last sync: 2024-Jul-16 18:17:52 UTC

SQL DB Contributor

Azure BuiltIn RBAC Role definition

NameSQL DB Contributor
Id9b7fa17d-e63e-47b0-bb0a-15c516ac86ec
DescriptionLets you manage SQL databases, but not access to them. Also, you can't manage their security-related policies or their parent SQL servers.
CreatedOn2015-02-02 21:55:09 UTC
UpdatedOn2021-11-11 20:13:53 UTC
History
Date/Time (UTC ymd) (i) Change Change detail
2021-06-10 15:19:34 change: NotActions NotActions: 'add Microsoft.Sql/servers/databases/ledgerDigestUploads/write; add Microsoft.Sql/servers/databases/ledgerDigestUploads/disable/action'
2020-10-20 13:29:34 change: NotActions NotActions: 'remove Microsoft.Sql/servers/databases/auditingPolicies/*; remove Microsoft.Sql/servers/databases/connectionPolicies/*'
Permissions summary Effective control plane and data plane operations: 290 (unique operations)
•: 1
•Action: 31
•Delete: 10
•read: 224
•Write: 24

Actions: 11
Resolved control plane operations from Actions: 327
Effective control plane operations: 290
•: 1
•Action: 31
•Delete: 10
•read: 224
•Write: 24

NotActions: 24
Resolved control plane operations from NotActions: 66
Effective denied control plane operations: 15300

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3217
Actions
Operation Description
Microsoft.Authorization/*/readwildcarded / no description
Microsoft.Insights/alertRules/*wildcarded / no description
Microsoft.Insights/metricDefinitions/readRead metric definitions
Microsoft.Insights/metrics/readRead metrics
Microsoft.ResourceHealth/availabilityStatuses/readGets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*wildcarded / no description
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups.
Microsoft.Sql/locations/*/readwildcarded / no description
Microsoft.Sql/servers/databases/*wildcarded / no description
Microsoft.Sql/servers/readReturn the list of servers or gets the properties for the specified server.
Microsoft.Support/*wildcarded / no description
NotActions
Operation Description
Microsoft.Sql/managedInstances/databases/currentSensitivityLabels/*wildcarded / no description
Microsoft.Sql/managedInstances/databases/recommendedSensitivityLabels/*wildcarded / no description
Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels/*wildcarded / no description
Microsoft.Sql/managedInstances/databases/securityAlertPolicies/*wildcarded / no description
Microsoft.Sql/managedInstances/databases/sensitivityLabels/*wildcarded / no description
Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/*wildcarded / no description
Microsoft.Sql/managedInstances/securityAlertPolicies/*wildcarded / no description
Microsoft.Sql/managedInstances/vulnerabilityAssessments/*wildcarded / no description
Microsoft.Sql/servers/databases/auditingSettings/*wildcarded / no description
Microsoft.Sql/servers/databases/auditRecords/readRetrieve the database blob audit records
Microsoft.Sql/servers/databases/currentSensitivityLabels/*wildcarded / no description
Microsoft.Sql/servers/databases/dataMaskingPolicies/*wildcarded / no description
Microsoft.Sql/servers/databases/extendedAuditingSettings/*wildcarded / no description
Microsoft.Sql/servers/databases/ledgerDigestUploads/disable/actionDisable uploading ledger digests
Microsoft.Sql/servers/databases/ledgerDigestUploads/writeEnable uploading ledger digests
Microsoft.Sql/servers/databases/recommendedSensitivityLabels/*wildcarded / no description
Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels/*wildcarded / no description
Microsoft.Sql/servers/databases/securityAlertPolicies/*wildcarded / no description
Microsoft.Sql/servers/databases/securityMetrics/*wildcarded / no description
Microsoft.Sql/servers/databases/sensitivityLabels/*wildcarded / no description
Microsoft.Sql/servers/databases/vulnerabilityAssessments/*wildcarded / no description
Microsoft.Sql/servers/databases/vulnerabilityAssessmentScans/*wildcarded / no description
Microsoft.Sql/servers/databases/vulnerabilityAssessmentSettings/*wildcarded / no description
Microsoft.Sql/servers/vulnerabilityAssessments/*wildcarded / no description
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy
Policy DisplayName Policy Id Category State
Deploy SQL DB transparent data encryption 86a912f6-9a06-4e26-b447-11b16ba8659f SQL GA
JSON
api-version=2023-07-01-preview
Condition none