AzRoleAdvertizer

last sync: 2025-Apr-29 17:15:48 UTC

VM Restore Operator

Azure BuiltIn RBAC Role definition

NameVM Restore Operator
Microsoft Learn
Iddfce8971-25e3-42e3-ba33-6055438e3080
DescriptionCreate and Delete resources during VM Restore. This role is in preview and subject to change.
CategoryCompute
Microsoft Learn
CreatedOn2024-07-03 15:20:29 UTC
UpdatedOn2024-07-03 15:20:29 UTC
Permissions summary Effective control plane and data plane operations: 88 (unique operations)
•action: 14
•delete: 9
•read: 55
•write: 10

Actions: 41
Resolved control plane operations from Actions: 84
Effective control plane operations: 84
•action: 13
•delete: 8
•read: 54
•write: 9

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 16406

DataActions: 4
Resolved data plane operations: 4
Effective data plane operations: 4
•action: 1
•delete: 1
•read: 1
•write: 1

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3367
Actions
Operation Description
Microsoft.Authorization/*/readwildcarded / no description
Microsoft.Compute/disks/beginGetAccess/actionGet the SAS URI of the Disk for blob access
Microsoft.Compute/disks/deleteDeletes the Disk
Microsoft.Compute/disks/endGetAccess/actionRevoke the SAS URI of the Disk
Microsoft.Compute/disks/readGet the properties of a Disk
Microsoft.Compute/disks/writeCreates a new Disk or updates an existing one
Microsoft.Compute/locations/diskOperations/readGets the status of an asynchronous Disk operation
Microsoft.Compute/virtualMachines/deleteDeletes the virtual machine
Microsoft.Compute/virtualMachines/extensions/deleteDeletes the virtual machine extension
Microsoft.Compute/virtualMachines/extensions/readGet the properties of a virtual machine extension
Microsoft.Compute/virtualMachines/extensions/writeCreates a new virtual machine extension or updates an existing one
Microsoft.Compute/virtualMachines/instanceView/readGets the detailed runtime status of the virtual machine and its resources
Microsoft.Compute/virtualMachines/readGet the properties of a virtual machine
Microsoft.Compute/virtualMachines/writeCreates a new virtual machine or updates an existing virtual machine
Microsoft.Insights/alertRules/*wildcarded / no description
Microsoft.Network/locations/operationResults/readGets operation result of an async POST or DELETE operation
Microsoft.Network/locations/operations/readGets operation resource that represents status of an asynchronous operation
Microsoft.Network/locations/usages/readGets the resources usage metrics
Microsoft.Network/networkInterfaces/deleteDeletes a network interface
Microsoft.Network/networkInterfaces/ipconfigurations/readGets a network interface ip configuration definition.
Microsoft.Network/networkInterfaces/join/actionJoins a Virtual Machine to a network interface. Not Alertable.
Microsoft.Network/networkInterfaces/readGets a network interface definition.
Microsoft.Network/networkInterfaces/writeCreates a network interface or updates an existing network interface.
Microsoft.Network/networkSecurityGroups/readGets a network security group definition
Microsoft.Network/networkSecurityGroups/securityRules/readGets a security rule definition
Microsoft.Network/publicIPAddresses/deleteDeletes a public Ip address.
Microsoft.Network/publicIPAddresses/join/actionJoins a public ip address. Not Alertable.
Microsoft.Network/publicIPAddresses/readGets a public ip address definition.
Microsoft.Network/publicIPAddresses/writeCreates a public Ip address or updates an existing public Ip address.
Microsoft.Network/virtualNetworks/readGet the virtual network definition
Microsoft.Network/virtualNetworks/subnets/join/actionJoins a virtual network. Not Alertable.
Microsoft.Network/virtualNetworks/subnets/readGets a virtual network subnet definition
Microsoft.Resources/deployments/*wildcarded / no description
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups.
Microsoft.Storage/checkNameAvailability/readChecks that account name is valid and is not in use.
Microsoft.Storage/storageAccounts/blobServices/containers/deleteReturns the result of deleting a container
Microsoft.Storage/storageAccounts/blobServices/containers/readReturns list of containers
Microsoft.Storage/storageAccounts/blobServices/containers/writeReturns the result of put blob container
Microsoft.Storage/storageAccounts/listKeys/actionReturns the access keys for the specified storage account.
Microsoft.Storage/storageAccounts/readReturns the list of storage accounts or gets the properties for the specified storage account.
Microsoft.Storage/storageAccounts/writeCreates a storage account with the specified parameters or update the properties or tags or adds custom domain for the specified storage account.
NotActions n/a
DataActions
Operation Description
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/actionReturns the result of adding blob content
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/deleteReturns the result of deleting a blob
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/readReturns a blob or a list of blobs
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/writeReturns the result of writing a blob
NotDataActions n/a
Used in
BuiltIn Policy		 none
History
Date/Time (UTC ymd) (i) Change Change detail
2024-07-03 18:20:57 add: Role dfce8971-25e3-42e3-ba33-6055438e3080
JSON
api-version=2023-07-01-preview
Condition none