| Name | Azure AI Account Owner | ||||||||||||||||||||||||||||||||||||||||||
| Id | e47c6f54-e4a2-4754-9501-8e0985b135e1 | ||||||||||||||||||||||||||||||||||||||||||
| Description | Grants full access to manage AI projects and accounts. Grants conditional assignment of the Azure AI User role to other user principles. | ||||||||||||||||||||||||||||||||||||||||||
| Category | None | ||||||||||||||||||||||||||||||||||||||||||
| CreatedOn | 2025-05-01 00:11:10 UTC | ||||||||||||||||||||||||||||||||||||||||||
| UpdatedOn | 2025-05-01 00:11:10 UTC | ||||||||||||||||||||||||||||||||||||||||||
| Permissions summary | Effective control plane and data plane operations: 188 (unique operations) •: 1 •action: 30 •delete: 27 •read: 100 •write: 30 Actions: 20 Resolved control plane operations from Actions: 188 Effective control plane operations: 188 •: 1 •action: 30 •delete: 27 •read: 100 •write: 30 NotActions: 0 Resolved control plane operations from NotActions: 0 Effective denied control plane operations: 17188 DataActions: 0 Resolved data plane operations: 0 Effective data plane operations: 0 NotDataActions: 0 Resolved data plane operations from NotDataActions: 0 Effective denied data plane operations: 4081 |
||||||||||||||||||||||||||||||||||||||||||
| Actions |
|
||||||||||||||||||||||||||||||||||||||||||
| NotActions | n/a | ||||||||||||||||||||||||||||||||||||||||||
| DataActions | n/a | ||||||||||||||||||||||||||||||||||||||||||
| NotDataActions | n/a | ||||||||||||||||||||||||||||||||||||||||||
| Used in BuiltIn Policy |
none | ||||||||||||||||||||||||||||||||||||||||||
| History |
|
||||||||||||||||||||||||||||||||||||||||||
| JSON |
|
||||||||||||||||||||||||||||||||||||||||||
| Condition |
( ( ! ( ActionMatches { 'Microsoft.Authorization/roleAssignments/write' } ) ) OR ( @Request[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals { 53ca6127-db72-4b80-b1b0-d745d6d5456d (Azure AI User) } ) ) AND ( ( ! ( ActionMatches { 'Microsoft.Authorization/roleAssignments/delete' } ) ) OR ( @Resource[Microsoft.Authorization/roleAssignments:RoleDefinitionId] ForAnyOfAnyValues:GuidEquals { 53ca6127-db72-4b80-b1b0-d745d6d5456d (Azure AI User) } ) ) |