last sync: 2020-Aug-05 13:05:28 UTC

Azure Role

Key Vault Crypto Service Encryption (preview)

Role Name Key Vault Crypto Service Encryption (preview)
Role Id e147488a-f6f5-4113-8e2d-b22465e65bf6
Role Description Can read metadata of keys and perform wrap/unwrap operations.
Role Changes
Date/Time (UTC ymd) (i) Change Change detail
2020-05-21 16:07:05 add: Role e147488a-f6f5-4113-8e2d-b22465e65bf6
Actions
NotActions
DataActions
Operation Description Used in other Role(s)
Microsoft.KeyVault/vaults/keys/read List keys in the specified vault, or read properties and public material of a key. For asymmetric keys, this operation exposes public key and includes ability to perform public key algorithms such as encrypt and verify signature. Private keys and symmetric keys are never exposed. Key Vault Crypto User (preview)
Microsoft.KeyVault/vaults/keys/wrap/action Wrap a symmetric key with a Key Vault key. Note that if the Key Vault key is asymmetric, this operation can be performed with read access. Key Vault Crypto User (preview)
Microsoft.KeyVault/vaults/keys/unwrap/action Unwrap a symmetric key with a Key Vault key. Key Vault Crypto User (preview)
NotDataActions
Used in Policy
Role Definition (Json)
{
  "Name": "Key Vault Crypto Service Encryption (preview)",
  "Id": "e147488a-f6f5-4113-8e2d-b22465e65bf6",
  "IsCustom": false,
  "Description": "Can read metadata of keys and perform wrap/unwrap operations.",
  "Actions": [
    
  ],
  "NotActions": [
    
  ],
  "DataActions": [
    "Microsoft.KeyVault/vaults/keys/read",
    "Microsoft.KeyVault/vaults/keys/wrap/action",
    "Microsoft.KeyVault/vaults/keys/unwrap/action"
  ],
  "NotDataActions": [
    
  ],
  "AssignableScopes": [
    "/"
  ]
}