last sync: 2021-Oct-15 16:53:14 UTC

Azure RBAC Role definition

Azure Connected Machine Resource Administrator

NameAzure Connected Machine Resource Administrator
Microsoft docs
Idcd570a14-e51a-42ad-bac8-bafd67325302
DescriptionCan read, write, delete and re-onboard Azure Connected Machines.
CreatedOn2019-10-23 20:24:59 UTC
UpdatedOn2021-06-08 18:14:40 UTC
History
Date/Time (UTC ymd) (i) Change Change detail
2021-06-09 16:50:31 change: Actions Actions: 'add Microsoft.HybridCompute/machines/UpgradeExtensions/action'
2021-04-29 16:55:26 change: Actions Actions: 'add Microsoft.HybridCompute/machines/extensions/read; add Microsoft.HybridCompute/machines/extensions/delete'
2021-03-24 14:32:47 change: Actions Actions: 'remove Microsoft.HybridCompute/machines/reconnect/action; add Microsoft.HybridCompute/privateLinkScopes/*'
2019-10-24 02:15:32 add: Role 0a14-e51a-42ad-bac8-bafd67325302
Actions
Operation Description Used in other Roles
Microsoft.HybridCompute/*/readno description given Hybrid Server Resource Administrator
Microsoft.HybridCompute/machines/deleteDeletes an Azure Arc machines none
Microsoft.HybridCompute/machines/extensions/deleteDeletes an Azure Arc extensions none
Microsoft.HybridCompute/machines/extensions/readReads any Azure Arc extensions none
Microsoft.HybridCompute/machines/extensions/writeInstalls or Updates an Azure Arc extensions Log Analytics Contributor
Microsoft.HybridCompute/machines/readRead any Azure Arc machines Azure Connected Machine Onboarding, Hybrid Server Onboarding
Microsoft.HybridCompute/machines/UpgradeExtensions/actionUpgrades Extensions on Azure Arc machines none
Microsoft.HybridCompute/machines/writeWrites an Azure Arc machines Azure Connected Machine Onboarding, Hybrid Server Onboarding
Microsoft.HybridCompute/privateLinkScopes/*no description given none
NotActions n/a
DataActions n/a
NotDataActions n/a
Used in Policy
Policy DisplayName Policy Id Category State
[Preview]: Configure periodic checking for missing system updates on azure Arc-enabled servers bfea026e-043f-4ff4-9d1b-bf301ca7ff46 Update Management Center Preview
Configure Azure Arc Private Link Scopes to disable public network access de0bc8ea-76e2-4fe2-a288-a07556d0e9c4 Azure Arc GA
Configure Azure Arc Private Link Scopes with private endpoints d6eeba80-df61-4de5-8772-bc1b7852ba6b Azure Arc GA
Configure Azure Arc-enabled servers to use an Azure Arc Private Link Scope a3461c8c-6c9d-4e42-a644-40ba8a1abf49 Azure Arc GA
JSON
{
  "Name": "Azure Connected Machine Resource Administrator",
  "Id": "cd570a14-e51a-42ad-bac8-bafd67325302",
  "IsCustom": false,
  "Description": "Can read, write, delete and re-onboard Azure Connected Machines.",
  "Actions": [
    "Microsoft.HybridCompute/machines/read",
    "Microsoft.HybridCompute/machines/write",
    "Microsoft.HybridCompute/machines/delete",
    "Microsoft.HybridCompute/machines/UpgradeExtensions/action",
    "Microsoft.HybridCompute/machines/extensions/read",
    "Microsoft.HybridCompute/machines/extensions/write",
    "Microsoft.HybridCompute/machines/extensions/delete",
    "Microsoft.HybridCompute/privateLinkScopes/*",
    "Microsoft.HybridCompute/*/read"
  ],
  "NotActions": [],
  "DataActions": [],
  "NotDataActions": [],
  "AssignableScopes": [
    "/"
  ]
}