AzRoleAdvertizer

last sync: 2020-Sep-30 14:32:33 UTC

Azure Role

Reader and Data Access

Role Name Reader and Data Access

Role Id c12c1c16-33a1-487b-954d-41c89c60f349

Role Description Lets you view everything but will not let you delete or create a storage account or contained resource. It will also allow read/write access to all data contained in a storage account via access to storage account keys.

Role Changes no changes

Actions

Operation	Description	Used in other Role(s)
Microsoft.Storage/storageAccounts/listKeys/action	Returns the access keys for the specified storage account.	DevTest Labs User, Log Analytics Contributor, Logic App Contributor , Storage Account Key Operator Service Role, Virtual Machine Contributor
Microsoft.Storage/storageAccounts/ListAccountSas/action	Returns the Account SAS token for the specified storage account.
Microsoft.Storage/storageAccounts/read	Returns the list of storage accounts or gets the properties for the specified storage account.	Backup Contributor, Backup Operator, Logic App Contributor , Site Recovery Contributor, Site Recovery Operator, Virtual Machine Contributor

NotActions

DataActions

NotDataActions

Used in Policy

Role Definition (Json)

{
  "Name": "Reader and Data Access",
  "Id": "c12c1c16-33a1-487b-954d-41c89c60f349",
  "IsCustom": false,
  "Description": "Lets you view everything but will not let you delete or create a storage account or contained resource. It will also allow read/write access to all data contained in a storage account via access to storage account keys.",
  "Actions": [
    "Microsoft.Storage/storageAccounts/listKeys/action",
    "Microsoft.Storage/storageAccounts/ListAccountSas/action",
    "Microsoft.Storage/storageAccounts/read"
  ],
  "NotActions": [
    
  ],
  "DataActions": [
    
  ],
  "NotDataActions": [
    
  ],
  "AssignableScopes": [
    "/"
  ]
}

Azure Role

Reader and Data Access

Popular