last sync: 2020-Sep-18 14:08:07 UTC

Azure Role

Avere Operator

Role Name Avere Operator
Role Id c025889f-8102-4ebf-b32c-fc0c6f0c6bd9
Role Description Used by the Avere vFXT cluster to manage the cluster
Role Changes no changes
Actions
Operation Description Used in other Role(s)
Microsoft.Compute/virtualMachines/read Get the properties of a virtual machine DevTest Labs User
Microsoft.Network/networkInterfaces/read Gets a network interface definition. DevTest Labs User, Virtual Machine Administrator Login, Virtual Machine User Login
Microsoft.Network/networkInterfaces/write Creates a network interface or updates an existing network interface. DevTest Labs User
Microsoft.Network/virtualNetworks/read Get the virtual network definition Avere Contributor, Backup Contributor, Backup Operator , Site Recovery Contributor, Site Recovery Operator, Virtual Machine Administrator Login, Virtual Machine User Login, Virtual Machine Contributor, Private DNS Zone Contributor
Microsoft.Network/virtualNetworks/subnets/read Gets a virtual network subnet definition Avere Contributor
Microsoft.Network/virtualNetworks/subnets/join/action Joins a virtual network. Not Alertable. Avere Contributor, DevTest Labs User, Virtual Machine Contributor
Microsoft.Network/networkSecurityGroups/join/action Joins a network security group. Not Alertable. Avere Contributor, Virtual Machine Contributor
Microsoft.Resources/subscriptions/resourceGroups/read Gets or lists resource groups. API Management Service Contributor, API Management Service Operator Role, API Management Service Reader Role , Application Insights Component Contributor, Application Insights Snapshot Debugger, Automation Job Operator, Automation Runbook Operator, Automation Operator, Avere Contributor, Backup Contributor, Backup Operator, BizTalk Contributor, CDN Endpoint Contributor, CDN Endpoint Reader, CDN Profile Contributor, CDN Profile Reader, Classic Network Contributor, Classic Storage Account Contributor, ClearDB MySQL DB Contributor, Classic Virtual Machine Contributor, Cognitive Services User, Cognitive Services Contributor, Cosmos DB Account Reader Role, Cost Management Contributor, Cost Management Reader, Data Box Contributor, Data Factory Contributor, Data Lake Analytics Developer, DevTest Labs User, DocumentDB Account Contributor, DNS Zone Contributor, EventGrid EventSubscription Contributor, EventGrid EventSubscription Reader, Intelligent Systems Account Contributor, Key Vault Contributor, Lab Creator, Logic App Operator, Logic App Contributor, Managed Identity Operator, Managed Identity Contributor, Monitoring Metrics Publisher, Network Contributor, New Relic APM Account Contributor, Redis Cache Contributor, Scheduler Job Collections Contributor, Search Service Contributor, Security Admin, Security Manager (Legacy), Security Reader, Site Recovery Contributor, Site Recovery Operator, SQL Managed Instance Contributor, SQL DB Contributor, SQL Security Manager, Storage Account Contributor, SQL Server Contributor, Support Request Contributor, Traffic Manager Contributor, Virtual Machine Contributor, Web Plan Contributor, Website Contributor, HDInsight Cluster Operator, Cosmos DB Operator, Private DNS Zone Contributor, Blueprint Contributor, Blueprint Operator, Azure Sentinel Contributor, Azure Sentinel Responder, Azure Sentinel Reader, SignalR AccessKey Reader, SignalR Contributor, Kubernetes Cluster - Azure Arc Onboarding, Experimentation Contributor, Experimentation Administrator, Tag Contributor, Key Vault Administrator (preview), Key Vault Crypto Officer (preview), Key Vault Secrets Officer (preview), Key Vault Certificates Officer (preview), Key Vault Reader (preview), Azure Arc Kubernetes Viewer, Azure Arc Kubernetes Writer, Azure Arc Kubernetes Cluster Admin, Azure Arc Kubernetes Admin, Azure Kubernetes Service RBAC Cluster Admin, Azure Kubernetes Service RBAC Admin, Azure Kubernetes Service RBAC Reader, Azure Kubernetes Service RBAC Writer, Azure Arc Enabled Kubernetes Cluster User Role, Collaborative Data Contributor, Device Update Reader, Device Update Administrator, Device Update Content Administrator, Device Update Deployments Administrator, Device Update Deployments Reader, Device Update Content Reader
Microsoft.Storage/storageAccounts/blobServices/containers/delete Returns the result of deleting a container Storage Blob Data Contributor
Microsoft.Storage/storageAccounts/blobServices/containers/read Returns list of containers Storage Blob Data Contributor, Storage Blob Data Reader
Microsoft.Storage/storageAccounts/blobServices/containers/write Returns the result of put blob container Storage Blob Data Contributor
NotActions
DataActions
Operation Description Used in other Role(s)
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete Returns the result of deleting a blob Avere Contributor, Storage Blob Data Contributor
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read Returns a blob or a list of blobs Avere Contributor, Storage Blob Data Contributor, Storage Blob Data Reader
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write Returns the result of writing a blob Avere Contributor, Storage Blob Data Contributor
NotDataActions
Used in Policy
Role Definition (Json)
{
  "Name": "Avere Operator",
  "Id": "c025889f-8102-4ebf-b32c-fc0c6f0c6bd9",
  "IsCustom": false,
  "Description": "Used by the Avere vFXT cluster to manage the cluster",
  "Actions": [
    "Microsoft.Compute/virtualMachines/read",
    "Microsoft.Network/networkInterfaces/read",
    "Microsoft.Network/networkInterfaces/write",
    "Microsoft.Network/virtualNetworks/read",
    "Microsoft.Network/virtualNetworks/subnets/read",
    "Microsoft.Network/virtualNetworks/subnets/join/action",
    "Microsoft.Network/networkSecurityGroups/join/action",
    "Microsoft.Resources/subscriptions/resourceGroups/read",
    "Microsoft.Storage/storageAccounts/blobServices/containers/delete",
    "Microsoft.Storage/storageAccounts/blobServices/containers/read",
    "Microsoft.Storage/storageAccounts/blobServices/containers/write"
  ],
  "NotActions": [
    
  ],
  "DataActions": [
    "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete",
    "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read",
    "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write"
  ],
  "NotDataActions": [
    
  ],
  "AssignableScopes": [
    "/"
  ]
}