last sync: 2023-Nov-30 18:20:43 UTC

Azure RBAC Role definition

API Management Service Operator Role

NameAPI Management Service Operator Role
Microsoft Learn
DescriptionCan manage service but not the APIs
CreatedOn2016-11-09 00:03:42 UTC
UpdatedOn2021-11-11 20:13:11 UTC
Permissions summary Effective control plane and data plane operations: 222 (unique operations)
•action: 16
•delete: 3
•read: 199
•write: 4

Actions: 15
Resolved control plane operations from Actions: 223
Effective control plane operations: 222
•action: 16
•delete: 3
•read: 199
•write: 4

NotActions: 1
Resolved control plane operations from NotActions: 1
Effective denied control plane operations: 14508

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3083
Operation Description
Microsoft.ApiManagement/service/*/readwildcarded / no description
Microsoft.ApiManagement/service/backup/actionBackup API Management Service to the specified container in a user provided storage account
Microsoft.ApiManagement/service/deleteDelete API Management Service instance
Microsoft.ApiManagement/service/managedeployments/actionChange SKU/units, add/remove regional deployments of API Management Service
Microsoft.ApiManagement/service/readRead metadata for an API Management Service instance
Microsoft.ApiManagement/service/restore/actionRestore API Management Service from the specified container in a user provided storage account
Microsoft.ApiManagement/service/updatecertificate/actionUpload SSL certificate for an API Management Service
Microsoft.ApiManagement/service/updatehostname/actionSetup, update or remove custom domain names for an API Management Service
Microsoft.ApiManagement/service/writeCreate or Update API Management Service instance
Microsoft.Authorization/*/readwildcarded / no description
Microsoft.Insights/alertRules/*wildcarded / no description
Microsoft.ResourceHealth/availabilityStatuses/readGets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*wildcarded / no description
Microsoft.Support/*wildcarded / no description
Operation Description
Microsoft.ApiManagement/service/users/keys/readGet keys associated with user
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy