AzRoleAdvertizer

last sync: 2024-Jul-26 18:17:46 UTC

Azure Arc ScVmm Administrator role

Azure BuiltIn RBAC Role definition

NameAzure Arc ScVmm Administrator role
Ida92dfd61-77f9-4aec-a531-19858b406c87
DescriptionArc ScVmm VM Administrator has permissions to perform all ScVmm actions.
CreatedOn2022-04-13 21:33:11 UTC
UpdatedOn2023-10-06 09:06:44 UTC
History
Date/Time (UTC ymd) (i) Change Change detail
2023-10-09 18:04:57 change: Actions Actions: 'add Microsoft.HybridCompute/machines/read; add Microsoft.HybridCompute/machines/write; add Microsoft.HybridCompute/machines/delete; add Microsoft.HybridCompute/machines/UpgradeExtensions/action; add Microsoft.HybridCompute/machines/assessPatches/action; add Microsoft.HybridCompute/machines/installPatches/action; add Microsoft.HybridCompute/machines/extensions/read; add Microsoft.HybridCompute/machines/extensions/write; add Microsoft.HybridCompute/machines/extensions/delete; add Microsoft.HybridCompute/operations/read; add Microsoft.HybridCompute/locations/operationresults/read; add Microsoft.HybridCompute/locations/operationstatus/read; add Microsoft.HybridCompute/machines/patchAssessmentResults/read; add Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read; add Microsoft.HybridCompute/machines/patchInstallationResults/read; add Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read; add Microsoft.HybridCompute/locations/updateCenterOperationResults/read; add Microsoft.HybridCompute/machines/hybridIdentityMetadata/read; add Microsoft.HybridCompute/osType/agentVersions/read; add Microsoft.HybridCompute/osType/agentVersions/latest/read; add Microsoft.HybridCompute/machines/runcommands/read; add Microsoft.HybridCompute/machines/runcommands/write; add Microsoft.HybridCompute/machines/runcommands/delete; add Microsoft.HybridCompute/machines/licenseProfiles/read; add Microsoft.HybridCompute/machines/licenseProfiles/write; add Microsoft.HybridCompute/machines/licenseProfiles/delete; add Microsoft.HybridCompute/licenses/read; add Microsoft.HybridCompute/licenses/write; add Microsoft.HybridCompute/licenses/delete'
2023-05-22 17:42:39 change: Actions Actions: 'add Microsoft.ExtendedLocation/customLocations/Read; add Microsoft.ExtendedLocation/customLocations/deploy/action'
2022-05-05 21:31:23 add: Role a92dfd61-77f9-4aec-a531-19858b406c87
Permissions summary Effective control plane and data plane operations: 124 (unique operations)
•action: 23
•delete: 16
•read: 68
•write: 17

Actions: 57
Resolved control plane operations from Actions: 124
Effective control plane operations: 124
•action: 23
•delete: 16
•read: 68
•write: 17

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 15504

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3219
Actions
Operation Description
Microsoft.Authorization/*/readwildcarded / no description
Microsoft.ExtendedLocation/customLocations/deploy/actionDeploy permissions to a Custom Location resource
Microsoft.ExtendedLocation/customLocations/ReadGets an Custom Location resource
Microsoft.HybridCompute/licenses/deleteDeletes an Azure Arc licenses
Microsoft.HybridCompute/licenses/readReads any Azure Arc licenses
Microsoft.HybridCompute/licenses/writeInstalls or Updates an Azure Arc licenses
Microsoft.HybridCompute/locations/operationresults/readReads the status of an operation on Microsoft.HybridCompute Resource Provider
Microsoft.HybridCompute/locations/operationstatus/readReads the status of an operation on Microsoft.HybridCompute Resource Provider
Microsoft.HybridCompute/locations/updateCenterOperationResults/readReads the status of an update center operation on machines
Microsoft.HybridCompute/machines/assessPatches/actionAssesses any Azure Arc machines to get missing software patches
Microsoft.HybridCompute/machines/deleteDeletes an Azure Arc machines
Microsoft.HybridCompute/machines/extensions/deleteDeletes an Azure Arc extensions
Microsoft.HybridCompute/machines/extensions/readReads any Azure Arc extensions
Microsoft.HybridCompute/machines/extensions/writeInstalls or Updates an Azure Arc extensions
Microsoft.HybridCompute/machines/hybridIdentityMetadata/readRead any Azure Arc machines's Hybrid Identity Metadata
Microsoft.HybridCompute/machines/installPatches/actionInstalls patches on any Azure Arc machines
Microsoft.HybridCompute/machines/licenseProfiles/deleteDeletes an Azure Arc licenseProfiles
Microsoft.HybridCompute/machines/licenseProfiles/readReads any Azure Arc licenseProfiles
Microsoft.HybridCompute/machines/licenseProfiles/writeInstalls or Updates an Azure Arc licenseProfiles
Microsoft.HybridCompute/machines/patchAssessmentResults/readReads any Azure Arc patchAssessmentResults
Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/readReads any Azure Arc patchAssessmentResults/softwarePatches
Microsoft.HybridCompute/machines/patchInstallationResults/readReads any Azure Arc patchInstallationResults
Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/readReads any Azure Arc patchInstallationResults/softwarePatches
Microsoft.HybridCompute/machines/readRead any Azure Arc machines
Microsoft.HybridCompute/machines/runcommands/deleteDeletes an Azure Arc runcommands
Microsoft.HybridCompute/machines/runcommands/readReads any Azure Arc runcommands
Microsoft.HybridCompute/machines/runcommands/writeInstalls or Updates an Azure Arc runcommands
Microsoft.HybridCompute/machines/UpgradeExtensions/actionUpgrades Extensions on Azure Arc machines
Microsoft.HybridCompute/machines/writeWrites an Azure Arc machines
Microsoft.HybridCompute/operations/readRead all Operations for Azure Arc for Servers
Microsoft.HybridCompute/osType/agentVersions/latest/readno description given
Microsoft.HybridCompute/osType/agentVersions/readno description given
Microsoft.Insights/AlertRules/Activated/ActionClassic metric alert activated
Microsoft.Insights/AlertRules/DeleteDelete a classic metric alert
Microsoft.Insights/AlertRules/Incidents/ReadRead a classic metric alert incident
Microsoft.Insights/AlertRules/ReadRead a classic metric alert
Microsoft.Insights/AlertRules/Resolved/ActionClassic metric alert resolved
Microsoft.Insights/AlertRules/Throttled/ActionClassic metric alert rule throttled
Microsoft.Insights/AlertRules/WriteCreate or update a classic metric alert
Microsoft.ResourceHealth/availabilityStatuses/readGets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/cancel/actionCancels a deployment.
Microsoft.Resources/deployments/deleteDeletes a deployment.
Microsoft.Resources/deployments/exportTemplate/actionExport template for a deployment
Microsoft.Resources/deployments/operations/readGets or lists deployment operations.
Microsoft.Resources/deployments/operationstatuses/readGets or lists deployment operation statuses.
Microsoft.Resources/deployments/readGets or lists deployments.
Microsoft.Resources/deployments/validate/actionValidates an deployment.
Microsoft.Resources/deployments/whatIf/actionPredicts template deployment changes.
Microsoft.Resources/deployments/writeCreates or updates an deployment.
Microsoft.Resources/subscriptions/operationresults/readGet the subscription operation results.
Microsoft.Resources/subscriptions/readGets the list of subscriptions.
Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/readGets or lists deployment operations.
Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/readGets or lists deployment operation statuses.
Microsoft.Resources/subscriptions/resourcegroups/deployments/readGets or lists deployments.
Microsoft.Resources/subscriptions/resourcegroups/deployments/writeCreates or updates an deployment.
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups.
Microsoft.ScVmm/*wildcarded / no description
NotActions n/a
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy		 none
JSON
api-version=2023-07-01-preview
Condition none