AzRoleAdvertizer

last sync: 2023-Nov-30 18:20:43 UTC

Azure RBAC Role definition

Azure Center for SAP solutions service role

Name

Azure Center for SAP solutions service role

aabbc5dd-1af0-458b-a942-81af88f9c138

Description

Azure Center for SAP solutions service role - This role is intended to be used for providing the permissions to user assigned managed identity. Azure Center for SAP solutions will use this identity to deploy and manage SAP systems.

CreatedOn

2022-10-03 19:05:48 UTC

UpdatedOn

2023-02-03 07:40:22 UTC

History

Date/Time (UTC ymd) (i)	Change	Change detail
2023-02-03 18:39:00	change: Actions	Actions: 'add Microsoft.Compute/virtualMachines/read; add Microsoft.Compute/virtualMachines/write; add Microsoft.Compute/virtualMachines/instanceView/read; add Microsoft.Compute/availabilitySets/read; add Microsoft.Compute/availabilitySets/write; add Microsoft.Compute/skus/read; add Microsoft.Compute/sshPublicKeys/read; add Microsoft.Compute/virtualMachines/extensions/read; add Microsoft.Compute/virtualMachines/extensions/write; add Microsoft.Compute/virtualMachines/extensions/delete; add Microsoft.Compute/disks/read; add Microsoft.Compute/disks/write'
2023-01-18 18:07:15	change: Actions	Actions: 'add Microsoft.Resources/subscriptions/resourceGroups/write; add Microsoft.Network/loadBalancers/read; add Microsoft.Network/loadBalancers/write; add Microsoft.Network/loadBalancers/backendAddressPools/read; add Microsoft.Network/loadBalancers/backendAddressPools/write; add Microsoft.Network/loadBalancers/frontendIPConfigurations/read; add Microsoft.Network/loadBalancers/loadBalancingRules/read; add Microsoft.Network/loadBalancers/inboundNatRules/read; add Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read; add Microsoft.Network/loadBalancers/networkInterfaces/read; add Microsoft.Network/loadBalancers/outboundRules/read; add Microsoft.Network/loadBalancers/virtualMachines/read; add Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read; add Microsoft.Network/networkInterfaces/read; add Microsoft.Network/networkInterfaces/write; add Microsoft.Network/networkInterfaces/ipconfigurations/read; add Microsoft.Network/networkInterfaces/loadBalancers/read; add Microsoft.Network/virtualNetworks/read; add Microsoft.Network/virtualNetworks/checkIpAddressAvailability/read; add Microsoft.Network/virtualNetworks/subnets/read; add Microsoft.Network/virtualNetworks/subnets/virtualMachines/read; add Microsoft.Network/virtualNetworks/virtualMachines/read; add Microsoft.Network/networkInterfaces/ipconfigurations/join/action; add Microsoft.Network/privateEndpoints/read; add Microsoft.Network/privateEndpoints/write; add Microsoft.Network/networkInterfaces/join/action; add Microsoft.Network/loadBalancers/backendAddressPools/join/action; add Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action; add Microsoft.Network/virtualNetworks/subnets/join/action; add Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action; add Microsoft.Storage/storageAccounts/read; add Microsoft.Storage/storageAccounts/write; add Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action; add Microsoft.Storage/storageAccounts/blobServices/read; add Microsoft.Storage/storageAccounts/blobServices/containers/read; add Microsoft.Storage/storageAccounts/fileServices/read; add Microsoft.Storage/storageAccounts/fileServices/write; add Microsoft.Storage/storageAccounts/fileServices/shares/read; add Microsoft.Storage/storageAccounts/fileServices/shares/write'
2022-11-14 17:43:02	add: Role	aabbc5dd-1af0-458b-a942-81af88f9c138

Permissions summary

Effective control plane and data plane operations: 66 (unique operations)
•action: 11
•delete: 2
•read: 39
•write: 14

Actions: 55
Resolved control plane operations from Actions: 66
Effective control plane operations: 66
•action: 11
•delete: 2
•read: 39
•write: 14

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 14664

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3083

Actions

Operation	Description
Microsoft.Compute/availabilitySets/read	Get the properties of an availability set
Microsoft.Compute/availabilitySets/write	Creates a new availability set or updates an existing one
Microsoft.Compute/disks/read	Get the properties of a Disk
Microsoft.Compute/disks/write	Creates a new Disk or updates an existing one
Microsoft.Compute/skus/read	Gets the list of Microsoft.Compute SKUs available for your Subscription
Microsoft.Compute/sshPublicKeys/read	Get the properties of an SSH public key
Microsoft.Compute/virtualMachines/extensions/delete	Deletes the virtual machine extension
Microsoft.Compute/virtualMachines/extensions/read	Get the properties of a virtual machine extension
Microsoft.Compute/virtualMachines/extensions/write	Creates a new virtual machine extension or updates an existing one
Microsoft.Compute/virtualMachines/instanceView/read	Gets the detailed runtime status of the virtual machine and its resources
Microsoft.Compute/virtualMachines/read	Get the properties of a virtual machine
Microsoft.Compute/virtualMachines/write	Creates a new virtual machine or updates an existing virtual machine
Microsoft.Network/loadBalancers/backendAddressPools/join/action	Joins a load balancer backend address pool. Not Alertable.
Microsoft.Network/loadBalancers/backendAddressPools/read	Gets a load balancer backend address pool definition
Microsoft.Network/loadBalancers/backendAddressPools/write	Creates a load balancer backend address pool or updates an existing load balancer backend address pool
Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action	Joins a Load Balancer Frontend IP Configuration. Not alertable.
Microsoft.Network/loadBalancers/frontendIPConfigurations/read	Gets a load balancer frontend IP configuration definition
Microsoft.Network/loadBalancers/inboundNatRules/read	Gets a load balancer inbound nat rule definition
Microsoft.Network/loadBalancers/loadBalancingRules/read	Gets a load balancer load balancing rule definition
Microsoft.Network/loadBalancers/networkInterfaces/read	Gets references to all the network interfaces under a load balancer
Microsoft.Network/loadBalancers/outboundRules/read	Gets a load balancer outbound rule definition
Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read	no description given
Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read	no description given
Microsoft.Network/loadBalancers/read	Gets a load balancer definition
Microsoft.Network/loadBalancers/virtualMachines/read	Gets references to all the virtual machines under a load balancer
Microsoft.Network/loadBalancers/write	Creates a load balancer or updates an existing load balancer
Microsoft.Network/networkInterfaces/ipconfigurations/join/action	Joins a Network Interface IP Configuration. Not alertable.
Microsoft.Network/networkInterfaces/ipconfigurations/read	Gets a network interface ip configuration definition.
Microsoft.Network/networkInterfaces/join/action	Joins a Virtual Machine to a network interface. Not Alertable.
Microsoft.Network/networkInterfaces/loadBalancers/read	Gets all the load balancers that the network interface is part of
Microsoft.Network/networkInterfaces/read	Gets a network interface definition.
Microsoft.Network/networkInterfaces/write	Creates a network interface or updates an existing network interface.
Microsoft.Network/privateEndpoints/read	Gets an private endpoint resource.
Microsoft.Network/privateEndpoints/write	Creates a new private endpoint, or updates an existing private endpoint.
Microsoft.Network/virtualNetworks/checkIpAddressAvailability/read	Check if Ip Address is available at the specified virtual network
Microsoft.Network/virtualNetworks/read	Get the virtual network definition
Microsoft.Network/virtualNetworks/subnets/join/action	Joins a virtual network. Not Alertable.
Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action	Joins a load balancer to virtual network subnets
Microsoft.Network/virtualNetworks/subnets/read	Gets a virtual network subnet definition
Microsoft.Network/virtualNetworks/subnets/virtualMachines/read	Gets references to all the virtual machines in a virtual network subnet
Microsoft.Network/virtualNetworks/virtualMachines/read	Gets references to all the virtual machines in a virtual network
Microsoft.Resources/deployments/*	wildcarded / no description
Microsoft.Resources/subscriptions/read	取得訂用帳戶的清單。
Microsoft.Resources/subscriptions/resourcegroups/deployments/*	wildcarded / no description
Microsoft.Resources/subscriptions/resourceGroups/read	取得或列出資源群組。
Microsoft.Resources/subscriptions/resourceGroups/write	建立或更新資源群組。
Microsoft.Storage/storageAccounts/blobServices/containers/read	Returns list of containers
Microsoft.Storage/storageAccounts/blobServices/read	Returns blob service properties or statistics
Microsoft.Storage/storageAccounts/fileServices/read	Get file service properties
Microsoft.Storage/storageAccounts/fileServices/shares/read	List file shares
Microsoft.Storage/storageAccounts/fileServices/shares/write	Create or update file share
Microsoft.Storage/storageAccounts/fileServices/write	Put file service properties
Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action	Approve Private Endpoint Connections
Microsoft.Storage/storageAccounts/read	Returns the list of storage accounts or gets the properties for the specified storage account.
Microsoft.Storage/storageAccounts/write	Creates a storage account with the specified parameters or update the properties or tags or adds custom domain for the specified storage account.

NotActions

n/a

DataActions

n/a

NotDataActions

n/a

Used in
BuiltIn Policy

none

JSON

api-version=2022-05-01-preview