last sync: 2024-May-24 18:02:49 UTC

Disk Snapshot Contributor

Azure BuiltIn RBAC Role definition

NameDisk Snapshot Contributor
Id7efff54f-a5b4-42b5-a1c5-5411624893ce
DescriptionProvides permission to backup vault to manage disk snapshots.
CreatedOn2020-12-15 12:18:51 UTC
UpdatedOn2021-11-11 20:14:56 UTC
History
Date/Time (UTC ymd) (i) Change Change detail
2021-01-06 16:06:44 change: Actions Actions: 'add Microsoft.Storage/storageAccounts/listkeys/action; add Microsoft.Storage/storageAccounts/write; add Microsoft.Storage/storageAccounts/read; add Microsoft.Storage/storageAccounts/delete'
2020-12-18 16:05:51 change: Actions Actions: 'add Microsoft.Compute/snapshots/delete; add Microsoft.Compute/snapshots/write; add Microsoft.Compute/snapshots/read; add Microsoft.Compute/snapshots/beginGetAccess/action; add Microsoft.Compute/snapshots/endGetAccess/action; add Microsoft.Compute/disks/beginGetAccess/action'
2020-12-15 16:36:19 add: Role 7efff54f-a5b4-42b5-a1c5-5411624893ce
Permissions summary Effective control plane and data plane operations: 38 (unique operations)
•action: 4
•delete: 2
•read: 30
•write: 2

Actions: 12
Resolved control plane operations from Actions: 38
Effective control plane operations: 38
•action: 4
•delete: 2
•read: 30
•write: 2

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 15612

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3160
Actions
Operation Description
Microsoft.Authorization/*/readwildcarded / no description
Microsoft.Compute/disks/beginGetAccess/actionGet the SAS URI of the Disk for blob access
Microsoft.Compute/snapshots/beginGetAccess/actionGet the SAS URI of the Snapshot for blob access
Microsoft.Compute/snapshots/deleteDelete a Snapshot
Microsoft.Compute/snapshots/endGetAccess/actionRevoke the SAS URI of the Snapshot
Microsoft.Compute/snapshots/readGet the properties of a Snapshot
Microsoft.Compute/snapshots/writeCreate a new Snapshot or update an existing one
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups.
Microsoft.Storage/storageAccounts/deleteDeletes an existing storage account.
Microsoft.Storage/storageAccounts/listkeys/actionReturns the access keys for the specified storage account.
Microsoft.Storage/storageAccounts/readReturns the list of storage accounts or gets the properties for the specified storage account.
Microsoft.Storage/storageAccounts/writeCreates a storage account with the specified parameters or update the properties or tags or adds custom domain for the specified storage account.
NotActions n/a
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy
none
JSON
api-version=2023-07-01-preview
Condition none