AzRoleAdvertizer

last sync: 2025-Aug-11 17:27:29 UTC

Azure Stack HCI Device Management Role

Azure BuiltIn RBAC Role definition

NameAzure Stack HCI Device Management Role
Microsoft Learn
Id865ae368-6a45-4bd1-8fbf-0d5151f56fc1
DescriptionMicrosoft.AzureStackHCI Device Management Role
CategoryHybrid + multicloud
Microsoft Learn
CreatedOn2023-10-10 15:19:13 UTC
UpdatedOn2025-02-11 16:14:17 UTC
Permissions summary Effective control plane and data plane operations: 70 (unique operations)
•Action: 15
•Delete: 11
•read: 30
•Write: 14

Actions: 36
Resolved control plane operations from Actions: 70
Effective control plane operations: 70
•Action: 15
•Delete: 11
•read: 30
•Write: 14

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 16957

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3583
Actions
Operation Description
Microsoft.Authorization/roleassignments/readGet information about a role assignment.
Microsoft.AzureStackHCI/Clusters/*wildcarded / no description
Microsoft.AzureStackHCI/DevicePools/*/readwildcarded / no description
Microsoft.AzureStackHCI/EdgeDevices/*wildcarded / no description
Microsoft.AzureStackHCI/EdgeMachines/*/readwildcarded / no description
Microsoft.AzureStackHCI/Register/Actionno description given
Microsoft.AzureStackHCI/StorageContainers/ReadGets/Lists storage containers resource
Microsoft.AzureStackHCI/StorageContainers/WriteCreates/Updates storage containers resource
Microsoft.ExtendedLocation/customLocations/deleteDeletes Custom Location resource
Microsoft.ExtendedLocation/customLocations/deploy/actionDeploy permissions to a Custom Location resource
Microsoft.ExtendedLocation/customLocations/readGets an Custom Location resource
Microsoft.ExtendedLocation/customLocations/writeCreates or Updates Custom Location resource
Microsoft.GuestConfiguration/guestConfigurationAssignments/readGet guest configuration assignment.
Microsoft.HybridContainerService/kubernetesVersions/readLists the supported kubernetes versions from the underlying custom location
Microsoft.HybridContainerService/kubernetesVersions/writePuts the kubernetes version resource type
Microsoft.HybridContainerService/register/actionRegister the subscription for Microsoft.HybridContainerService
Microsoft.HybridContainerService/skus/readLists the supported VM SKUs from the underlying custom location
Microsoft.HybridContainerService/skus/writePuts the VM SKUs resource type
Microsoft.KubernetesConfiguration/extensions/deleteDeletes extension instance resource.
Microsoft.KubernetesConfiguration/extensions/operations/readGets Async Operation status.
Microsoft.KubernetesConfiguration/extensions/readGets extension instance resource.
Microsoft.KubernetesConfiguration/extensions/writeCreates or updates extension resource.
Microsoft.KubernetesConfiguration/namespaces/readGet Namespace Resource
Microsoft.KubernetesConfiguration/operations/readGets available operations of the Microsoft.KubernetesConfiguration resource provider.
Microsoft.ResourceConnector/appliances/deleteDeletes Appliance resource
Microsoft.ResourceConnector/appliances/listClusterUserCredential/actionGet an appliance cluster user credential
Microsoft.ResourceConnector/appliances/listKeys/actionGet an appliance cluster customer user keys
Microsoft.ResourceConnector/appliances/readGets an Appliance resource
Microsoft.ResourceConnector/appliances/upgradeGraphs/readGets the upgrade graph of Appliance cluster
Microsoft.ResourceConnector/appliances/writeCreates or Updates Appliance resource
Microsoft.ResourceConnector/locations/operationresults/readGet result of Appliance operation
Microsoft.ResourceConnector/locations/operationsstatus/readGet result of Appliance operation
Microsoft.ResourceConnector/operations/readGets list of Available Operations for Appliances
Microsoft.ResourceConnector/telemetryconfig/readGet Appliances telemetry config utilized by Appliances CLI
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups.
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups.
NotActions n/a
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy		 none
History
Date/Time (UTC ymd) (i) Change Change detail
2025-02-11 20:59:11 change: Actions Actions: 'add Microsoft.AzureStackHCI/DevicePools/*/read; add Microsoft.AzureStackHCI/EdgeMachines/*/read; add Microsoft.HybridContainerService/register/action; add Microsoft.HybridContainerService/kubernetesVersions/read; add Microsoft.HybridContainerService/kubernetesVersions/write; add Microsoft.HybridContainerService/skus/read; add Microsoft.HybridContainerService/skus/write; add Microsoft.Authorization/roleassignments/read; add Microsoft.AzureStackHCI/StorageContainers/Write; add Microsoft.AzureStackHCI/StorageContainers/Read; add Microsoft.AzureStackHCI/Register/Action; add Microsoft.GuestConfiguration/guestConfigurationAssignments/read; add Microsoft.KubernetesConfiguration/extensions/write; add Microsoft.KubernetesConfiguration/extensions/read; add Microsoft.KubernetesConfiguration/extensions/delete; add Microsoft.KubernetesConfiguration/extensions/operations/read; add Microsoft.KubernetesConfiguration/namespaces/read; add Microsoft.KubernetesConfiguration/operations/read; add Microsoft.ResourceConnector/appliances/read; add Microsoft.ResourceConnector/appliances/write; add Microsoft.ResourceConnector/appliances/delete; add Microsoft.ResourceConnector/locations/operationresults/read; add Microsoft.ResourceConnector/locations/operationsstatus/read; add Microsoft.ResourceConnector/appliances/listClusterUserCredential/action; add Microsoft.ResourceConnector/appliances/listKeys/action; add Microsoft.ResourceConnector/appliances/upgradeGraphs/read; add Microsoft.ResourceConnector/telemetryconfig/read; add Microsoft.ResourceConnector/operations/read; add Microsoft.ExtendedLocation/customLocations/deploy/action; add Microsoft.ExtendedLocation/customLocations/read; add Microsoft.ExtendedLocation/customLocations/write; add Microsoft.ExtendedLocation/customLocations/delete'
2023-10-30 19:02:12 change: Actions Actions: 'add Microsoft.Resources/subscriptions/resourceGroups/read'
2023-10-17 16:35:42 add: Role 865ae368-6a45-4bd1-8fbf-0d5151f56fc1
JSON
api-version=2023-07-01-preview
 
{9 items
  • roleName: "Azure Stack HCI Device Management Role",
  • type: "BuiltInRole",
  • description: "Microsoft.AzureStackHCI Device Management Role",
  • assignableScopes: [1 item
    • "/"
    ],
  • permissions: [1 item
    • {4 items
      • actions: [36 items
        • "Microsoft.AzureStackHCI/Clusters/*",
        • "Microsoft.AzureStackHCI/EdgeDevices/*",
        • "Microsoft.AzureStackHCI/DevicePools/*/read",
        • "Microsoft.AzureStackHCI/EdgeMachines/*/read",
        • "Microsoft.Resources/subscriptions/resourceGroups/read",
        • "Microsoft.HybridContainerService/register/action",
        • "Microsoft.HybridContainerService/kubernetesVersions/read",
        • "Microsoft.HybridContainerService/kubernetesVersions/write",
        • "Microsoft.HybridContainerService/skus/read",
        • "Microsoft.HybridContainerService/skus/write",
        • "Microsoft.Authorization/roleassignments/read",
        • "Microsoft.Resources/subscriptions/resourceGroups/read",
        • "Microsoft.AzureStackHCI/StorageContainers/Write",
        • "Microsoft.AzureStackHCI/StorageContainers/Read",
        • "Microsoft.AzureStackHCI/Register/Action",
        • "Microsoft.GuestConfiguration/guestConfigurationAssignments/read",
        • "Microsoft.KubernetesConfiguration/extensions/write",
        • "Microsoft.KubernetesConfiguration/extensions/read",
        • "Microsoft.KubernetesConfiguration/extensions/delete",
        • "Microsoft.KubernetesConfiguration/extensions/operations/read",
        • "Microsoft.KubernetesConfiguration/namespaces/read",
        • "Microsoft.KubernetesConfiguration/operations/read",
        • "Microsoft.ResourceConnector/appliances/read",
        • "Microsoft.ResourceConnector/appliances/write",
        • "Microsoft.ResourceConnector/appliances/delete",
        • "Microsoft.ResourceConnector/locations/operationresults/read",
        • "Microsoft.ResourceConnector/locations/operationsstatus/read",
        • "Microsoft.ResourceConnector/appliances/listClusterUserCredential/action",
        • "Microsoft.ResourceConnector/appliances/listKeys/action",
        • "Microsoft.ResourceConnector/appliances/upgradeGraphs/read",
        • "Microsoft.ResourceConnector/telemetryconfig/read",
        • "Microsoft.ResourceConnector/operations/read",
        • "Microsoft.ExtendedLocation/customLocations/deploy/action",
        • "Microsoft.ExtendedLocation/customLocations/read",
        • "Microsoft.ExtendedLocation/customLocations/write",
        • "Microsoft.ExtendedLocation/customLocations/delete"
        ],
      • notActions: [],
      • dataActions: [],
      • notDataActions: []
      }
    ],
  • createdOn: "2023-10-10T15:19:13.4820522Z",
  • updatedOn: "2025-02-11T16:14:17.6124295Z",
  • createdBy: null,
  • updatedBy: null
}
Condition none