last sync: 2024-Mar-27 18:49:34 UTC

Contributor

Azure BuiltIn RBAC Role definition

NameContributor
Idb24988ac-6180-42a0-ab88-20f7382dd24c
DescriptionGrants full access to manage all resources, but does not allow you to assign roles in Azure RBAC, manage assignments in Azure Blueprints, or share image galleries.
CreatedOn2015-02-02 21:55:09 UTC
UpdatedOn2023-07-07 20:27:50 UTC
History
Date/Time (UTC ymd) (i) Change Change detail
2023-07-10 18:02:27 change: Description, NotActions New Description: 'Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC, manage assignments in Azure Blueprints, or share image galleries.'
Old Description: 'Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC.',
NotActions: 'add Microsoft.Purview/consents/write; add Microsoft.Purview/consents/delete'
2020-11-11 15:02:47 change: NotActions NotActions: 'add Microsoft.Compute/galleries/share/action'
Permissions summary Effective control plane and data plane operations: 15177 (unique operations)
•: 1
•action: 3384
•delete: 2292
•read: 6638
•write: 2862

Actions: 1
Resolved control plane operations from Actions: 15214
Effective control plane operations: 15177
•: 1
•action: 3384
•delete: 2292
•read: 6638
•write: 2862

NotActions: 8
Resolved control plane operations from NotActions: 37
Effective denied control plane operations: 37

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3104
Actions
Operation Description
*wildcarded / no description
NotActions
Operation Description
Microsoft.Authorization/*/Deletewildcarded / no description
Microsoft.Authorization/*/Writewildcarded / no description
Microsoft.Authorization/elevateAccess/ActionGrants the caller User Access Administrator access at the tenant scope
Microsoft.Blueprint/blueprintAssignments/deleteDelete any blueprint artifacts
Microsoft.Blueprint/blueprintAssignments/writeCreate or update any blueprint artifacts
Microsoft.Compute/galleries/share/actionShares a Gallery to different scopes
Microsoft.Purview/consents/deleteDelete the Consent Resource.
Microsoft.Purview/consents/writeCreate or Update a Consent Resource.
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy
Policy DisplayName Policy Id Category State
[Deprecated]: Configure Arc machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent 3b1a8e0a-b2e1-48be-9365-28be2fbef550 Security Center Deprecated
[Deprecated]: Configure Arc machines to create the Microsoft Defender for Cloud user-defined pipeline using Azure Monitor Agent aba46665-c3a7-4319-ace1-a0282deebac2 Security Center Deprecated
[Deprecated]: Configure machines to create the Microsoft Defender for Cloud user-defined pipeline using Azure Monitor Agent c15c5978-ab6e-4599-a1c3-90a7918f5371 Security Center Deprecated
[Deprecated]: Configure virtual machines to be onboarded to Azure Automanage 270610db-8c04-438a-a739-e8e6745b22d3 Automanage Deprecated
[Deprecated]: Configure virtual machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent 8b5ad9ab-3d44-4a6e-9ac3-75b04ea5fd28 Security Center Deprecated
[Deprecated]: Deploy prerequisites to audit Linux VMs that allow remote connections from accounts without passwords ec49586f-4939-402d-a29e-6ff502b20592 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Linux VMs that do not have the passwd file permissions set to 0644 f19aa1c1-6b91-4c27-ae6a-970279f03db9 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Linux VMs that do not have the specified applications installed 4d1c04de-2172-403f-901b-90608c35c721 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Linux VMs that have accounts without passwords 3470477a-b35a-49db-aca5-1073d04524fe Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Linux VMs that have the specified applications installed 884b209a-963b-4520-8006-d20cb3c213e0 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows Server VMs on which Windows Serial Console is not enabled 7a031c68-d6ab-406e-a506-697a19c634b0 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Administrative Templates - Control Panel' ec7ac234-2af5-4729-94d2-c557c071799d Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Administrative Templates - MSS (Legacy)' f1f4825d-58fb-4257-8016-8c00e3c9ed9d Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Administrative Templates - Network' 985285b7-b97a-419c-8d48-c88cc934c8d8 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Administrative Templates - System' 40917425-69db-4018-8dae-2a0556cef899 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Accounts' e5b81f87-9185-4224-bf00-9f505e9f89f3 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Audit' 498b810c-59cd-4222-9338-352ba146ccf3 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Devices' 6481cc21-ed6e-4480-99dd-ea7c5222e897 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Interactive Logon' 3750712b-43d0-478e-9966-d2c26f6141b9 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Microsoft Network Client' bbcdd8fa-b600-4ee3-85b8-d184e3339652 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Microsoft Network Server' 86880e5c-df35-43c5-95ad-7e120635775e Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Network Access' f56a3ab2-89d1-44de-ac0d-2ada5962e22a Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Network Security' 36e17963-7202-494a-80c3-f508211c826b Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Recovery console' ddc0a4d5-5e08-43d5-9fd9-b586d8d7116b Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - Shutdown' 1f8c20ce-3414-4496-8b26-0e902a1541da Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - System objects' 12ae2d24-3805-4b37-9fa9-465968bfbcfa Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - System settings' 437a1f8f-8552-47a8-8b12-a2fee3269dd5 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Options - User Account Control' e425e402-a050-45e5-b010-bd3f934589fc Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Security Settings - Account Policies' e3d95ab7-f47a-49d8-a347-784177b6c94c Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'System Audit Policies - Account Logon' c1e289c0-ffad-475d-a924-adc058765d65 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'System Audit Policies - Account Management' 0a9991e6-21be-49f9-8916-a06d934bcf29 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'System Audit Policies - Detailed Tracking' 42a07bbf-ffcf-459a-b4b1-30ecd118a505 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'System Audit Policies - Logon-Logoff' c04255ee-1b9f-42c1-abaa-bf1553f79930 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'System Audit Policies - Object Access' 8e170edb-e0f5-497a-bb36-48b3280cec6a Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'System Audit Policies - Policy Change' 97b595c8-fd10-400e-8543-28e2b9138b13 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'System Audit Policies - Privilege Use' ce2370f6-0ac5-4d85-8ab4-10721cc640b0 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'System Audit Policies - System' f8b0158d-4766-490f-bea0-259e52dba473 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'User Rights Assignment' 815dcc9f-6662-43f2-9a03-1b83e9876f24 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Windows Components' 7040a231-fb65-4412-8c0a-b365f4866c24 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs configurations in 'Windows Firewall Properties' 909c958d-1b99-4c74-b88f-46a5c5bc34f9 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs if the Administrators group contains any of the specified members 144f1397-32f9-4598-8c88-118decc3ccba Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs if the Administrators group doesn't contain all the specified members 93507a81-10a4-4af0-9ee2-34cf25a96e98 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs if the Administrators group doesn't contain only specified members b821191b-3a12-44bc-9c38-212138a29ff3 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs on which the DSC configuration is not compliant d38b4c26-9d2e-47d7-aefe-18d859a8706a Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs on which the Log Analytics agent is not connected as expected 68511db2-bd02-41c4-ae6b-1900a012968a Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs on which the remote connection status does not match the specified one 5bb36dda-8a78-4df9-affd-4f05a8612a8a Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs on which the specified services are not installed and 'Running' 32b1e4d4-6cd5-47b4-a935-169da8a5c262 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs on which Windows Defender Exploit Guard is not enabled 6a7a2bcf-f9be-4e35-9734-4f9657a70f1d Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs that allow re-use of the previous 24 passwords 726671ac-c4de-4908-8c7d-6043ae62e3b6 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs that are not joined to the specified domain 315c850a-272d-4502-8935-b79010405970 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs that are not set to the specified time zone c21f7060-c148-41cf-a68b-0ab3e14c764c Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs that contain certificates expiring within the specified number of days c5fbc59e-fb6f-494f-81e2-d99a671bdaa8 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs that do not contain the specified certificates in Trusted Root 106ccbe4-a791-4f33-a44a-06796944b8d5 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs that do not have a maximum password age of 70 days 356a906e-05e5-4625-8729-90771e0ee934 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs that do not have a minimum password age of 1 day 16390df4-2f73-4b42-af13-c801066763df Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs that do not have the password complexity setting enabled 7ed40801-8a0f-4ceb-85c0-9fd25c1d61a8 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs that do not have the specified applications installed 12f7e5d0-42a7-4630-80d8-54fb7cff9bd6 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs that do not have the specified Windows PowerShell execution policy e0efc13a-122a-47c5-b817-2ccfe5d12615 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs that do not have the specified Windows PowerShell modules installed 90ba2ee7-4ca8-4673-84d1-c851c50d3baf Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs that do not restrict the minimum password length to 14 characters 23020aa6-1135-4be2-bae2-149982b06eca Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs that do not store passwords using reversible encryption 8ff0b18b-262e-4512-857a-48ad0aeb9a78 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs that have not restarted within the specified number of days f4b245d4-46c9-42be-9b1a-49e2b5b94194 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs that have the specified applications installed f0633351-c7b2-41ff-9981-508fc08553c2 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows VMs with a pending reboot c96f3246-4382-4264-bf6b-af0b35e23c3c Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to audit Windows web servers that are not using secure communication protocols b2fc8f91-866d-4434-9089-5ebfe38d6fd8 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to enable Guest Configuration Policy on Linux VMs. fb27e9e0-526e-4ae1-89f2-a2a0bf0f8a50 Guest Configuration Deprecated
[Deprecated]: Deploy prerequisites to enable Guest Configuration Policy on Windows VMs. 0ecd903d-91e7-4726-83d3-a229d7f2e293 Guest Configuration Deprecated
[Preview]: Add user-assigned managed identity to enable Guest Configuration assignments on virtual machines f40c7c00-b4e3-4068-a315-5fe81347a904 Guest Configuration Preview
[Preview]: Assign Built-In User-Assigned Managed Identity to Virtual Machine Scale Sets 516187d4-ef64-4a1b-ad6b-a7348502976c Managed Identity Preview
[Preview]: Assign Built-In User-Assigned Managed Identity to Virtual Machines d367bd60-64ca-4364-98ea-276775bddd94 Managed Identity Preview
[Preview]: Configure Azure Arc enabled Kubernetes clusters to install Microsoft Defender for Cloud extension 708b60a6-d253-4fe0-9114-4be4c00f012c Kubernetes Preview
[Preview]: Configure Azure Arc-enabled Linux machines with Log Analytics agents connected to default Log Analytics workspace bacd7fca-1938-443d-aad6-a786107b1bfb Monitoring Preview
[Preview]: Configure Azure Arc-enabled Windows machines with Log Analytics agents connected to default Log Analytics workspace 594c1276-f44f-482d-9910-71fac2ce5ae0 Monitoring Preview
[Preview]: Configure Azure Defender for SQL agent on virtual machine 2ada9901-073c-444a-9a9a-91865174f0aa Security Center Preview
[Preview]: Deploy Microsoft Defender for Endpoint agent on Linux hybrid machines 4eb909e7-6d64-656d-6465-2eeb297a1625 Security Center Preview
[Preview]: Deploy Microsoft Defender for Endpoint agent on Linux virtual machines d30025d0-6d64-656d-6465-67688881b632 Security Center Preview
[Preview]: Deploy Microsoft Defender for Endpoint agent on Windows Azure Arc machines 37c043a6-6d64-656d-6465-b362dfeb354a Security Center Preview
[Preview]: Deploy Microsoft Defender for Endpoint agent on Windows virtual machines 1ec9c2c2-6d64-656d-6465-3ec3309b8579 Security Center Preview
[Preview]: Enable system-assigned identity to SQL VM 7148a409-0d59-4baa-925b-b3aae486a14e SQL Server Preview
Add a tag to resource groups 726aca4c-86e9-4b04-b0c5-073027359532 Tags GA
Add a tag to resources 4f9dc7db-30c1-420c-b61a-e1d640128d26 Tags GA
Add or replace a tag on resource groups d157c373-a6c4-483d-aaad-570756956268 Tags GA
Add or replace a tag on resources 5ffd78d9-436d-4b41-a421-5baa819e3008 Tags GA
Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities 3cf2ab00-13f1-4d0c-8971-2ac904541a7e Guest Configuration GA
Add system-assigned managed identity to enable Guest Configuration assignments on VMs with a user-assigned identity 497dff13-db2a-4c0f-8603-28fa3b331ab6 Guest Configuration GA
Configure Advanced Threat Protection to be enabled on Azure database for MariaDB servers a6cf7411-da9e-49e2-aec0-cba0250eaf8c SQL GA
Configure Advanced Threat Protection to be enabled on Azure database for MySQL servers 80ed5239-4122-41ed-b54a-6f1fa7552816 SQL GA
Configure Advanced Threat Protection to be enabled on Azure database for PostgreSQL flexible servers 2a6ae02f-7590-40d7-88ba-b18e205a32fd Security Center GA
Configure Advanced Threat Protection to be enabled on Azure database for PostgreSQL servers db048e65-913c-49f9-bb5f-1084184671d3 SQL GA
Configure App Configuration stores to disable local authentication methods 72bc14af-4ab8-43af-b4e4-38e7983f9a1f App Configuration GA
Configure App Configuration to disable public network access 73290fa2-dfa7-4bbb-945d-a5e23b75df2c App Configuration GA
Configure Arc-enabled SQL Servers to automatically install Microsoft Defender for SQL and DCR with a Log Analytics workspace da0fd392-9669-4ad4-b32c-ca46aaa6c21f Security Center GA
Configure Arc-enabled SQL Servers to automatically install Microsoft Defender for SQL and DCR with a user-defined LA workspace 63d03cbd-47fd-4ee1-8a1c-9ddf07303de0 Security Center GA
Configure Azure Automation account to disable local authentication 30d1d58e-8f96-47a5-8564-499a3f3cca81 Automation GA
Configure Azure Automation accounts to disable public network access 23b36a7c-9d26-4288-a8fd-c1d2fa284d8c Automation GA
Configure Azure Databricks Workspaces with private endpoints 09210db3-d32c-4b2b-b4e1-f72ae920eb11 Azure Databricks GA
Configure Azure Device Update for IoT Hub accounts to disable public network access 27573ebe-7ef3-4472-a8e1-33aef9ea65c5 Internet of Things GA
Configure Azure Device Update for IoT Hub accounts to use private DNS zones a222b93a-e6c2-4c01-817f-21e092455b2a Internet of Things GA
Configure Azure Device Update for IoT Hub accounts with private endpoint 5b9d063f-c5fd-4750-a489-1258d1fefcbf Internet of Things GA
Configure Azure File Sync with private endpoints b35dddd9-daf7-423b-8375-5a5b86806d5a Storage GA
Configure Azure HDInsight clusters with private endpoints 2676090a-4baf-46ac-9085-4ac02cc50e3e HDInsight GA
Configure Azure IoT Hub to disable local authentication 9f8ba900-a70f-486e-9ffc-faf907305376 Internet of Things GA
Configure Azure Kubernetes Service clusters to enable Defender profile 64def556-fbad-4622-930e-72d1d5589bf5 Kubernetes GA
Configure Azure Machine Learning Computes to disable local authentication methods a6f9a2d0-cff7-4855-83ad-4cd750666512 Machine Learning GA
Configure Azure Machine Learning Workspaces to disable public network access a10ee784-7409-4941-b091-663697637c0f Machine Learning GA
Configure Azure Managed Grafana dashboards with private endpoints bc33de80-97cd-4c11-b6b4-d075e03c7d60 Managed Grafana GA
Configure Azure Managed Grafana workspaces to disable public network access 67529aa1-5285-4b1c-8e6f-5ccd861ac98e Managed Grafana GA
Configure Azure Monitor Private Link Scope to block access to non private link resources bec5db8e-c4e3-40f9-a545-e0bd00065c82 Monitoring GA
Configure Azure Monitor Private Link Scopes with private endpoints e8185402-357b-4768-8058-f620bc0ae6b5 Monitoring GA
Configure Azure Synapse Workspace Dedicated SQL minimum TLS version 8b5c654c-fb07-471b-aa8f-15fea733f140 Synapse GA
Configure Azure Synapse workspaces to disable public network access 5c8cad01-ef30-4891-b230-652dadb4876a Synapse GA
Configure Azure Synapse workspaces with private endpoints 3b3b0c27-08d2-4b32-879d-19930bee3266 Synapse GA
Configure Azure Virtual Desktop hostpools with private endpoints 7b331e6b-6096-4395-a754-758a64505f19 Desktop Virtualization GA
Configure Azure Virtual Desktop workspaces with private endpoints 02aa841c-42e8-492f-a43d-1f2c67e58d41 Desktop Virtualization GA
Configure Batch accounts to disable local authentication 4dbc2f5c-51cf-4e38-9179-c7028eed2274 Batch GA
Configure Batch accounts to disable public network access c520cefc-285f-40f3-86e2-2efc38ef1f64 Batch GA
Configure Batch accounts with private endpoints 0ef5aac7-c064-427a-b87b-d47b3ddcaf73 Batch GA
Configure Cognitive Services accounts to disable local authentication methods 14de9e63-1b31-492e-a5a3-c3f7fd57f555 Cognitive Services GA
Configure Cognitive Services accounts to disable public network access 47ba1dd7-28d9-4b07-a8d5-9813bed64e0c Cognitive Services GA
Configure container registries to disable anonymous authentication. cced2946-b08a-44fe-9fd9-e4ed8a779897 Container Registry GA
Configure container registries to disable ARM audience token authentication. 785596ed-054f-41bc-aaec-7f3d0ba05725 Container Registry GA
Configure container registries to disable local admin account. 79fdfe03-ffcb-4e55-b4d0-b925b8241759 Container Registry GA
Configure Container registries to disable public network access a3701552-92ea-433e-9d17-33b7f1208fc9 Container Registry GA
Configure container registries to disable repository scoped access token. a9b426fe-8856-4945-8600-18c5dd1cca2a Container Registry GA
Configure Container registries with private endpoints d85c6833-7d33-4cf5-a915-aaa2de84405f Container Registry GA
Configure CosmosDB accounts to disable public network access da69ba51-aaf1-41e5-8651-607cd0b37088 Cosmos DB GA
Configure CosmosDB accounts with private endpoints b609e813-3156-4079-91fa-a8494c1471c4 Cosmos DB GA
Configure disk access resources with private endpoints 582bd7a6-a5f6-4dc6-b9dc-9cb81fe0d4c5 Compute GA
Configure installation of Flux extension on Kubernetes cluster f9175d5f-abc8-1dc3-bd3c-5d7476ada3d1 Kubernetes GA
Configure IoT Hub device provisioning instances to use private DNS zones aaa64d2d-2fa3-45e5-b332-0b031b9b30e8 Internet of Things GA
Configure IoT Hub device provisioning service instances to disable public network access 859dfc91-ea35-43a6-8256-31271c363794 Internet of Things GA
Configure IoT Hub device provisioning service instances with private endpoints 9b75ea5b-c796-4c99-aaaf-21c204daac43 Internet of Things GA
Configure Kubernetes clusters with Flux v2 configuration using Bucket source and secrets in KeyVault 5174c1db-ca42-e0d4-b320-4f1cf6a1fa93 Kubernetes GA
Configure Kubernetes clusters with Flux v2 configuration using Git repository and HTTPS CA Certificate 2630c91f-8a20-8f43-14a2-2485b648e2a9 Kubernetes GA
Configure Kubernetes clusters with Flux v2 configuration using Git repository and HTTPS secrets bf1a31be-3b79-5ba8-c9e0-9a8c9ad9f749 Kubernetes GA
Configure Kubernetes clusters with Flux v2 configuration using Git repository and local secrets b6c7fd52-4723-5f4d-a157-3d39bd16a1d7 Kubernetes GA
Configure Kubernetes clusters with Flux v2 configuration using Git repository and SSH secrets 9e980dca-f3e1-8da3-6717-ad37b1ca6b27 Kubernetes GA
Configure Kubernetes clusters with Flux v2 configuration using public Git repository 83ea2fd1-9eaf-2f6d-f672-cd7b2ac798f6 Kubernetes GA
Configure Kubernetes clusters with specified Flux v2 Bucket source using local secrets b8c1d6c1-6137-97c6-9c34-d4627e54ca26 Kubernetes GA
Configure Kubernetes clusters with specified GitOps configuration using HTTPS secrets a6f560f4-f582-4b67-b123-a37dcd1bf7ea Kubernetes GA
Configure Kubernetes clusters with specified GitOps configuration using no secrets 1d61c4d2-aef2-432b-87fc-7f96b019b7e1 Kubernetes GA
Configure Kubernetes clusters with specified GitOps configuration using SSH secrets c050047b-b21b-4822-8a2d-c1e37c3c0c6a Kubernetes GA
Configure Log Analytics workspace and automation account to centralize logs and monitoring 8e3e61b3-0b32-22d5-4edf-55f87fdb5955 Monitoring GA
Configure managed disks to disable public network access 8426280e-b5be-43d9-979e-653d12a08638 Compute GA
Configure network security groups to enable traffic analytics e920df7f-9a64-4066-9b58-52684c02a091 Network GA
Configure network security groups to use specific workspace, storage account and flowlog retention policy for traffic analytics 5e1cd26a-5090-4fdb-9d6a-84a90335e22d Network GA
Configure Packet Core Control Plane diagnostic access to use authentication type Microsoft EntraID 7508b186-60e2-4518-bf70-3d7fbaba1f3a Mobile Network GA
Configure periodic checking for missing system updates on azure virtual machines 59efceea-0c96-497e-a4a1-4eb2290dac15 Azure Update Manager GA
Configure private endpoint connections on Azure Automation accounts c0c3130e-7dda-4187-aed0-ee4a472eaa60 Automation GA
Configure private endpoints for App Configuration 614ffa75-862c-456e-ad8b-eaa1b0844b07 App Configuration GA
Configure Private Link for Azure AD with private endpoints b923afcf-4c3a-4ed6-8386-1ff64b68de47 Azure Active Directory GA
Configure secure communication protocols(TLS 1.1 or TLS 1.2) on Windows machines 828ba269-bf7f-4082-83dd-633417bc391d Guest Configuration GA
Configure SQL Virtual Machines to automatically install Microsoft Defender for SQL and DCR with a Log Analytics workspace c859b78a-a128-4376-a838-e97ce6625d16 Security Center GA
Configure SQL Virtual Machines to automatically install Microsoft Defender for SQL and DCR with a user-defined LA workspace 04754ef9-9ae3-4477-bf17-86ef50026304 Security Center GA
Configure subscriptions to set up preview features e624c84f-2923-4437-9fd9-4115c6da3888 General GA
Configure Synapse Workspaces to use only Microsoft Entra identities for authentication 738949be-6fd2-46b9-b969-99b53712b192 Synapse GA
Configure Synapse Workspaces to use only Microsoft Entra identities for authentication during workspace creation c3624673-d2ff-48e0-b28c-5de1c6767c3c Synapse GA
Configure the Microsoft Defender for SQL Log Analytics workspace 242300d6-1bfc-4d64-8d01-cee583709ebd Security Center GA
Configure virtual machines to be onboarded to Azure Automanage f889cab7-da27-4c41-a3b0-de1f6f87c550 Automanage GA
Configure virtual machines to be onboarded to Azure Automanage with Custom Configuration Profile b025cfb4-3702-47c2-9110-87fe0cfcc99b Automanage GA
Configure virtual network to enable Flow Log and Traffic Analytics 3e9965dc-cc13-47ca-8259-a4252fd0cf7b Network GA
Configure virtual networks to use specific workspace, storage account and retention interval for Flow logs and Traffic Analytics 052c180e-287d-44c3-86ef-01aeae2d9774 Network GA
Create and assign a built-in user-assigned managed identity 09963c90-6ee7-4215-8d26-1cc660a1682f Security Center GA
Deploy - Configure Azure IoT Hubs to use private DNS zones c99ce9c1-ced7-4c3e-aca0-10e69ce0cb02 Internet of Things GA
Deploy - Configure Azure IoT Hubs with private endpoints bf684997-3909-404e-929c-d4a38ed23b2e Internet of Things GA
Deploy - Configure diagnostic settings to an Event Hub to be enabled on Azure Key Vault Managed HSM a6d2c800-5230-4a40-bff3-8268b4987d42 Key Vault GA
Deploy - Configure IoT Central to use private DNS zones d627d7c6-ded5-481a-8f2e-7e16b1e6faf6 Internet of Things GA
Deploy - Configure IoT Central with private endpoints c854b0f0-02d0-4f94-9b42-fd175fbd4d49 Internet of Things GA
Deploy a flow log resource with target network security group 0db34a60-64f4-4bf6-bd44-f95c16cf34b9 Network GA
Deploy a Flow Log resource with target virtual network cd6f7aff-2845-4dab-99f2-6d1754a754b0 Network GA
Deploy associations for a custom provider c15c281f-ea5c-44cd-90b8-fc3c14d13f0c Custom Provider GA
Deploy associations for a managed application 17763ad9-70c0-4794-9397-53d765932634 Managed Application GA
Deploy Diagnostic Settings for Azure SQL Database to Event Hub 9a7c7a7d-49e5-4213-bea8-6a502b6272e0 SQL GA
Deploy Diagnostic Settings for Batch Account to Event Hub db51110f-0865-4a6e-b274-e2e07a5b2cd7 Monitoring GA
Deploy Diagnostic Settings for Data Lake Analytics to Event Hub 4daddf25-4823-43d4-88eb-2419eb6dcc08 Monitoring GA
Deploy Diagnostic Settings for Data Lake Storage Gen1 to Event Hub e8d096bc-85de-4c5f-8cfb-857bd1b9d62d Monitoring GA
Deploy Diagnostic Settings for Event Hub to Event Hub ef7b61ef-b8e4-4c91-8e78-6946c6b0023f Monitoring GA
Deploy Diagnostic Settings for Key Vault to Event Hub ed7c8c13-51e7-49d1-8a43-8490431a0da2 Key Vault GA
Deploy Diagnostic Settings for Logic Apps to Event Hub a1dae6c7-13f3-48ea-a149-ff8442661f60 Monitoring GA
Deploy Diagnostic Settings for Search Services to Event Hub 3d5da587-71bd-41f5-ac95-dd3330c2d58d Monitoring GA
Deploy Diagnostic Settings for Service Bus to Event Hub 6b51af03-9277-49a9-a3f8-1c69c9ff7403 Monitoring GA
Deploy Diagnostic Settings for Stream Analytics to Event Hub edf3780c-3d70-40fe-b17e-ab72013dafca Monitoring GA
Deploy export to Event Hub as a trusted service for Microsoft Defender for Cloud data af9f6c70-eb74-4189-8d15-e4f11a7ebfd4 Security Center GA
Deploy export to Event Hub for Microsoft Defender for Cloud data cdfcce10-4578-4ecd-9703-530938e4abcb Security Center GA
Deploy export to Log Analytics workspace for Microsoft Defender for Cloud data ffb6f416-7bd2-4488-8828-56585fef2be9 Security Center GA
Deploy Planned Maintenance to schedule and control upgrades for your Azure Kubernetes Service (AKS) cluster e1352e44-d34d-4e4d-a22e-451a15f759a1 Kubernetes GA
Deploy the Linux Guest Configuration extension to enable Guest Configuration assignments on Linux VMs 331e8ea8-378a-410f-a2e5-ae22f38bb0da Guest Configuration GA
Deploy the Windows Guest Configuration extension to enable Guest Configuration assignments on Windows VMs 385f5831-96d4-41db-9a3c-cd3af78aaae6 Guest Configuration GA
Deploy Workflow Automation for Microsoft Defender for Cloud alerts f1525828-9a90-4fcf-be48-268cdd02361e Security Center GA
Deploy Workflow Automation for Microsoft Defender for Cloud recommendations 73d6ab6c-2475-4850-afd6-43795f3492ef Security Center GA
Deploy Workflow Automation for Microsoft Defender for Cloud regulatory compliance 509122b9-ddd9-47ba-a5f1-d0dac20be63c Security Center GA
Enable Security Center's auto provisioning of the Log Analytics agent on your subscriptions with custom workspace. 8e7da0a5-0a0e-4bbc-bfc0-7773c018b616 Security Center GA
Enable Security Center's auto provisioning of the Log Analytics agent on your subscriptions with default workspace. 6df2fee6-a9ed-4fef-bced-e13be1b25f1c Security Center GA
Inherit a tag from the resource group cd3aa116-8754-49c9-a813-ad46512ece54 Tags GA
Inherit a tag from the resource group if missing ea3f2387-9b95-492a-a190-fcdc54f7b070 Tags GA
Inherit a tag from the subscription b27a0cbd-a167-4dfa-ae64-4337be671140 Tags GA
Inherit a tag from the subscription if missing 40df99da-1232-49b1-a39a-6da8d878f469 Tags GA
Modify - Configure Azure File Sync to disable public network access 0e07b2e9-6cd9-4c40-9ccb-52817b95133b Storage GA
Modify - Configure Azure IoT Hubs to disable public network access 114eec6e-5e59-4bad-999d-6eceeb39d582 Internet of Things GA
Modify - Configure IoT Central to disable public network access d02e48d5-28d9-40d3-8ab8-301932a6f9cb Internet of Things GA
Modify API Management to disable username and password authentication 1b0d74ac-4b43-4c39-a15f-594385adc38d API Management GA
Protect your data with authentication requirements when exporting or uploading to a disk or snapshot. c3921d55-b741-4d16-8d56-7f16e99e6892 Compute GA
Schedule recurring updates using Azure Update Manager ba0df93e-e4ac-479a-aac2-134bbae39a1a Azure Update Manager GA
JSON
api-version=2022-05-01-preview
Condition none