AzRoleAdvertizer

last sync: 2021-Oct-15 16:53:14 UTC

Azure RBAC Role definition

Azure Connected Machine Resource Administrator

Name Azure Connected Machine Resource Administrator
Microsoft docs

Id cd570a14-e51a-42ad-bac8-bafd67325302

Description Can read, write, delete and re-onboard Azure Connected Machines.

CreatedOn 2019-10-23 20:24:59 UTC

UpdatedOn 2021-06-08 18:14:40 UTC

History

Date/Time (UTC ymd) (i)	Change	Change detail
2021-06-09 16:50:31	change: Actions	Actions: 'add Microsoft.HybridCompute/machines/UpgradeExtensions/action'
2021-04-29 16:55:26	change: Actions	Actions: 'add Microsoft.HybridCompute/machines/extensions/read; add Microsoft.HybridCompute/machines/extensions/delete'
2021-03-24 14:32:47	change: Actions	Actions: 'remove Microsoft.HybridCompute/machines/reconnect/action; add Microsoft.HybridCompute/privateLinkScopes/*'
2019-10-24 02:15:32	add: Role	0a14-e51a-42ad-bac8-bafd67325302

Actions

Operation	Description	Used in other Roles
Microsoft.HybridCompute/*/read	no description given	Hybrid Server Resource Administrator
Microsoft.HybridCompute/machines/delete	Deletes an Azure Arc machines	none
Microsoft.HybridCompute/machines/extensions/delete	Deletes an Azure Arc extensions	none
Microsoft.HybridCompute/machines/extensions/read	Reads any Azure Arc extensions	none
Microsoft.HybridCompute/machines/extensions/write	Installs or Updates an Azure Arc extensions	Log Analytics Contributor
Microsoft.HybridCompute/machines/read	Read any Azure Arc machines	Azure Connected Machine Onboarding, Hybrid Server Onboarding
Microsoft.HybridCompute/machines/UpgradeExtensions/action	Upgrades Extensions on Azure Arc machines	none
Microsoft.HybridCompute/machines/write	Writes an Azure Arc machines	Azure Connected Machine Onboarding, Hybrid Server Onboarding
Microsoft.HybridCompute/privateLinkScopes/*	no description given	none

NotActions n/a

DataActions n/a

NotDataActions n/a

Used in Policy

Policy DisplayName	Policy Id	Category	State
[Preview]: Configure periodic checking for missing system updates on azure Arc-enabled servers	bfea026e-043f-4ff4-9d1b-bf301ca7ff46	Update Management Center	Preview
Configure Azure Arc Private Link Scopes to disable public network access	de0bc8ea-76e2-4fe2-a288-a07556d0e9c4	Azure Arc	GA
Configure Azure Arc Private Link Scopes with private endpoints	d6eeba80-df61-4de5-8772-bc1b7852ba6b	Azure Arc	GA
Configure Azure Arc-enabled servers to use an Azure Arc Private Link Scope	a3461c8c-6c9d-4e42-a644-40ba8a1abf49	Azure Arc	GA

JSON

{
  "Name": "Azure Connected Machine Resource Administrator",
  "Id": "cd570a14-e51a-42ad-bac8-bafd67325302",
  "IsCustom": false,
  "Description": "Can read, write, delete and re-onboard Azure Connected Machines.",
  "Actions": [
    "Microsoft.HybridCompute/machines/read",
    "Microsoft.HybridCompute/machines/write",
    "Microsoft.HybridCompute/machines/delete",
    "Microsoft.HybridCompute/machines/UpgradeExtensions/action",
    "Microsoft.HybridCompute/machines/extensions/read",
    "Microsoft.HybridCompute/machines/extensions/write",
    "Microsoft.HybridCompute/machines/extensions/delete",
    "Microsoft.HybridCompute/privateLinkScopes/*",
    "Microsoft.HybridCompute/*/read"
  ],
  "NotActions": [],
  "DataActions": [],
  "NotDataActions": [],
  "AssignableScopes": [
    "/"
  ]
}