| Id | DisplayName | Description | Details (UTC ymd) (i) |
|---|---|---|---|
| 60fc6e62-5479-42d4-8bf4-67625fcc2840 | Disk Pool Operator | Used by the StoragePool Resource Provider to manage Disks added to a Disk Pool. | 2021-09-14 15:45:54
add Role |
| fd53cd77-2268-407a-8f46-7e7863d0f521 | SignalR REST API Owner | Full access to Azure SignalR Service REST APIs | 2021-09-13 16:35:21
change DisplayName, Description, DataActions |
| 6ae96244-5829-4925-a7d3-5975537d91dd | Azure VM Managed identities restore Contributor | Azure VM Managed identities restore Contributors are allowed to perform Azure VM Restores with managed identities both user and system | 2021-09-13 16:35:21
add Role |
| 494ae006-db33-4328-bf46-533a6560a3ca | Site Recovery Operator | Lets you failover and failback but not perform other Site Recovery management operations | 2021-09-10 15:51:14
change Actions |
| 1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf | Stream Analytics Query Tester | Lets you perform query testing without creating a stream analytics job first | 2021-09-08 15:40:07
change Actions |
| a06f5c24-21a7-4e1a-aa2b-f19eb6684f5b | Azure Spring Cloud Config Server Contributor | Allow read, write and delete access to Azure Spring Cloud Config Server | 2021-09-06 17:54:17
add Role |
| 6670b86e-a3f7-4917-ac9b-5d6ab1be4567 | Site Recovery Contributor | Lets you manage Site Recovery service except vault creation and role assignment | 2021-09-02 16:18:17
change Actions |
| dbaa88c4-0c30-4179-9fb3-46319faa6149 | Site Recovery Reader | Lets you view Site Recovery status but not perform other management operations | 2021-09-02 16:18:17
change Actions |
| f353d9bd-d4a6-484e-a77a-8050b599b867 | Automation Contributor | Manage azure automation resources and other resources using azure automation. | 2021-09-01 15:00:06
change Actions |
| 1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf | Stream Analytics Query Tester | Lets you perform query testing without creating a stream analytics job first | 2021-09-01 15:00:06
change Actions |
| d04c6db6-4947-4782-9e91-30a88feb7be7 | Azure Spring Cloud Config Server Reader | Allow read access to Azure Spring Cloud Config Server | 2021-08-26 16:23:33
add Role |
| cff1b556-2399-4e7e-856d-a8f754be7b65 | Azure Spring Cloud Service Registry Reader | Allow read access to Azure Spring Cloud Service Registry | 2021-08-20 15:48:24
add Role |
| f5880b48-c26d-48be-b172-7927bfa1c8f1 | Azure Spring Cloud Service Registry Contributor | Allow read, write and delete access to Azure Spring Cloud Service Registry | 2021-08-20 15:48:24
add Role |
| 9980e02c-c2be-4d73-94e8-173b1dc7cf3c | Virtual Machine Contributor | Lets you manage virtual machines, but not access to them, and not the virtual network or storage account they're connected to. | 2021-08-19 16:32:19
change Actions |
| 2837e146-70d7-4cfd-ad55-7efa6464f958 | CodeSigning Certificate Profile Signer | Sign files with a certificate profile. This role is in preview and subject to change. | 2021-08-17 16:31:35
add Role |
| 60921a7e-fef1-4a43-9b16-a26c52ad4769 | Grafana Viewer | Built-in Grafana Viewer role | 2021-08-13 17:07:50
add Role |
| a79a5197-3a5c-4973-a920-486035ffd60f | Grafana Editor | Built-in Grafana Editor role | 2021-08-13 17:07:50
add Role |
| 22926164-76b3-42b3-bc55-97df8dab3e41 | Grafana Admin | Built-in Grafana admin role | 2021-08-13 17:07:50
add Role |
| 39bc4728-0917-49c7-9d2c-d95423bc2eb4 | Security Reader | Security Reader Role | 2021-08-12 19:47:01
change Actions |
| fb1c8493-542b-48eb-b624-b4c8fea62acd | Security Admin | Security Admin Role | 2021-08-12 19:47:01
change NotActions |
| 85cb6faf-e071-4c9b-8136-154b5a04f717 | Kubernetes Extension Contributor | Can create, update, get, list and delete Kubernetes Extensions, and get extension async operations | 2021-08-11 15:29:45
add Role |
| 10745317-c249-44a1-a5ce-3a4353c0bbd8 | Device Provisioning Service Data Reader | Allows for full read access to Device Provisioning Service data-plane properties. | 2021-08-09 22:29:09
add Role |
| dfce44e4-17b7-4bd1-a6d1-04996ec95633 | Device Provisioning Service Data Contributor | Allows for full access to Device Provisioning Service data-plane operations. | 2021-08-09 22:29:09
add Role |
| f353d9bd-d4a6-484e-a77a-8050b599b867 | Automation Contributor | Manage azure automation resources and other resources using azure automation. | 2021-08-09 19:32:28
add Role |
| 1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf | Stream Analytics Query Tester | Lets you perform query testing without creating a stream analytics job first | 2021-08-06 15:06:08
change Actions |
| 92aaf0da-9dab-42b6-94a3-d43ce8d16293 | Log Analytics Contributor | Log Analytics Contributor can read all monitoring data and edit monitoring settings. Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; adding solutions; and configuring Azure diagnostics on all Azure resources. | 2021-08-06 15:06:08
change Description, Actions |
| 15e0f5a1-3450-4248-8e25-e2afe88a9e85 | Test Base Reader | Let you view and download packages and test results. | 2021-08-06 15:06:08
change Actions |
| 8d289c81-5878-46d4-8554-54e1e3d8b5cb | Azure Sentinel Reader | Azure Sentinel Reader | 2021-08-05 14:48:34
change Actions |
| ab8e14d6-4a74-4a29-9ba8-549422addade | Azure Sentinel Contributor | Azure Sentinel Contributor | 2021-08-05 14:48:34
change Actions |
| 3e150937-b8fe-4cfb-8069-0eaf05ecd056 | Azure Sentinel Responder | Azure Sentinel Responder | 2021-08-05 14:48:34
change Actions |
| 25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68 | Cognitive Services Contributor | Lets you create, read, update, delete and manage keys of Cognitive Services. | 2021-08-03 20:37:08
change Actions |
| fb879df8-f326-4884-b1cf-06f3ad86be52 | Virtual Machine User Login | View Virtual Machines in the portal and login as a regular user. | 2021-08-02 15:58:24
change Actions, DataActions |
| 1c0163c0-47e6-4577-8991-ea5c82e286e4 | Virtual Machine Administrator Login | View Virtual Machines in the portal and login as administrator | 2021-08-02 15:58:24
change Actions, DataActions |
| 7e4f1700-ea5a-4f59-8f37-079cfe29dce3 | SignalR Service Owner | Full access to Azure SignalR Service REST APIs | 2021-07-29 15:40:44
change DisplayName, DataActions |
| 0e75ca1e-0464-4b4d-8b93-68208a576181 | Cognitive Services Speech Contributor | Full access to Speech projects, including read, write and delete all entities, for real-time speech recognition and batch transcription tasks, real-time speech synthesis and long audio tasks, custom speech and custom voice. | 2021-07-29 15:40:44
change Description, DataActions |
| f2dc8367-1007-4938-bd23-fe263f013447 | Cognitive Services Speech User | Access to the real-time speech recognition and batch transcription APIs, real-time speech synthesis and long audio APIs, as well as to read the data/test/model/endpoint for custom models, but can't create, delete or modify the data/test/model/endpoint for custom models. | 2021-07-29 15:40:44
change Description, DataActions, NotDataActions |
| 26e0b698-aa6d-4085-9386-aadae190014d | Azure Relay Listener | Allows for listen access to Azure Relay resources. | 2021-07-21 16:02:28
add Role |
| 2787bf04-f1f5-4bfe-8383-c8a24483ee38 | Azure Relay Owner | Allows for full access to Azure Relay resources. | 2021-07-20 17:09:18
add Role |
| 26baccc8-eea7-41f1-98f4-1762cc7f685d | Azure Relay Sender | Allows for send access to Azure Relay resources. | 2021-07-20 17:09:18
add Role |
| e8113dce-c529-4d33-91fa-e9b972617508 | Azure Connected SQL Server Onboarding | Microsoft.AzureArcData service role to access the resources of Microsoft.AzureArcData stored with RPSAAS. | 2021-07-19 14:20:08
add Role |
| 8508508a-4469-4e45-963b-2518ee0bb728 | AgFood Platform Service Contributor | Provides contribute access to AgFood Platform Service | 2021-07-19 14:20:08
change NotDataActions |
| 3db33094-8700-4567-8da5-1501d4e7e843 | FHIR Data Exporter | Role allows user or principal to read and export FHIR Data | 2021-07-19 14:20:08
change DataActions |
| f6c7c914-8db3-469d-8ca1-694a8f32e121 | AzureML Data Scientist | Can perform all actions within an Azure Machine Learning workspace, except for creating or deleting compute resources and modifying the workspace itself. | 2021-07-15 16:24:54
add Role |
| 39bc4728-0917-49c7-9d2c-d95423bc2eb4 | Security Reader | Security Reader Role | 2021-07-12 16:24:45
change Actions |
| 60fc6e62-5479-42d4-8bf4-67625fcc2840 | Disk Pool Operator | Used by the StoragePool Resource Provider to manage Disks added to a Disk Pool. | 2021-07-12 16:24:45
remove Role |
| 3f88fce4-5892-4214-ae73-ba5294559913 | FHIR Data Writer | Role allows user or principal to read and write FHIR Data | 2021-07-09 14:39:01
change DataActions, NotDataActions |
| 5a1fc7df-4bf1-4951-a576-89034ee01acd | FHIR Data Contributor | Role allows user or principal full access to FHIR Data | 2021-07-09 14:39:01
change DataActions |
| 4c8d0bbc-75d3-4935-991f-5f3c56d81508 | FHIR Data Reader | Role allows user or principal to read FHIR Data | 2021-07-09 14:39:01
change DataActions |
| a1705bd2-3a8f-45a5-8683-466fcfd5cc24 | FHIR Data Converter | Role allows user or principal to convert data from legacy format to FHIR | 2021-07-09 14:39:01
change DataActions |
| 60fc6e62-5479-42d4-8bf4-67625fcc2840 | Disk Pool Operator | Used by the StoragePool Resource Provider to manage Disks added to a Disk Pool. | 2021-07-09 14:39:01
add Role |
| fb1c8493-542b-48eb-b624-b4c8fea62acd | Security Admin | Security Admin Role | 2021-07-08 14:19:50
change Actions |
| c8d4ff99-41c3-41a8-9f60-21dfdad59608 | AcrQuarantineWriter | acr quarantine data writer | 2021-07-07 15:26:33
change DataActions |
| d5a91429-5739-47e2-a06b-3470a27159e7 | EventGrid Data Sender | Allows send access to event grid events. | 2021-07-05 14:23:05
add Role |
| cdda3590-29a3-44f6-95f2-9f980659eb04 | AcrQuarantineReader | acr quarantine data reader | 2021-06-24 14:29:36
change DataActions |
| 6cef56e8-d556-48e5-a04f-b8e64114680f | AcrImageSigner | acr image signer | 2021-06-24 14:29:36
change DataActions |
| 58a3b984-7adf-4c20-983a-32417c86fbc8 | DICOM Data Owner | Full access to DICOM data. | 2021-06-18 14:19:53
add Role |
| e89c7a3c-2f64-4fa1-a847-3e4c9ba4283a | DICOM Data Reader | Read and search DICOM data. | 2021-06-18 14:19:53
add Role |
| 0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3 | Storage Table Data Contributor | Allows for read, write and delete access to Azure Storage tables and entities | 2021-06-15 14:06:27
add Role |
| 76199698-9eea-4c19-bc75-cec21354c6b6 | Storage Table Data Reader | Allows for read access to Azure Storage tables and entities | 2021-06-15 14:06:27
add Role |
| 5e467623-bb1f-42f4-a55d-6e525e11384b | Backup Contributor | Lets you manage backup service,but can't create vaults and give access to others | 2021-06-14 13:58:52
change Actions |
| 00c29273-979b-4161-815c-10b084fb9324 | Backup Operator | Lets you manage backup services, except removal of backup, vault creation and giving access to others | 2021-06-14 13:58:52
change Actions |
| a795c7a0-d4a2-40c1-ae25-d81f01202912 | Backup Reader | Can view backup services, but can't make changes | 2021-06-10 15:19:34
change Actions |
| 9b7fa17d-e63e-47b0-bb0a-15c516ac86ec | SQL DB Contributor | Lets you manage SQL databases, but not access to them. Also, you can't manage their security-related policies or their parent SQL servers. | 2021-06-10 15:19:34
change NotActions |
| cd570a14-e51a-42ad-bac8-bafd67325302 | Azure Connected Machine Resource Administrator | Can read, write, delete and re-onboard Azure Connected Machines. | 2021-06-09 16:50:31
change Actions |
| 1407120a-92aa-4202-b7e9-c0e197c71c8f | Search Index Data Reader | Grants read access to Azure Cognitive Search index data. | 2021-06-02 22:45:24
add Role |
| 8ebe5a00-799e-43f5-93ac-243d3dce84a7 | Search Index Data Contributor | Grants full access to Azure Cognitive Search index data. | 2021-06-02 22:45:24
add Role |
| a795c7a0-d4a2-40c1-ae25-d81f01202912 | Backup Reader | Can view backup services, but can't make changes | 2021-05-25 14:52:54
change Actions |
| a37b566d-3efa-4beb-a2f2-698963fa42ce | Security Detonation Chamber Submission Manager | Allowed to create and manage submissions to Security Detonation Chamber | 2021-05-24 17:13:01
change DataActions |
| 0b555d9b-b4a7-4f43-b330-627f0e5be8f0 | Security Detonation Chamber Submitter | Allowed to create submissions to Security Detonation Chamber | 2021-05-24 17:13:01
change DataActions |
| 15e0f5a1-3450-4248-8e25-e2afe88a9e85 | Test Base Reader | Let you view and download packages and test results. | 2021-05-12 14:41:18
add Role |
| c4bba371-dacd-4a26-b320-7250bca963ae | Media Services Policy Administrator | Create, read, modify, and delete Account Filters, Streaming Policies, Content Key Policies and Transforms; read-only access to other Media Services resources. Cannot create Jobs, Assets or Streaming resources. | 2021-05-07 14:29:30
add Role |
| e4395492-1534-4db2-bedf-88c14621589c | Media Services Media Operator | Create, read, modify, and delete of Assets, Asset Filters, Streaming Locators and Jobs; read-only access to other Media Services resources. | 2021-05-07 14:29:30
add Role |
| 532bc159-b25e-42c0-969e-a1d439f60d77 | Media Services Live Events Administrator | Create, read and modify Live Events, Assets, Asset Filters and Streaming Locators; read-only access to other Media Services resources. | 2021-05-07 14:29:30
add Role |
| 99dba123-b5fe-44d5-874c-ced7199a5804 | Media Services Streaming Endpoints Administrator | Create, read, modify and delete Streaming Endpoints; read-only access to other Media Services resources. | 2021-05-07 14:29:30
add Role |
| 054126f8-9a2b-4f1c-a9ad-eca461f08466 | Media Services Account Administrator | Create, read, modify and delete Media Services accounts; read-only access to other Media Services resources. | 2021-05-03 14:09:38
add Role |
| cd570a14-e51a-42ad-bac8-bafd67325302 | Azure Connected Machine Resource Administrator | Can read, write, delete and re-onboard Azure Connected Machines. | 2021-04-29 16:55:26
change Actions |
| 1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf | Stream Analytics Query Tester | Lets you perform query testing without creating a stream analytics job first | 2021-04-27 15:39:18
add Role |
| 7a6f0e70-c033-4fb1-828c-08514e5f4102 | Collaborative Runtime Operator | Can manage resources created by AICS at runtime | 2021-04-26 14:08:50
change Actions |
| 4fc6c259-987e-4a07-842e-c321cc9d413f | Azure Iot?Hubs?Data?Contributor | Allows for full access to Azure IoT Hubs data plane operations. | 2021-04-23 13:42:10
add Role |
| 4ea46cd5-c1b2-4a8e-910b-273211f9ce47 | Azure Iot Hubs Registry Contributor | Allows for full access to Azure IoT Hubs device registry. | 2021-04-23 13:42:10
add Role |
| b447c946-2db7-41ec-983d-d8bf3b1c77e3 | Azure Iot Hubs Data Reader | Allows for full read access to Azure Iot Hubs data-plane properties | 2021-04-23 13:42:10
add Role |
| 494bdba2-168f-4f31-a0a1-191d2f7c028c | Azure Iot?Hubs?Twin?Contributor | Allows for read and write access to all Azure IoT Hubs device and module twins. | 2021-04-23 13:42:10
add Role |
| a2138dac-4907-4679-a376-736901ed8ad8 | AnyBuild Builder | Basic user role for AnyBuild. This role allows listing of agent information and execution of remote build capabilities. | 2021-04-21 13:28:47
add Role |
| 9894cab4-e18a-44aa-828b-cb588cd6f2d7 | Cognitive Services Face Recognizer | Lets you perform detect, verify, identify, group, and find similar operations on Face API. This role does not allow create or delete operations, which makes it well suited for endpoints that only need inferencing capabilities, following 'least privilege' best practices. | 2021-03-31 14:35:06
add Role |
| f2dc8367-1007-4938-bd23-fe263f013447 | Cognitive Services Speech User | This is a role that can create, read, change and delete batch transcriptions, do real time transcriptions and list or get other speech resources. | 2021-03-30 13:51:32
add Role |
| 0e75ca1e-0464-4b4d-8b93-68208a576181 | Cognitive Services Speech Contributor | This is a role that can read, write and delete all speech resources. | 2021-03-30 13:51:32
add Role |
| b5537268-8956-4941-a8f0-646150406f0c | Azure Spring Cloud Data Reader | Allow read access to Azure Spring Cloud Data | 2021-03-25 15:40:30
add Role |
| bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf | Web PubSub Service Reader (Preview) | Read-only access to Azure Web PubSub Service REST APIs | 2021-03-24 14:32:47
add Role |
| cd570a14-e51a-42ad-bac8-bafd67325302 | Azure Connected Machine Resource Administrator | Can read, write, delete and re-onboard Azure Connected Machines. | 2021-03-24 14:32:47
change Actions |
| 12cf5a90-567b-43ae-8102-96cf46c7d9b4 | Web PubSub Service Owner (Preview) | Full access to Azure Web PubSub Service REST APIs | 2021-03-24 14:32:47
add Role |
| 7e4f1700-ea5a-4f59-8f37-079cfe29dce3 | SignalR Service Owner (Preview) | Full access to Azure SignalR Service REST APIs | 2021-03-24 14:32:47
change DataActions |
| b64e21ea-ac4e-4cdf-9dc9-5b892992bee7 | Azure Connected Machine Onboarding | Can onboard Azure Connected Machines. | 2021-03-24 14:32:47
change Actions |
| daa9e50b-21df-454c-94a6-a8050adab352 | Collaborative Data Contributor | Can manage data packages of a collaborative. | 2021-03-17 17:26:57
change Actions |
| d17ce0a2-0697-43bc-aac5-9113337ab61c | WorkloadBuilder Migration Agent Role | WorkloadBuilder Migration Agent Role. | 2021-03-12 15:32:19
add Role |
| 466ccd10-b268-4a11-b098-b4849f024126 | Cognitive Services QnA Maker Reader | Let's you read and test a KB only. | 2021-03-11 15:16:45
change DataActions |
| f4cc2bf9-21be-47a1-bdf1-5c5804381025 | Cognitive Services QnA Maker Editor | Let's you create, edit, import and export a KB. You cannot publish or delete a KB. | 2021-03-11 15:16:45
change DataActions |
| 056cd41c-7e88-42e1-933e-88ba6a50c9c3 | SQL Security Manager | Lets you manage the security-related policies of SQL servers and databases, but not access to them. | 2021-03-09 14:37:39
change Actions |
| 6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437 | SQL Server Contributor | Lets you manage SQL servers and databases, but not access to them, and not their security -related policies. | 2021-03-09 14:37:39
change NotActions |
| 352470b3-6a9c-4686-b503-35deb827e500 | Security Detonation Chamber Publisher | Allowed to publish and modify platforms, workflows and toolsets to Security Detonation Chamber | 2021-03-08 14:55:25
change DataActions |
| 7f646f1b-fa08-80eb-a22b-edd6ce5c915c | Experimentation Contributor | Experimentation Contributor | 2021-03-08 14:55:25
change DataActions |
| 6188b7c9-7d01-4f99-a59f-c88b630326c0 | Experimentation Metric Contributor | Allows for creation, writes and reads to the metric set via the metrics service APIs. | 2021-03-08 14:55:25
change DisplayName, Actions, DataActions |
| 7f646f1b-fa08-80eb-a33b-edd6ce5c915c | Experimentation Administrator | Experimentation Administrator | 2021-03-08 14:55:25
change Actions |
| 4a167cdf-cb95-4554-9203-2347fe489bd9 | Object Anchors Account Reader | Lets you read ingestion jobs for an object anchors account. | 2021-03-02 15:11:43
add Role |
| ca0835dd-bacc-42dd-8ed2-ed5e7230d15b | Object Anchors Account Owner | Provides user with ingestion capabilities for an object anchors account. | 2021-03-02 15:11:43
add Role |
| 28241645-39f8-410b-ad48-87863e2951d5 | Security Detonation Chamber Reader | Allowed to query submission info and files from Security Detonation Chamber | 2021-03-01 15:42:30
add Role |
| 230815da-be43-4aae-9cb4-875f7bd000aa | Cosmos DB Operator | Lets you manage Azure Cosmos DB accounts, but not access data in them. Prevents access to account keys and connection strings. | 2021-02-26 14:41:31
change NotActions |
| 056cd41c-7e88-42e1-933e-88ba6a50c9c3 | SQL Security Manager | Lets you manage the security-related policies of SQL servers and databases, but not access to them. | 2021-02-15 15:24:20
change Actions |
| 1e241071-0855-49ea-94dc-649edcd759de | EventGrid Contributor | Lets you manage EventGrid operations. | 2021-02-11 14:23:07
change Actions |
| d63b75f7-47ea-4f27-92ac-e0d173aaf093 | Autonomous Development Platform Data Reader (Preview) | Grants read access to Autonomous Development Platform data. | 2021-02-09 14:46:34
change DataActions |
| 27f8b550-c507-4db9-86f2-f4b8e816d59d | Autonomous Development Platform Data Owner (Preview) | Grants full access to Autonomous Development Platform data. | 2021-02-09 14:46:34
change DataActions |
| 1e241071-0855-49ea-94dc-649edcd759de | EventGrid Contributor | Lets you manage EventGrid operations. | 2021-02-09 14:46:34
add Role |
| b8b15564-4fa6-4a59-ab12-03e1d9594795 | Autonomous Development Platform Data Contributor (Preview) | Grants permissions to upload and manage new Autonomous Development Platform measurements. | 2021-02-09 14:46:34
change DataActions |
| 7a6f0e70-c033-4fb1-828c-08514e5f4102 | Collaborative Runtime Operator | Can manage resources created by AICS at runtime | 2021-02-08 14:18:19
change Actions |
| 0e5f05e5-9ab9-446b-b98d-1e2157c94125 | Quota Request Operator Role | Role to read and create Quota Requests and get Quota Request Status. | 2021-02-05 15:19:18
change Actions |
| ba92f5b4-2d11-453d-a403-e96b0029c9fe | Storage Blob Data Contributor | Allows for read, write and delete access to Azure Storage blob containers and data | 2021-02-04 14:17:50
change DataActions |
| 0e5f05e5-9ab9-446b-b98d-1e2157c94125 | Quota Request Operator Role | Role to read and create Quota Requests and get Quota Request Status. | 2021-02-03 15:09:04
add Role |
| 7f646f1b-fa08-80eb-a33b-edd6ce5c915c | Experimentation Administrator | Experimentation Administrator | 2021-02-03 15:09:04
change DataActions |
| 6188b7c9-7d01-4f99-a59f-c88b630326c0 | Metric Contributor | Allows for creation, writes and reads to the metric set via the metrics service APIs. | 2021-01-29 15:07:15
change DataActions |
| f4c81013-99ee-4d62-a7ee-b3f1f648599a | Azure Sentinel Automation Contributor | Azure Sentinel Automation Contributor | 2021-01-26 16:07:29
change Actions |
| 974c5e8b-45b9-4653-ba55-5f855dd0fb88 | Storage Queue Data Contributor | Allows for read, write, and delete access to Azure Storage queues and queue messages | 2021-01-25 16:07:06
change DataActions |
| 352470b3-6a9c-4686-b503-35deb827e500 | Security Detonation Chamber Publisher | Allowed to publish and modify platforms, workflows and toolsets to Security Detonation Chamber | 2021-01-25 16:07:06
change DataActions |
| 0b555d9b-b4a7-4f43-b330-627f0e5be8f0 | Security Detonation Chamber Submitter | Allowed to create submissions to Security Detonation Chamber | 2021-01-25 16:07:06
change DataActions |
| f4c81013-99ee-4d62-a7ee-b3f1f648599a | Azure Sentinel Automation Contributor | Azure Sentinel Automation Contributor | 2021-01-25 16:07:06
add Role |
| a1705bd2-3a8f-45a5-8683-466fcfd5cc24 | FHIR Data Converter | Role allows user or principal to convert data from legacy format to FHIR | 2021-01-25 16:07:06
add Role |
| a37b566d-3efa-4beb-a2f2-698963fa42ce | Security Detonation Chamber Submission Manager | Allowed to create and manage submissions to Security Detonation Chamber | 2021-01-25 16:07:06
change DataActions |
| 5432c526-bc82-444a-b7ba-57c5b0b5b34f | CosmosRestoreOperator | Can perform restore action for Cosmos DB database account | 2021-01-22 09:15:20
add Role |
| ae349356-3a1b-4a5e-921d-050484c6347e | Application Insights Component Contributor | Can manage Application Insights components | 2021-01-20 16:06:17
change Actions |
| 00c29273-979b-4161-815c-10b084fb9324 | Backup Operator | Lets you manage backup services, except removal of backup, vault creation and giving access to others | 2021-01-19 16:07:23
change Actions |
| 7a6f0e70-c033-4fb1-828c-08514e5f4102 | Collaborative Runtime Operator | Can manage resources created by AICS at runtime | 2021-01-19 16:07:23
add Role |
| a37b566d-3efa-4beb-a2f2-698963fa42ce | Security Detonation Chamber Submission Manager | Allowed to create and manage submissions to Security Detonation Chamber | 2021-01-18 16:05:49
add Role |
| 7f646f1b-fa08-80eb-a33b-edd6ce5c915c | Experimentation Administrator | Experimentation Administrator | 2021-01-18 16:05:49
change Actions |
| 7f646f1b-fa08-80eb-a22b-edd6ce5c915c | Experimentation Contributor | Experimentation Contributor | 2021-01-18 16:05:49
change Actions |
| 352470b3-6a9c-4686-b503-35deb827e500 | Security Detonation Chamber Publisher | Allowed to publish and modify platforms, workflows and toolsets to Security Detonation Chamber | 2021-01-18 16:05:49
add Role |
| 49632ef5-d9ac-41f4-b8e7-bbe587fa74a1 | Experimentation Reader | Experimentation Reader | 2021-01-12 16:06:58
change Actions |
| 5548b2cf-c94c-4228-90ba-30851930a12f | Microsoft.Kubernetes connected cluster role | Microsoft.Kubernetes connected cluster role. | 2021-01-08 16:05:47
add Role |
| 7efff54f-a5b4-42b5-a1c5-5411624893ce | Disk Snapshot Contributor | Provides permission to backup vault to manage disk snapshots. | 2021-01-06 16:06:44
change Actions |
| b8b15564-4fa6-4a59-ab12-03e1d9594795 | Autonomous Development Platform Data Contributor (Preview) | Grants permissions to upload and manage new Autonomous Development Platform measurements. | 2021-01-05 16:06:49
change Description, DataActions, NotDataActions |
| 39bc4728-0917-49c7-9d2c-d95423bc2eb4 | Security Reader | Security Reader Role | 2021-01-04 16:05:39
change Actions |
| e147488a-f6f5-4113-8e2d-b22465e65bf6 | Key Vault Crypto Service Encryption User (preview) | Read metadata of keys and perform wrap/unwrap operations. Only works for key vaults that use the 'Azure role-based access control' permission model. | 2020-12-18 16:05:51
change DisplayName, Actions |
| b50d9833-a0cb-478e-945f-707fcc997c13 | Disk Restore Operator | Provides permission to backup vault to perform disk restore. | 2020-12-18 16:05:51
change Actions |
| 3e5e47e6-65f7-47ef-90b5-e5dd4d455f24 | Disk Backup Reader | Provides permission to backup vault to perform disk backup. | 2020-12-18 16:05:51
change Actions |
| 7efff54f-a5b4-42b5-a1c5-5411624893ce | Disk Snapshot Contributor | Provides permission to backup vault to manage disk snapshots. | 2020-12-18 16:05:51
change Actions |
| 7efff54f-a5b4-42b5-a1c5-5411624893ce | Disk Snapshot Contributor | Provides permission to backup vault to manage disk snapshots. | 2020-12-15 16:36:19
add Role |
| b50d9833-a0cb-478e-945f-707fcc997c13 | Disk Restore Operator | Provides permission to backup vault to perform disk restore. | 2020-12-15 16:36:19
add Role |
| 27f8b550-c507-4db9-86f2-f4b8e816d59d | Autonomous Development Platform Data Owner (Preview) | Grants full access to Autonomous Development Platform data. | 2020-12-15 16:36:19
add Role |
| b8b15564-4fa6-4a59-ab12-03e1d9594795 | Autonomous Development Platform Data Contributor (Preview) | Grants permissions to manage Autonomous Development Platform data entities, but does not allow accessing the underlying data. Note that entity deletion is not permitted by this role. | 2020-12-15 16:36:19
add Role |
| d63b75f7-47ea-4f27-92ac-e0d173aaf093 | Autonomous Development Platform Data Reader (Preview) | Grants read access to Autonomous Development Platform data. | 2020-12-15 16:36:19
add Role |
| 3e5e47e6-65f7-47ef-90b5-e5dd4d455f24 | Disk Backup Reader | Provides permission to backup vault to perform disk backup. | 2020-12-15 16:36:19
add Role |
| 0fa44ee9-7a7d-466b-9bb2-2bf446b1204d | Desktop Virtualization Workspace Reader | Reader of the Desktop Virtualization Workspace. | 2020-12-14 15:13:28
add Role |
| c7aa55d3-1abb-444a-a5ca-5e51e485d6ec | Integration Service Environment Developer | Allows developers to create and update workflows, integration accounts and API connections in integration service environments. | 2020-12-14 15:13:28
change Actions |
| 21efdde3-836f-432b-bf3d-3e8e734d4b2b | Desktop Virtualization Workspace Contributor | Contributor of the Desktop Virtualization Workspace. | 2020-12-14 15:13:28
add Role |
| aebf23d0-b568-4e86-b8f9-fe83a2c6ab55 | Desktop Virtualization Application Group Reader | Reader of the Desktop Virtualization Application Group. | 2020-12-14 15:13:28
add Role |
| 86240b0e-9422-4c43-887b-b61143f32ba8 | Desktop Virtualization Application Group Contributor | Contributor of the Desktop Virtualization Application Group. | 2020-12-14 15:13:28
add Role |
| 2ad6aaab-ead9-4eaa-8ac5-da422f562408 | Desktop Virtualization Session Host Operator | Operator of the Desktop Virtualization Session Host. | 2020-12-14 15:13:28
add Role |
| ceadfde2-b300-400a-ab7b-6143895aa822 | Desktop Virtualization Host Pool Reader | Reader of the Desktop Virtualization Host Pool. | 2020-12-14 15:13:28
add Role |
| 082f0a83-3be5-4ba1-904c-961cca79b387 | Desktop Virtualization Contributor | Contributor of Desktop Virtualization. | 2020-12-14 15:13:28
add Role |
| 49a72310-ab8d-41df-bbb0-79b649203868 | Desktop Virtualization Reader | Reader of Desktop Virtualization. | 2020-12-14 15:13:28
add Role |
| ea4bfff8-7fb4-485a-aadd-d4129a0ffaa6 | Desktop Virtualization User Session Operator | Operator of the Desktop Virtualization Uesr Session. | 2020-12-14 15:13:28
add Role |
| e307426c-f9b6-4e81-87de-d99efb3c32bc | Desktop Virtualization Host Pool Contributor | Contributor of the Desktop Virtualization Host Pool. | 2020-12-14 15:13:28
add Role |
| 056cd41c-7e88-42e1-933e-88ba6a50c9c3 | SQL Security Manager | Lets you manage the security-related policies of SQL servers and databases, but not access to them. | 2020-12-10 15:11:36
change Actions |
| 3e150937-b8fe-4cfb-8069-0eaf05ecd056 | Azure Sentinel Responder | Azure Sentinel Responder | 2020-12-08 15:44:03
change Actions |
| 72fafb9e-0641-4937-9268-a91bfd8191a3 | Cost Management Reader | Can view cost data and configuration (e.g. budgets, exports) | 2020-12-08 15:44:03
change Actions |
| 434105ed-43f6-45c7-a02f-909b2ba83430 | Cost Management Contributor | Can view costs and manage cost configuration (e.g. budgets, exports) | 2020-12-08 15:44:03
change Actions |
| ca6382a4-1721-4bcf-a114-ff0c70227b6b | Application Group Contributor | Contributor of the Application Group. | 2020-12-07 15:13:35
change Actions |
| ca6382a4-1721-4bcf-a114-ff0c70227b6b | Application Group Contributor | Contributor of the Application Group. | 2020-12-04 15:12:58
add Role |
| dd920d6d-f481-47f1-b461-f338c46b2d9f | Marketplace Admin | Administrator of marketplace resource provider | 2020-11-28 17:50:16
remove Role |
| 6188b7c9-7d01-4f99-a59f-c88b630326c0 | Metric Contributor | Allows for creation, writes and reads to the metric set via the metrics service APIs. | 2020-11-24 15:34:53
change DataActions |
| 9ef4ef9c-a049-46b0-82ab-dd8ac094c889 | Project Babylon Data Curator | The Microsoft.ProjectBabylon data curator can create, read, modify and delete catalog data objects and establish relationships between objects. This role is in preview and subject to change. | 2020-11-23 14:37:57
change DisplayName, Description, Actions |
| c8d896ba-346d-4f50-bc1d-7d1c84130446 | Project Babylon Data Reader | The Microsoft.ProjectBabylon data reader can read catalog data objects. This role is in preview and subject to change. | 2020-11-23 14:37:57
change DisplayName, Description, Actions |
| 05b7651b-dc44-475e-b74d-df3db49fae0f | Project Babylon Data Source Administrator | The Microsoft.ProjectBabylon data source administrator can manage data sources and data scans. This role is in preview and subject to change. | 2020-11-23 14:37:57
change DisplayName, Description, Actions |
| 200bba9e-f0c8-430f-892b-6f0794863803 | Purview Data Source Administrator Role Preview | The Microsoft.Purview data source administrator can manage data sources and data scans | 2020-11-19 14:28:56
change Actions |
| e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1 | Storage Account Backup Contributor Role | Storage Account Backup Contributors are allowed to perform backup and restore of Storage Account. | 2020-11-19 14:28:56
change Actions |
| 8a3c2885-9b38-4fd2-9d99-91af537c1347 | Purview Data Curator Role Preview | The Microsoft.Purview data curator can create, read, modify and delete catalog data objects and establish relationships between objects | 2020-11-19 14:28:56
change Actions |
| ff100721-1b9d-43d8-af52-42b69c1272db | Purview Data Reader Role Preview | The Microsoft.Purview data reader can read catalog data objects | 2020-11-19 14:28:56
change Actions |
| f2f79976-90be-4501-89c6-7caf12474683 | Azure Data Cloud Lifter Management | Grants full access to manage all resources in managed Resource Group. | 2020-11-18 18:53:03
remove Role |
| 749f88d5-cbae-40b8-bcfc-e573ddc772fa | Monitoring Contributor | Can read all monitoring data and update monitoring settings. | 2020-11-18 18:53:03
change Actions |
| 6188b7c9-7d01-4f99-a59f-c88b630326c0 | Metric Contributor | Allows for creation, writes and reads to the metric set via the metrics service APIs. | 2020-11-18 18:53:03
change DisplayName, DataActions |
| 200bba9e-f0c8-430f-892b-6f0794863803 | Purview Data Source Administrator Role Preview | The Microsoft.Purview data source administrator can manage data sources and data scans | 2020-11-16 13:39:23
add Role |
| 9ef4ef9c-a049-46b0-82ab-dd8ac094c889 | Project Babylon Data Curator Role Preview | The Microsoft.ProjectBabylon data curator can create, read, modify and delete catalog data objects and establish relationships between objects | 2020-11-16 13:39:23
add Role |
| 05b7651b-dc44-475e-b74d-df3db49fae0f | Project Babylon Data Source Administrator Role Preview | The Microsoft.ProjectBabylon data source administrator can manage data sources and data scans | 2020-11-16 13:39:23
add Role |
| 8a3c2885-9b38-4fd2-9d99-91af537c1347 | Purview Data Curator Role Preview | The Microsoft.Purview data curator can create, read, modify and delete catalog data objects and establish relationships between objects | 2020-11-16 13:39:23
add Role |
| ff100721-1b9d-43d8-af52-42b69c1272db | Purview Data Reader Role Preview | The Microsoft.Purview data reader can read catalog data objects | 2020-11-16 13:39:23
add Role |
| e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1 | Storage Account Backup Contributor Role | Storage Account Backup Contributors are allowed to perform backup and restore of Storage Account. | 2020-11-16 13:39:23
change Actions |
| c8d896ba-346d-4f50-bc1d-7d1c84130446 | Project Babylon Data Reader Role Preview | The Microsoft.ProjectBabylon data reader can read catalog data objects | 2020-11-16 13:39:23
add Role |
| e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1 | Storage Account Backup Contributor Role | Storage Account Backup Contributors are allowed to perform backup and restore of Storage Account. | 2020-11-13 14:22:44
add Role |
| 6188b7c9-7d01-4f99-a59f-c88b630326c0 | Metric Contributor Service Role | Allows for creation, writes and reads to the metric set via the metrics service APIs. | 2020-11-12 14:32:48
add Role |
| b24988ac-6180-42a0-ab88-20f7382dd24c | Contributor | Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC. | 2020-11-11 15:02:47
change NotActions |
| 3e150937-b8fe-4cfb-8069-0eaf05ecd056 | Azure Sentinel Responder | Azure Sentinel Responder | 2020-11-09 14:42:02
change NotActions |
| 3e150937-b8fe-4cfb-8069-0eaf05ecd056 | Azure Sentinel Responder | Azure Sentinel Responder | 2020-11-04 15:39:11
change Actions |
| ab8e14d6-4a74-4a29-9ba8-549422addade | Azure Sentinel Contributor | Azure Sentinel Contributor | 2020-11-04 15:39:11
change Actions |
| 8d289c81-5878-46d4-8554-54e1e3d8b5cb | Azure Sentinel Reader | Azure Sentinel Reader | 2020-11-04 15:39:11
change Actions |
| dffb1e0c-446f-4dde-a09f-99eb5cc68b96 | Azure Arc Kubernetes Admin | Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces. | 2020-11-03 14:38:31
change DataActions, NotDataActions |
| 5b999177-9696-4545-85c7-50de3797e5a1 | Azure Arc Kubernetes Writer | Lets you update everything in cluster/namespace, except (cluster)roles and (cluster)role bindings. | 2020-11-03 14:38:31
change DataActions, NotDataActions |
| 63f0a09d-1495-4db4-a681-037d84835eb4 | Azure Arc Kubernetes Viewer | Lets you view all resources in cluster/namespace, except secrets. | 2020-11-03 14:38:31
change DataActions, NotDataActions |
| 635dd51f-9968-44d3-b7fb-6d9a6bd613ae | AzureML Metrics Writer (preview) | Lets you write metrics to AzureML workspace | 2020-10-29 15:20:50
add Role |
| f2f79976-90be-4501-89c6-7caf12474683 | Azure Data Cloud Lifter Management | Grants full access to manage all resources in managed Resource Group. | 2020-10-28 15:04:35
change Actions |
| 8508508a-4469-4e45-963b-2518ee0bb728 | AgFood Platform Service Contributor | Provides contribute access to AgFood Platform Service | 2020-10-27 14:13:08
change NotDataActions |
| f7b75c60-3036-4b75-91c3-6b41c27c1689 | Reservation Purchaser | Lets you purchase reservations | 2020-10-26 14:19:04
add Role |
| 7e4f1700-ea5a-4f59-8f37-079cfe29dce3 | SignalR Service Owner (Preview) | Full access to Azure SignalR Service REST APIs | 2020-10-23 13:31:33
change DataActions |
| a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb | Azure Kubernetes Service RBAC Writer | Allows read/write access to most objects in a namespace.This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets and running Pods as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace. Applying this role at cluster scope will give access across all namespaces. | 2020-10-23 13:31:33
change Description, Actions, DataActions, NotDataActions |
| 420fcaa2-552c-430f-98ca-3264be4806c7 | SignalR App Server (Preview) | Lets your app server access SignalR Service with AAD auth options. | 2020-10-23 13:31:33
change DataActions |
| 7f6c6a51-bcf8-42ba-9220-52d62157d7db | Azure Kubernetes Service RBAC Reader | Allows read-only access to see most objects in a namespace. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces. | 2020-10-23 13:31:33
change Description, Actions, DataActions, NotDataActions |
| fd53cd77-2268-407a-8f46-7e7863d0f521 | SignalR Serverless Contributor (Preview) | Lets your app access service in serverless mode with AAD auth options. | 2020-10-23 13:31:33
change Description, DataActions |
| 6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437 | SQL Server Contributor | Lets you manage SQL servers and databases, but not access to them, and not their security -related policies. | 2020-10-20 13:29:34
change NotActions |
| 056cd41c-7e88-42e1-933e-88ba6a50c9c3 | SQL Security Manager | Lets you manage the security-related policies of SQL servers and databases, but not access to them. | 2020-10-20 13:29:34
change Actions |
| 9b7fa17d-e63e-47b0-bb0a-15c516ac86ec | SQL DB Contributor | Lets you manage SQL databases, but not access to them. Also, you can't manage their security-related policies or their parent SQL servers. | 2020-10-20 13:29:34
change NotActions |
| f2f79976-90be-4501-89c6-7caf12474683 | Azure Data Cloud Lifter Management | Grants full access to manage all resources in managed Resource Group. | 2020-10-20 13:29:34
add Role |
| 0b555d9b-b4a7-4f43-b330-627f0e5be8f0 | Security Detonation Chamber Submitter | Allowed to create submissions to Security Detonation Chamber | 2020-10-19 15:27:07
add Role |
| ddde6b66-c0df-4114-a159-3618637b3035 | SignalR Service Reader (Preview) | Read-only access to Azure SignalR Service REST APIs | 2020-10-13 13:23:37
add Role |
| 7e4f1700-ea5a-4f59-8f37-079cfe29dce3 | SignalR Service Owner (Preview) | Full access to Azure SignalR Service REST APIs | 2020-10-13 13:23:37
add Role |
| 82200a5b-e217-47a5-b665-6d8765ee745b | Services Hub Operator | Services Hub Operator allows you to perform all read, write, and deletion operations related to Services Hub Connectors. | 2020-10-07 08:52:18
change Actions |
| 4fe6d683-8411-4247-8525-b6b5b8a80669 | Microsoft.ScVmm service role | Microsoft.ScVmm service role. | 2020-09-23 13:42:44
remove Role |
| 18500a29-7fe2-46b2-a342-b16a415e101d | Managed HSM contributor | Lets you manage managed HSM pools, but not access to them. | 2020-09-17 14:31:34
add Role |
| f8da80de-1ff9-4747-ad80-a19b7f6079e3 | AgFood Platform Service Admin | Provides admin access to AgFood Platform Service | 2020-09-14 13:55:19
add Role |
| 7ec7ccdc-f61e-41fe-9aaf-980df0a44eba | AgFood Platform Service Reader | Provides read access to AgFood Platform Service | 2020-09-14 13:55:19
add Role |
| 4fe6d683-8411-4247-8525-b6b5b8a80669 | Microsoft.ScVmm service role | Microsoft.ScVmm service role. | 2020-09-14 13:55:19
add Role |
| 5dffeca3-4936-4216-b2bc-10343a5abb25 | Schema Registry Contributor (Preview) | Read, write, and delete Schema Registry groups and schemas. | 2020-09-14 13:55:19
add Role |
| 2c56ea50-c6b3-40a6-83c0-9d98858bc7d2 | Schema Registry Reader (Preview) | Read and list Schema Registry groups and schemas. | 2020-09-14 13:55:19
add Role |
| 8508508a-4469-4e45-963b-2518ee0bb728 | AgFood Platform Service Contributor | Provides contribute access to AgFood Platform Service | 2020-09-14 13:55:19
add Role |
| cb43c632-a144-4ec5-977c-e80c4affc34a | Cognitive Services Metrics Advisor Administrator | Full access to the project, including the system level configuration. | 2020-09-10 14:55:48
add Role |
| 3b20f47b-3825-43cb-8114-4bd2201156a8 | Cognitive Services Metrics Advisor User | Access to the project. | 2020-09-10 14:55:48
add Role |
| 49e2f5d2-7741-4835-8efa-19e1fe35e47f | Device Update Deployments Reader | Gives you read access to management operations, but does not allow making changes | 2020-08-23 16:02:03
add Role |
| 02ca0879-e8e4-47a5-a61e-5c618b76e64a | Device Update Administrator | Gives you full access to management and content operations | 2020-08-23 16:02:03
add Role |
| 0378884a-3af5-44ab-8323-f5b22f9f3c98 | Device Update Content Administrator | Gives you full access to content operations | 2020-08-23 16:02:03
add Role |
| e4237640-0e3d-4a46-8fda-70bc94856432 | Device Update Deployments Administrator | Gives you full access to management operations | 2020-08-23 16:02:03
add Role |
| e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f | Device Update Reader | Gives you read access to management and content operations, but does not allow making changes | 2020-08-23 16:02:03
add Role |
| d1ee9a80-8b14-47f0-bdc2-f4a351625a7b | Device Update Content Reader | Gives you read access to content operations, but does not allow making changes | 2020-08-23 16:02:03
add Role |
| daa9e50b-21df-454c-94a6-a8050adab352 | Collaborative Data Contributor | Can manage data packages of a collaborative. | 2020-08-14 14:27:30
add Role |
| 420fcaa2-552c-430f-98ca-3264be4806c7 | SignalR App Server (Preview) | Lets your app server access SignalR Service with AAD Auth options. | 2020-07-29 13:49:09
add Role |
| fd53cd77-2268-407a-8f46-7e7863d0f521 | SignalR Serverless Contributor (Preview) | Lets your app access service in serverless mode. | 2020-07-29 13:49:09
add Role |
| 00493d72-78f6-4148-b6c5-d3ce8e4799dd | Azure Arc Enabled Kubernetes Cluster User Role | List cluster user credentials action. | 2020-07-29 13:49:09
add Role |
| d18777c0-1514-4662-8490-608db7d334b6 | Object Understanding Account Reader | Lets you read ingestion jobs for an object understanding account. | 2020-07-24 14:41:55
add Role |
| 82200a5b-e217-47a5-b665-6d8765ee745b | Services Hub Operator | Services Hub Operator allows you to perform all read, write, and deletion operations related to Services Hub Connectors. | 2020-07-21 19:48:17
add Role |
| 7f6c6a51-bcf8-42ba-9220-52d62157d7db | Azure Kubernetes Service RBAC Reader | Lets you view all resources in cluster/namespace, except secrets. | 2020-07-03 14:58:03
add Role |
| b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b | Azure Kubernetes Service RBAC Cluster Admin | Lets you manage all resources in the cluster. | 2020-07-03 14:58:03
add Role |
| a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb | Azure Kubernetes Service RBAC Writer | Lets you update everything in cluster/namespace, except resource quotas, namespaces, pod security policies, certificate signing requests, (cluster)roles and (cluster)role bindings. | 2020-07-03 14:58:03
add Role |
| 3498e952-d568-435e-9b2c-8d77e338d7f7 | Azure Kubernetes Service RBAC Admin | Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces. | 2020-07-03 14:58:03
add Role |
| 5b999177-9696-4545-85c7-50de3797e5a1 | Azure Arc Kubernetes Writer | Lets you update everything in cluster/namespace, except (cluster)roles and (cluster)role bindings. | 2020-06-15 15:35:59
add Role |
| 63f0a09d-1495-4db4-a681-037d84835eb4 | Azure Arc Kubernetes Viewer | Lets you view all resources in cluster/namespace, except secrets. | 2020-06-15 15:35:59
add Role |
| dffb1e0c-446f-4dde-a09f-99eb5cc68b96 | Azure Arc Kubernetes Admin | Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces. | 2020-06-15 15:35:59
add Role |
| 8393591c-06b9-48a2-a542-1bd6b377f6a2 | Azure Arc Kubernetes Cluster Admin | Lets you manage all resources in the cluster. | 2020-06-15 15:35:59
add Role |
| e147488a-f6f5-4113-8e2d-b22465e65bf6 | Key Vault Crypto Service Encryption (preview) | Can read metadata of keys and perform wrap/unwrap operations. | 2020-05-21 16:07:05
add Role |
| 14b46e9e-c2b7-41b4-b07b-48a6ebf60603 | Key Vault Crypto Officer (preview) | Can perform any action on the keys of a key vault, except manage permissions. | 2020-05-19 20:42:36
add Role |
| 00482a5a-887f-4fb3-b363-3b7fe8e74483 | Key Vault Administrator (preview) | Can perform any action on certificates, keys and secrets of a key vault, except manage permissions. | 2020-05-19 20:42:36
add Role |
| 21090545-7ca7-4776-b22c-e363652d74d2 | Key Vault Reader (preview) | Can read metadata of key vaults and its certificates, keys and secrets. Cannot read sensitive values such as secret contents or key material. | 2020-05-19 20:42:36
add Role |
| 4633458b-17de-408a-b874-0445c86b69e6 | Key Vault Secrets User (preview) | Can read secret contents. | 2020-05-19 20:42:36
add Role |
| a4417e6f-fecd-4de8-b567-7b0420556985 | Key Vault Certificates Officer (preview) | Can perform any action on the certificates of a key vault, except manage permissions. | 2020-05-19 20:42:36
add Role |
| 12338af0-0e69-4776-bea7-57ae8d297424 | Key Vault Crypto User (preview) | Can perform cryptographic operations on keys and certificates. | 2020-05-19 20:42:36
add Role |
| b86a8fe4-44ce-4948-aee5-eccb2c155cd7 | Key Vault Secrets Officer (preview) | Can perform any action on the secrets of a key vault, except manage permissions. | 2020-05-19 20:42:36
add Role |
| 0a5ae4ab-0d65-4eeb-be61-29fc9b54394b | Cognitive Services Custom Vision Trainer | View, edit projects and train the models, including the ability to publish, unpublish, export the models. Trainers can't create or delete the project. | 2020-05-09 14:57:51
add Role |
| 5c4089e1-6d96-4d2f-b296-c1bc7137275f | Cognitive Services Custom Vision Deployment | Publish, unpublish or export models. Deployment can view the project but can't update. | 2020-05-09 14:57:51
add Role |
| c1ff6cc2-c111-46fe-8896-e0ef812ad9f3 | Cognitive Services Custom Vision Contributor | Full access to the project, including the ability to view, create, edit, or delete projects. | 2020-05-09 14:57:51
add Role |
| 93586559-c37d-4a6b-ba08-b9f0940c2d73 | Cognitive Services Custom Vision Reader | Read-only actions in the project. Readers can't create or update the project. | 2020-05-09 14:57:51
add Role |
| 88424f51-ebe7-446f-bc41-7fa16989e96c | Cognitive Services Custom Vision Labeler | View, edit training images and create, add, remove, or delete the image tags. Labelers can view the project but can't update anything other than training images and tags. | 2020-05-09 14:57:51
add Role |
| 8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204 | Azure Maps Data Contributor | Grants access to read, write, and delete access to map related data from an Azure maps account. | 2020-05-08 05:22:07
add Role |
| f4cc2bf9-21be-47a1-bdf1-5c5804381025 | Cognitive Services QnA Maker Editor | Let's you create, edit, import and export a KB. You cannot publish or delete a KB. | 2020-05-04 15:11:45
change DisplayName |
| 466ccd10-b268-4a11-b098-b4849f024126 | Cognitive Services QnA Maker Reader | Let's you read and test a KB only. | 2020-05-04 15:11:45
change DisplayName |
| 423170ca-a8f6-4b0f-8487-9e4eb8f49bfa | Azure Maps Data Reader | Grants access to read map related data from an Azure maps account. | 2020-04-29 16:42:26
change DisplayName |
| aefefa01-2a29-4197-83a8-2828f33ce315 | Tenant registration role | Service role used by RP's for tenant level registration | 2020-04-24 19:20:22
remove Role |
| 4dd61c23-6743-42fe-a388-d8bdd41cb745 | Object Understanding Account Owner | Provides user with ingestion capabilities for Azure Object Understanding. | 2020-04-23 15:06:19
add Role |
| 70ea1423-466c-4e7b-a2ee-f1206ef2072d | Experiment Contributor | Experiment Contributor | 2020-04-23 15:06:19
remove Role |
| ed4b1625-bac7-4b49-8578-127fc3440d25 | Experiment Administrator | Experiment Administrator | 2020-04-23 15:06:19
remove Role |
| 49632ef5-d9ac-41f4-b8e7-bbe587fa74a1 | Experimentation Reader | Experimentation Reader | 2020-04-23 15:06:19
change DisplayName |
| aefefa01-2a29-4197-83a8-2828f33ce315 | Tenant registration role | Service role used by RP's for tenant level registration | 2020-04-23 15:06:19
add Role |
| b879ac78-f1e6-448d-ab4c-5908cd5967c1 | VSOnline Virtual Network Service Role | This role will have access to customer's virtual networks, nics, and public ips. It used by VSOnline to deploy VMs into customer's virtual network | 2020-03-28 01:22:25
remove Role |
| 49632ef5-d9ac-41f4-b8e7-bbe587fa74a1 | Experiment Operator | Experiment Operator | 2020-03-28 01:22:25
change DisplayName |
| 49632ef5-d9ac-41f4-b8e7-bbe587fa74a1 | Experimentation Operator | Experiment Operator | 2020-03-26 18:26:05
add Role |
| 70ea1423-466c-4e7b-a2ee-f1206ef2072d | Experiment Contributor | Experiment Contributor | 2020-03-26 18:26:05
add Role |
| ed4b1625-bac7-4b49-8578-127fc3440d25 | Experiment Administrator | Experiment Administrator | 2020-03-26 18:26:05
add Role |
| 4c8d0bbc-75d3-4935-991f-5f3c56d81508 | FHIR Data Reader | Role allows user or principal to read FHIR Data | 2020-03-18 07:39:13
add Role |
| 5a1fc7df-4bf1-4951-a576-89034ee01acd | FHIR Data Contributor | Role allows user or principal full access to FHIR Data | 2020-03-18 07:39:13
add Role |
| 3db33094-8700-4567-8da5-1501d4e7e843 | FHIR Data Exporter | Role allows user or principal to read FHIR Data | 2020-03-18 07:39:13
add Role |
| 3f88fce4-5892-4214-ae73-ba5294559913 | FHIR Data Writer | Role allows user or principal to read and write FHIR Data | 2020-03-18 07:39:13
add Role |
| 350f8d15-c687-4448-8ae1-157740a3936d | Hierarchy Settings Administrator | Allows users to edit and delete Hierarchy Settings | 2020-03-14 15:10:08
add Role |
| b879ac78-f1e6-448d-ab4c-5908cd5967c1 | VSOnline Virtual Network Service Role | This role will have access to customer's virtual networks, nics, and public ips. It used by VSOnline to deploy VMs into customer's virtual network | 2020-03-14 15:10:08
add Role |
| d57506d4-4c8d-48b1-8587-93c323f6a5a3 | Azure Digital Twins Reader (Preview) | Read-only role for Digital Twins data-plane properties | 2020-03-11 05:47:56
add Role |
| bcd981a7-7f74-457b-83e1-cceb9e632ffe | Azure Digital Twins Owner (Preview) | Full access role for Digital Twins data-plane | 2020-03-11 05:47:56
add Role |
| ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8 | Azure Kubernetes Service Contributor Role | Grants access to read and write Azure Kubernetes Service clusters | 2020-02-28 09:58:27
add Role |
| dd920d6d-f481-47f1-b461-f338c46b2d9f | Marketplace Admin | Administrator of marketplace resource provider | 2020-02-27 09:26:20
add Role |
| a41e2c5b-bd99-4a07-88f4-9bf657a760b8 | Integration Service Environment Contributor | Lets you manage integration service environments, but not access to them. | 2020-02-21 00:11:51
add Role |
| c7aa55d3-1abb-444a-a5ca-5e51e485d6ec | Integration Service Environment Developer | Allows developers to create and update workflows, integration accounts and API connections in integration service environments. | 2020-02-21 00:11:51
add Role |
| 4a9ae827-6dc8-4573-8ac7-8239d42aa03f | Tag Contributor | Lets you manage tags on entities, without providing access to the entities themselves. | 2020-02-19 09:00:33
add Role |
| 612c2aa1-cb24-443b-ac28-3ab7272de6f5 | Security Assessment Contributor | Lets you push assessments to Security Center | 2020-02-13 13:58:05
add Role |
| 34e09817-6cbe-4d01-b1a2-e0eac5743d41 | Kubernetes Cluster - Azure Arc Onboarding | Role definition to authorize any user/service to create connectedClusters resource | 2020-02-11 08:11:18
change DisplayName |
| 641177b8-a67a-45b9-a033-47bc880bb21e | Managed Application Contributor Role | Allows for creating managed application resources. | 2020-02-08 03:50:49
add Role |
| 0b072326-6884-49b7-a53d-ae6aa62260ff | MLC Service Role | This role defines permissions for control plane actions by the Machine Learning Compute (MLC) service. | 2020-01-30 21:07:35
remove Role |
| 3df8b902-2a6f-47c7-8cc5-360e9b272a7e | Remote Rendering Administrator | Provides user with conversion, manage session, rendering and diagnostics capabilities for Azure Remote Rendering | 2020-01-24 05:21:10
add Role |
| d39065c4-c120-43c9-ab0a-63eed9795f0a | Remote Rendering Client | Provides user with manage session, rendering and diagnostics capabilities for Azure Remote Rendering. | 2020-01-24 05:21:10
add Role |
| 7f646f1b-fa08-80eb-a33b-edd6ce5c915c | Experimentation Administrator | Experimentation Administrator | 2019-12-19 07:49:46
add Role |
| f4cc2bf9-21be-47a1-bdf1-5c5804381025 | QnA Maker Editor | 2019-12-18 15:43:34
add Role |
|
| 466ccd10-b268-4a11-b098-b4849f024126 | QnA Maker Reader | 2019-12-18 15:43:34
add Role |
|
| 7f646f1b-fa08-80eb-a22b-edd6ce5c915c | Experimentation Contributor | Experimentation Contributor | 2019-12-17 15:43:46
add Role |
| 34e09817-6cbe-4d01-b1a2-e0eac5743d41 | Kubernetes Cluster - Azure Arc Onborading | Role definition to authorize any user/service to create connectedClusters resource | 2019-12-13 11:23:49
change DisplayName |
| 0b072326-6884-49b7-a53d-ae6aa62260ff | MLC Service Role | This role defines permissions for control plane actions by the Machine Learning Compute (MLC) service. | 2019-11-26 15:41:35
add Role |
| 36243c78-bf99-498c-9df9-86d9f8d28608 | Resource Policy Contributor | Users with rights to create/modify resource policy, create support ticket and read resources/hierarchy. | 2019-11-20 21:32:41
change DisplayName |
| 516239f1-63e1-4d78-a4de-a74fb236a071 | App Configuration Data Reader | Allows read access to App Configuration data. | 2019-10-26 02:15:31
add Role |
| 5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b | App Configuration Data Owner | Allows full access to App Configuration data. | 2019-10-26 02:15:31
add Role |
| 7f646f1b-fa07-40eb-a22b-edd6ce5c915c | Altretya test Service Role | Altretya test | 2019-10-24 02:15:32
remove Role |
| b64e21ea-ac4e-4cdf-9dc9-5b892992bee7 | Azure Connected Machine Onboarding | Can onboard Azure Connected Machines. | 2019-10-24 02:15:32
add Role |
| 91c1777a-f3dc-4fae-b103-61d183457e46 | Managed Services Registration assignment Delete Role | Managed Services Registration Assignment Delete Role allows the managing tenant users to delete the registration assignment assigned to their tenant. | 2019-10-24 02:15:32
add Role |
| cd570a14-e51a-42ad-bac8-bafd67325302 | Azure Connected Machine Resource Administrator | Can read, write, delete and re-onboard Azure Connected Machines. | 2019-10-24 02:15:32
add Role |
| 7f646f1b-fa07-40eb-a22b-edd6ce5c915c | Altretya test Service Role | Altretya test | 2019-10-07 13:33:12
add Role |