last sync: 2024-Oct-10 19:11:36 UTC

Key Vault Certificates Officer

Azure BuiltIn RBAC Role definition

NameKey Vault Certificates Officer
Ida4417e6f-fecd-4de8-b567-7b0420556985
DescriptionPerform any action on the certificates of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model.
CreatedOn2020-05-19 17:52:47 UTC
UpdatedOn2023-06-09 18:51:51 UTC
History
Date/Time (UTC ymd) (i) Change Change detail
2023-06-12 17:45:13 change: DisplayName, DataActions New DisplayName: 'Key Vault Certificates Officer'
Old DisplayName: 'Key Vault Certificates Officer (preview)',
DataActions: 'add Microsoft.KeyVault/vaults/certificatecontacts/write'
2020-05-19 20:42:36 add: Role a4417e6f-fecd-4de8-b567-7b0420556985
Permissions summary Effective control plane and data plane operations: 87 (unique operations)
•: 1
•Action: 17
•Delete: 4
•read: 60
•Write: 5

Actions: 10
Resolved control plane operations from Actions: 74
Effective control plane operations: 74
•: 1
•Action: 10
•Delete: 2
•read: 58
•Write: 3

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 15736

DataActions: 3
Resolved data plane operations: 13
Effective data plane operations: 13
•action: 7
•delete: 2
•read: 2
•write: 2

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3170
Actions
Operation Description
Microsoft.Authorization/*/readwildcarded / no description
Microsoft.Insights/alertRules/*wildcarded / no description
Microsoft.KeyVault/checkNameAvailability/readChecks that a key vault name is valid and is not in use
Microsoft.KeyVault/deletedVaults/readView the properties of soft deleted key vaults
Microsoft.KeyVault/locations/*/readwildcarded / no description
Microsoft.KeyVault/operations/readLists operations available on Microsoft.KeyVault resource provider
Microsoft.KeyVault/vaults/*/readwildcarded / no description
Microsoft.Resources/deployments/*wildcarded / no description
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups.
Microsoft.Support/*wildcarded / no description
NotActions n/a
DataActions
Operation Description
Microsoft.KeyVault/vaults/certificatecas/*wildcarded / no description
Microsoft.KeyVault/vaults/certificatecontacts/writeManage Certificate Contact
Microsoft.KeyVault/vaults/certificates/*wildcarded / no description
NotDataActions n/a
Used in
BuiltIn Policy
none
JSON
api-version=2023-07-01-preview
Condition none