last sync: 2020-Dec-02 15:37:50 UTC

Azure RBAC Role definition

DevTest Labs User

NameDevTest Labs User
Microsoft docs
Id76283e04-6283-4c54-8f91-bcf1374a3c64
DescriptionLets you connect, start, restart, and shutdown your virtual machines in your Azure DevTest Labs.
CreatedOn2015-06-08 21:52:45 UTC
UpdatedOn2019-05-08 11:27:34 UTC
Historynone
Actions
Operation Description Used in other Roles
Microsoft.Authorization/*/readno description given API Management Service Contributor, API Management Service Operator Role, API Management Service Reader Role , Application Insights Component Contributor, Application Insights Snapshot Debugger, Automation Job Operator, Automation Operator, Automation Runbook Operator, Avere Contributor, Azure Arc Enabled Kubernetes Cluster User Role, Azure Arc Kubernetes Admin, Azure Arc Kubernetes Cluster Admin, Azure Arc Kubernetes Viewer, Azure Arc Kubernetes Writer, Azure Kubernetes Service RBAC Admin, Azure Kubernetes Service RBAC Cluster Admin, Azure Kubernetes Service RBAC Reader, Azure Kubernetes Service RBAC Writer, Azure Sentinel Contributor, Azure Sentinel Reader, Azure Sentinel Responder, Backup Contributor, Backup Operator, Backup Reader, Billing Reader, BizTalk Contributor, Blueprint Contributor, Blueprint Operator, CDN Endpoint Contributor, CDN Endpoint Reader, CDN Profile Contributor, CDN Profile Reader, Classic Network Contributor, Classic Storage Account Contributor, Classic Virtual Machine Contributor, ClearDB MySQL DB Contributor, Cognitive Services Contributor, Collaborative Data Contributor, Cosmos DB Account Reader Role, Cosmos DB Operator, Data Box Contributor, Data Box Reader, Data Factory Contributor, Data Lake Analytics Developer, Device Update Administrator, Device Update Content Administrator, Device Update Content Reader, Device Update Deployments Administrator, Device Update Deployments Reader, Device Update Reader, DNS Zone Contributor, DocumentDB Account Contributor, EventGrid EventSubscription Contributor, EventGrid EventSubscription Reader, HDInsight Cluster Operator, Integration Service Environment Contributor, Integration Service Environment Developer, Intelligent Systems Account Contributor, Key Vault Administrator (preview), Key Vault Certificates Officer (preview), Key Vault Contributor, Key Vault Crypto Officer (preview), Key Vault Reader (preview), Key Vault Secrets Officer (preview), Kubernetes Cluster - Azure Arc Onboarding, Lab Creator, Logic App Contributor, Logic App Operator, Managed Identity Contributor, Managed Identity Operator, Network Contributor, New Relic APM Account Contributor, Private DNS Zone Contributor, Redis Cache Contributor, Scheduler Job Collections Contributor, Search Service Contributor, Security Admin, Security Manager (Legacy), Security Reader, Services Hub Operator, SignalR AccessKey Reader, SignalR Contributor, Site Recovery Contributor, Site Recovery Operator, Site Recovery Reader, SQL DB Contributor, SQL Managed Instance Contributor, SQL Security Manager, SQL Server Contributor, Storage Account Backup Contributor Role, Storage Account Contributor, Support Request Contributor, Tag Contributor, Traffic Manager Contributor, Virtual Machine Contributor, Web Plan Contributor, Website Contributor
Microsoft.Compute/availabilitySets/readGet the properties of an availability set none
Microsoft.Compute/virtualMachines/*/readno description given Virtual Machine Administrator Login, Virtual Machine User Login
Microsoft.Compute/virtualMachines/deallocate/actionPowers off the virtual machine and releases the compute resources none
Microsoft.Compute/virtualMachines/readGet the properties of a virtual machine Avere Operator
Microsoft.Compute/virtualMachines/restart/actionRestarts the virtual machine none
Microsoft.Compute/virtualMachines/start/actionStarts the virtual machine none
Microsoft.DevTestLab/*/readno description given none
Microsoft.DevTestLab/labs/claimAnyVm/actionClaim a random claimable virtual machine in the lab. none
Microsoft.DevTestLab/labs/createEnvironment/actionCreate virtual machines in a lab. none
Microsoft.DevTestLab/labs/ensureCurrentUserProfile/actionEnsure the current user has a valid profile in the lab. none
Microsoft.DevTestLab/labs/formulas/deleteDelete formulas. none
Microsoft.DevTestLab/labs/formulas/readRead formulas. none
Microsoft.DevTestLab/labs/formulas/writeAdd or modify formulas. none
Microsoft.DevTestLab/labs/policySets/evaluatePolicies/actionEvaluates lab policy. none
Microsoft.DevTestLab/labs/virtualMachines/claim/actionTake ownership of an existing virtual machine none
Microsoft.DevTestLab/labs/virtualMachines/getRdpFileContents/actionGets a string that represents the contents of the RDP file for the virtual machine none
Microsoft.DevTestLab/labs/virtualmachines/listApplicableSchedules/actionLists the applicable start/stop schedules, if any. none
Microsoft.Network/loadBalancers/backendAddressPools/join/actionJoins a load balancer backend address pool. Not Alertable. Virtual Machine Contributor
Microsoft.Network/loadBalancers/inboundNatRules/join/actionJoins a load balancer inbound nat rule. Not Alertable. Virtual Machine Contributor
Microsoft.Network/networkInterfaces/*/readno description given none
Microsoft.Network/networkInterfaces/join/actionJoins a Virtual Machine to a network interface. Not Alertable. none
Microsoft.Network/networkInterfaces/readGets a network interface definition. Avere Operator, Virtual Machine Administrator Login, Virtual Machine User Login
Microsoft.Network/networkInterfaces/writeCreates a network interface or updates an existing network interface. Avere Operator
Microsoft.Network/publicIPAddresses/*/readno description given none
Microsoft.Network/publicIPAddresses/join/actionJoins a public ip address. Not Alertable. Virtual Machine Contributor
Microsoft.Network/publicIPAddresses/readGets a public ip address definition. Virtual Machine Administrator Login, Virtual Machine Contributor, Virtual Machine User Login
Microsoft.Network/virtualNetworks/subnets/join/actionJoins a virtual network. Not Alertable. Avere Contributor, Avere Operator, Virtual Machine Contributor
Microsoft.Resources/deployments/operations/readGets or lists deployment operations. Cognitive Services Contributor, Cognitive Services User, HDInsight Cluster Operator , Logic App Operator
Microsoft.Resources/deployments/readGets or lists deployments. none
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups. API Management Service Contributor, API Management Service Operator Role, API Management Service Reader Role , Application Insights Component Contributor, Application Insights Snapshot Debugger, Automation Job Operator, Automation Operator, Automation Runbook Operator, Avere Contributor, Avere Operator, Azure Arc Enabled Kubernetes Cluster User Role, Azure Arc Kubernetes Admin, Azure Arc Kubernetes Cluster Admin, Azure Arc Kubernetes Viewer, Azure Arc Kubernetes Writer, Azure Kubernetes Service RBAC Admin, Azure Kubernetes Service RBAC Cluster Admin, Azure Kubernetes Service RBAC Reader, Azure Kubernetes Service RBAC Writer, Azure Sentinel Contributor, Azure Sentinel Reader, Azure Sentinel Responder, Backup Contributor, Backup Operator, BizTalk Contributor, Blueprint Contributor, Blueprint Operator, CDN Endpoint Contributor, CDN Endpoint Reader, CDN Profile Contributor, CDN Profile Reader, Classic Network Contributor, Classic Storage Account Contributor, Classic Virtual Machine Contributor, ClearDB MySQL DB Contributor, Cognitive Services Contributor, Cognitive Services User, Collaborative Data Contributor, Cosmos DB Account Reader Role, Cosmos DB Operator, Cost Management Contributor, Cost Management Reader, Data Box Contributor, Data Factory Contributor, Data Lake Analytics Developer, Device Update Administrator, Device Update Content Administrator, Device Update Content Reader, Device Update Deployments Administrator, Device Update Deployments Reader, Device Update Reader, DNS Zone Contributor, DocumentDB Account Contributor, EventGrid EventSubscription Contributor, EventGrid EventSubscription Reader, Experimentation Administrator, Experimentation Contributor, HDInsight Cluster Operator, Intelligent Systems Account Contributor, Key Vault Administrator (preview), Key Vault Certificates Officer (preview), Key Vault Contributor, Key Vault Crypto Officer (preview), Key Vault Reader (preview), Key Vault Secrets Officer (preview), Kubernetes Cluster - Azure Arc Onboarding, Lab Creator, Logic App Contributor, Logic App Operator, Managed Identity Contributor, Managed Identity Operator, Monitoring Metrics Publisher, Network Contributor, New Relic APM Account Contributor, Private DNS Zone Contributor, Redis Cache Contributor, Reservation Purchaser, Scheduler Job Collections Contributor, Search Service Contributor, Security Admin, Security Manager (Legacy), Security Reader, Services Hub Operator, SignalR AccessKey Reader, SignalR Contributor, Site Recovery Contributor, Site Recovery Operator, SQL DB Contributor, SQL Managed Instance Contributor, SQL Security Manager, SQL Server Contributor, Storage Account Backup Contributor Role, Storage Account Contributor, Support Request Contributor, Tag Contributor, Traffic Manager Contributor, Virtual Machine Contributor, Web Plan Contributor, Website Contributor
Microsoft.Storage/storageAccounts/listKeys/actionReturns the access keys for the specified storage account. Log Analytics Contributor, Logic App Contributor, Reader and Data Access , Storage Account Key Operator Service Role, Virtual Machine Contributor
NotActions
Operation Description Used in other Roles
Microsoft.Compute/virtualMachines/vmSizes/readLists available sizes the virtual machine can be updated to none
DataActions n/a
NotDataActions n/a
Used in Policy none
Json
{
  "Name": "DevTest Labs User",
  "Id": "76283e04-6283-4c54-8f91-bcf1374a3c64",
  "IsCustom": false,
  "Description": "Lets you connect, start, restart, and shutdown your virtual machines in your Azure DevTest Labs.",
  "Actions": [
    "Microsoft.Authorization/*/read",
    "Microsoft.Compute/availabilitySets/read",
    "Microsoft.Compute/virtualMachines/*/read",
    "Microsoft.Compute/virtualMachines/deallocate/action",
    "Microsoft.Compute/virtualMachines/read",
    "Microsoft.Compute/virtualMachines/restart/action",
    "Microsoft.Compute/virtualMachines/start/action",
    "Microsoft.DevTestLab/*/read",
    "Microsoft.DevTestLab/labs/claimAnyVm/action",
    "Microsoft.DevTestLab/labs/createEnvironment/action",
    "Microsoft.DevTestLab/labs/ensureCurrentUserProfile/action",
    "Microsoft.DevTestLab/labs/formulas/delete",
    "Microsoft.DevTestLab/labs/formulas/read",
    "Microsoft.DevTestLab/labs/formulas/write",
    "Microsoft.DevTestLab/labs/policySets/evaluatePolicies/action",
    "Microsoft.DevTestLab/labs/virtualMachines/claim/action",
    "Microsoft.DevTestLab/labs/virtualmachines/listApplicableSchedules/action",
    "Microsoft.DevTestLab/labs/virtualMachines/getRdpFileContents/action",
    "Microsoft.Network/loadBalancers/backendAddressPools/join/action",
    "Microsoft.Network/loadBalancers/inboundNatRules/join/action",
    "Microsoft.Network/networkInterfaces/*/read",
    "Microsoft.Network/networkInterfaces/join/action",
    "Microsoft.Network/networkInterfaces/read",
    "Microsoft.Network/networkInterfaces/write",
    "Microsoft.Network/publicIPAddresses/*/read",
    "Microsoft.Network/publicIPAddresses/join/action",
    "Microsoft.Network/publicIPAddresses/read",
    "Microsoft.Network/virtualNetworks/subnets/join/action",
    "Microsoft.Resources/deployments/operations/read",
    "Microsoft.Resources/deployments/read",
    "Microsoft.Resources/subscriptions/resourceGroups/read",
    "Microsoft.Storage/storageAccounts/listKeys/action"
  ],
  "NotActions": [
    "Microsoft.Compute/virtualMachines/vmSizes/read"
  ],
  "DataActions": [
    
  ],
  "NotDataActions": [
    
  ],
  "AssignableScopes": [
    "/"
  ]
}