last sync: 2025-Jul-25 17:39:33 UTC

Azure Sphere Contributor

Azure BuiltIn RBAC Role definition

NameAzure Sphere Contributor
Id8b9dfcab-4b77-4632-a6df-94bd07820648
DescriptionAllows user read and write access to Azure Sphere resources.
CategoryNone
CreatedOn2023-05-01 15:11:52 UTC
UpdatedOn2023-05-05 22:39:42 UTC
Permissions summary Effective control plane and data plane operations: 89 (unique operations)
•action: 22
•delete: 9
•read: 48
•write: 10

Actions: 7
Resolved control plane operations from Actions: 89
Effective control plane operations: 89
•action: 22
•delete: 9
•read: 48
•write: 10

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 16789

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3579
Actions
Operation Description
Microsoft.Authorization/*/readwildcarded / no description
Microsoft.AzureSphere/*wildcarded / no description
Microsoft.Insights/alertRules/*wildcarded / no description
Microsoft.Insights/DiagnosticSettings/*wildcarded / no description
Microsoft.Insights/DiagnosticSettingsCategories/ReadRead diagnostic settings categories
Microsoft.Resources/deployments/*wildcarded / no description
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups.
NotActions n/a
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy
none
History
Date/Time (UTC ymd) (i) Change Change detail
2023-05-08 17:44:42 change: Actions Actions: 'add Microsoft.Authorization/*/read; add Microsoft.Resources/deployments/*; add Microsoft.Resources/subscriptions/resourceGroups/read; add Microsoft.Insights/alertRules/*; add Microsoft.Insights/DiagnosticSettings/*; add Microsoft.Insights/DiagnosticSettingsCategories/Read'
2023-05-02 17:41:10 add: Role 8b9dfcab-4b77-4632-a6df-94bd07820648
JSON
api-version=2023-07-01-preview
{9 items
  • roleName: "Azure Sphere Contributor",
  • type: "BuiltInRole",
  • description: "Allows user read and write access to Azure Sphere resources.",
  • assignableScopes: [1 item
    • "/"
    ],
  • permissions: [1 item
    • {4 items
      • actions: [7 items
        • "Microsoft.AzureSphere/*",
        • "Microsoft.Authorization/*/read",
        • "Microsoft.Resources/deployments/*",
        • "Microsoft.Resources/subscriptions/resourceGroups/read",
        • "Microsoft.Insights/alertRules/*",
        • "Microsoft.Insights/DiagnosticSettings/*",
        • "Microsoft.Insights/DiagnosticSettingsCategories/Read"
        ],
      • notActions: [],
      • dataActions: [],
      • notDataActions: []
      }
    ],
  • createdOn: "2023-05-01T15:11:52.6370946Z",
  • updatedOn: "2023-05-05T22:39:42.6328063Z",
  • createdBy: null,
  • updatedBy: null
}
Condition none