    "Microsoft.Compute/virtualMachines/start/action",
    "Microsoft.DevTestLab/*/read",
    "Microsoft.DevTestLab/labs/claimAnyVm/action",
    "Microsoft.DevTestLab/labs/createEnvironment/action",
    "Microsoft.DevTestLab/labs/ensureCurrentUserProfile/action",
    "Microsoft.DevTestLab/labs/formulas/delete",
    "Microsoft.DevTestLab/labs/formulas/read",
    "Microsoft.DevTestLab/labs/formulas/write",
    "Microsoft.DevTestLab/labs/policySets/evaluatePolicies/action",
    "Microsoft.DevTestLab/labs/virtualMachines/claim/action",
    "Microsoft.DevTestLab/labs/virtualmachines/listApplicableSchedules/action",
    "Microsoft.DevTestLab/labs/virtualMachines/getRdpFileContents/action",
    "Microsoft.Network/loadBalancers/backendAddressPools/join/action",
    "Microsoft.Network/loadBalancers/inboundNatRules/join/action",
    "Microsoft.Network/networkInterfaces/*/read",
    "Microsoft.Network/networkInterfaces/join/action",
    "Microsoft.Network/networkInterfaces/read",
    "Microsoft.Network/networkInterfaces/write",
    "Microsoft.Network/publicIPAddresses/*/read",
    "Microsoft.Network/publicIPAddresses/join/action",
    "Microsoft.Network/publicIPAddresses/read",
    "Microsoft.Network/virtualNetworks/subnets/join/action",
    "Microsoft.Resources/deployments/operations/read",
    "Microsoft.Resources/deployments/read",
    "Microsoft.Resources/subscriptions/resourceGroups/read",
    "Microsoft.Storage/storageAccounts/listKeys/action"
  ],
  "NotActions": [
    "Microsoft.Compute/virtualMachines/vmSizes/read"
  ],
  "DataActions": [
    
  ],
  "NotDataActions": [
    
  ],
  "AssignableScopes": [
    "/"
  ]
}