AzRoleAdvertizer

last sync: 2025-May-30 17:23:17 UTC

Storage File Delegator

Azure BuiltIn RBAC Role definition

Name

Storage File Delegator

765a04e0-5de8-4bb2-9bf6-b2a30bc03e91

Description

Allows for generation of a user delegation key, which can then be used to create a shared access signature for a file or Azure file share that is signed with Entra ID credentials.

Category

None

CreatedOn

2025-05-22 21:44:23 UTC

UpdatedOn

2025-05-22 21:44:23 UTC

Permissions summary

Effective control plane and data plane operations: 1 (unique operations)
•action: 1

Actions: 1
Resolved control plane operations from Actions: 1
Effective control plane operations: 1
•action: 1

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 16582

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3558

Actions

Operation	Description
Microsoft.Storage/storageAccounts/fileServices/generateUserDelegationKey/action	Returns a user delegation key for the file service

NotActions

n/a

DataActions

n/a

NotDataActions

n/a

Used in
BuiltIn Policy

none

History

Date/Time (UTC ymd) (i)	Change	Change detail
2025-05-23 18:27:00	add: Role	765a04e0-5de8-4bb2-9bf6-b2a30bc03e91

JSON

api-version=2023-07-01-preview

Condition

none