| Id | DisplayName | Description | Subject | Details (UTC ymd) (i) |
|---|---|---|---|---|
| bda0d508-adf1-4af0-9c28-88919fc3ae06 | Azure Stack HCI registration role | Custom Azure role to allow subscription-level access to register Azure Stack HCI | add | 2023-02-06 18:40:05
Role |
| 7b0c7e81-271f-4c71-90bf-e30bdfdbc2f7 | Azure Center for SAP solutions administrator | This role provides read and write access to all capabilities of Azure Center for SAP solutions. | change | 2023-02-06 18:40:05
Actions, DataActions |
| 5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b | App Configuration Data Owner | Allows full access to App Configuration data. | change | 2023-02-06 18:40:05
DataActions |
| aabbc5dd-1af0-458b-a942-81af88f9c138 | Azure Center for SAP solutions service role | Azure Center for SAP solutions service role - This role is intended to be used for providing the permissions to user assigned managed identity. Azure Center for SAP solutions will use this identity to deploy and manage SAP systems. | change | 2023-02-03 18:39:00
Actions |
| 3f2eb865-5811-4578-b90a-6fc6fa0df8e5 | Azure Front Door Secret Contributor | Can manage Azure Front Door secrets, but can't grant access to other users. | add | 2023-02-03 18:39:00
Role |
| 0f99d363-226e-4dca-9920-b807cf8e1a5f | Azure Front Door Domain Reader | Can view Azure Front Door domains, but can't make changes. | add | 2023-02-03 18:39:00
Role |
| 05352d14-a920-4328-a0de-4cbe7430e26b | Azure Center for SAP solutions reader | This role provides read access to all capabilities of Azure Center for SAP solutions. | change | 2023-02-03 18:39:00
Actions |
| 0105a6b0-4bb9-43d2-982a-12806f9faddb | Azure Center for SAP solutions Service role for management | This role has permissions that the user assigned managed identity must have to enable registration for the existing systems. | add | 2023-02-03 18:39:00
Role |
| 6d949e1d-41e2-46e3-8920-c6e4f31a8310 | Azure Center for SAP solutions Management role | This role has permissions which allow users to register existing systems, view and manage systems. | add | 2023-02-03 18:39:00
Role |
| 0ab34830-df19-4f8c-b84e-aa85b8afa6e8 | Azure Front Door Domain Contributor | Can manage Azure Front Door domains, but can't grant access to other users. | add | 2023-02-03 18:39:00
Role |
| 0db238c4-885e-4c4f-a933-aa2cef684fca | Azure Front Door Secret Reader | Can view Azure Front Door secrets, but can't make changes. | add | 2023-02-03 18:39:00
Role |
| f0310ce6-e953-4cf8-b892-fb1c87eaf7f6 | Azure Usage Billing Data Sender | Azure Usage Billing shared BuiltIn role to be used for all Customer Account Authentication | add | 2023-01-30 18:40:55
Role |
| 8508508a-4469-4e45-963b-2518ee0bb728 | AgFood Platform Service Contributor | Provides contribute access to AgFood Platform Service | change | 2023-01-24 18:06:32
NotDataActions |
| ef29765d-0d37-4119-a4f8-f9f9902c9588 | Bayer Ag Powered Services Imagery Solution Service Role | Provide access to Imagery Solution by Bayer Ag Powered Services | add | 2023-01-19 18:07:47
Role |
| c4bc862a-3b64-4a35-a021-a380c159b042 | Bayer Ag Powered Services GDU Solution Service Role | Provide access to GDU Solution by Bayer Ag Powered Services | add | 2023-01-19 18:07:47
Role |
| 7b0c7e81-271f-4c71-90bf-e30bdfdbc2f7 | Azure Center for SAP solutions administrator | This role provides read and write access to all capabilities of Azure Center for SAP solutions. | change | 2023-01-18 18:07:15
Actions |
| 05352d14-a920-4328-a0de-4cbe7430e26b | Azure Center for SAP solutions reader | This role provides read access to all capabilities of Azure Center for SAP solutions. | change | 2023-01-18 18:07:15
Actions |
| aabbc5dd-1af0-458b-a942-81af88f9c138 | Azure Center for SAP solutions service role | Azure Center for SAP solutions service role - This role is intended to be used for providing the permissions to user assigned managed identity. Azure Center for SAP solutions will use this identity to deploy and manage SAP systems. | change | 2023-01-18 18:07:15
Actions |
| 230815da-be43-4aae-9cb4-875f7bd000aa | Cosmos DB Operator | Lets you manage Azure Cosmos DB accounts, but not access data in them. Prevents access to account keys and connection strings. | change | 2023-01-16 18:05:52
NotActions |
| 4447db05-44ed-4da3-ae60-6cbece780e32 | Chamber User | Lets you view everything under your Modeling and Simulation Workbench chamber, but not make any changes. | change | 2023-01-16 18:05:52
Description, Actions, DataActions |
| 4e9b8407-af2e-495b-ae54-bb60a55b1b5a | Chamber Admin | Lets you manage everything under your Modeling and Simulation Workbench chamber. | change | 2023-01-16 18:05:52
Description, Actions, NotActions, DataActions |
| 45d50f46-0b78-4001-a660-4198cbe8cd05 | DevCenter Dev Box User | Provides access to create and manage dev boxes. | change | 2023-01-12 18:29:24
DataActions |
| ad2dd5fb-cd4b-4fd4-a9b6-4fed3630980b | ContainerApp Reader | View all containerapp resources, but does not allow you to make any changes. | add | 2023-01-02 18:09:36
Role |
| 8508508a-4469-4e45-963b-2518ee0bb728 | AgFood Platform Service Contributor | Provides contribute access to AgFood Platform Service | change | 2022-12-13 17:44:15
NotDataActions |
| 7ec7ccdc-f61e-41fe-9aaf-980df0a44eba | AgFood Platform Service Reader | Provides read access to AgFood Platform Service | change | 2022-12-13 17:44:15
DataActions |
| e8ddcd69-c73f-4f9f-9844-4100522f16ad | Workbook Contributor | Can save shared workbooks. | change | 2022-12-12 17:45:20
Actions |
| b279062a-9be3-42a0-92ae-8b3cf002ec4d | Workbook Reader | Can read workbooks. | change | 2022-12-12 17:45:20
Actions |
| 056cd41c-7e88-42e1-933e-88ba6a50c9c3 | SQL Security Manager | Lets you manage the security-related policies of SQL servers and databases, but not access to them. | change | 2022-12-12 17:45:20
Actions |
| 4ba50f17-9666-485c-a643-ff00808643f0 | FHIR SMART User | Role allows user to access FHIR Service according to SMART on FHIR specification | change | 2022-12-08 17:44:50
DataActions |
| 51d6186e-6489-4900-b93f-92e23144cca5 | Microsoft Sentinel Playbook Operator | Microsoft Sentinel Playbook Operator | change | 2022-12-08 17:44:50
Actions |
| 0e5f05e5-9ab9-446b-b98d-1e2157c94125 | Quota Request Operator | Read and create quota requests, get quota request status, and create support tickets. | change | 2022-12-08 17:44:50
DisplayName, Description, Actions |
| a6333a3e-0164-44c3-b281-7a577aff287f | Windows Admin Center Administrator Login | Let's you manage the OS of your resource via Windows Admin Center as an administrator. | change | 2022-12-08 17:44:50
Actions, DataActions |
| 1afdec4b-e479-420e-99e7-f82237c7c5e6 | Azure Kubernetes Service Cluster Monitoring User | List cluster monitoring user credential action. | add | 2022-11-16 17:42:38
Role |
| f5819b54-e033-4d82-ac66-4fec3cbf3f4c | Azure Connected Machine Resource Manager | Custom Role for AzureStackHCI RP to manage hybrid compute machines and hybrid connectivity endpoints in a resource group | change | 2022-11-16 17:42:38
Actions |
| 056cd41c-7e88-42e1-933e-88ba6a50c9c3 | SQL Security Manager | Lets you manage the security-related policies of SQL servers and databases, but not access to them. | change | 2022-11-16 17:42:38
Actions |
| f5819b54-e033-4d82-ac66-4fec3cbf3f4c | Azure Connected Machine Resource Manager | Custom Role for AzureStackHCI RP to manage hybrid compute machines and hybrid connectivity endpoints in a resource group | add | 2022-11-15 17:42:13
Role |
| 7b0c7e81-271f-4c71-90bf-e30bdfdbc2f7 | Azure Center for SAP solutions administrator | This role provides read and write access to all capabilities of Azure Center for SAP solutions. | add | 2022-11-14 17:43:02
Role |
| aabbc5dd-1af0-458b-a942-81af88f9c138 | Azure Center for SAP solutions service role | Azure Center for SAP solutions service role - This role is intended to be used for providing the permissions to user assigned managed identity. Azure Center for SAP solutions will use this identity to deploy and manage SAP systems. | add | 2022-11-14 17:43:02
Role |
| 05352d14-a920-4328-a0de-4cbe7430e26b | Azure Center for SAP solutions reader | This role provides read access to all capabilities of Azure Center for SAP solutions. | add | 2022-11-14 17:43:02
Role |
| 68ff5d27-c7f5-4fa9-a21c-785d0df7bd9e | Impact Reader | Allows read-only access to reported impacts and impact categories | add | 2022-11-14 17:43:02
Role |
| ce551c02-7c42-47e0-9deb-e3b6fc3a9a83 | Azure Arc VMware Private Cloud User | Azure Arc VMware Private Cloud User has permissions to use the VMware cloud resources to deploy VMs. | change | 2022-11-14 17:43:02
Actions |
| 36e80216-a7e8-4f42-a7e1-f12c98cbaf8a | Impact Reporter | Allows access to create/report, read and delete impacts | add | 2022-11-14 17:43:02
Role |
| 2837e146-70d7-4cfd-ad55-7efa6464f958 | CodeSigning Certificate Profile Signer | Sign files with a certificate profile. This role is in preview and subject to change. | change | 2022-11-03 17:41:51
Actions |
| 4339b7cf-9826-4e41-b4ed-c7f4505dac08 | Code Signing Identity Verifier | Manage identity or business verification requests. This role is in preview and subject to change. | change | 2022-11-02 17:41:52
Actions |
| fbc52c3f-28ad-4303-a892-8a056630b8f1 | Azure Traffic Controller Configuration Manager | Allows access to traffic controller resource. Also allows all confiuration Updates on traffic controller | add | 2022-10-28 16:42:56
Role |
| a001fd3d-188f-4b5d-821b-7da978bf7442 | Cognitive Services OpenAI Contributor | Full access including the ability to fine-tune, deploy and generate text | add | 2022-10-27 16:42:48
Role |
| 4447db05-44ed-4da3-ae60-6cbece780e32 | Chamber User | Lets you view everything under your HPC Workbench chamber, but not make any changes. | change | 2022-10-27 16:42:48
Actions |
| 5e0bd9bd-7b93-4f28-af87-19fc36ad61bd | Cognitive Services OpenAI User | Ability to view files, models, deployments. Readers can't make any changes They can inference | add | 2022-10-27 16:42:48
Role |
| 6b77f0a0-0d89-41cc-acd1-579c22c17a67 | AgFood Platform Sensor Partner Contributor | Provides contribute access to manage sensor related entities in AgFood Platform Service | change | 2022-10-27 16:42:48
DataActions, NotDataActions |
| 4ba50f17-9666-485c-a643-ff00808643f0 | FHIR SMART User | Role allows user to access FHIR Service according to SMART on FHIR specification | add | 2022-10-26 16:44:05
Role |
| 51d6186e-6489-4900-b93f-92e23144cca5 | Microsoft Sentinel Playbook Operator | Microsoft Sentinel Playbook Operator | change | 2022-10-24 16:44:14
Actions |
| 00c29273-979b-4161-815c-10b084fb9324 | Backup Operator | Lets you manage backup services, except removal of backup, vault creation and giving access to others | change | 2022-10-14 16:34:33
Actions |
| a795c7a0-d4a2-40c1-ae25-d81f01202912 | Backup Reader | Can view backup services, but can't make changes | change | 2022-10-14 16:34:33
Actions |
| 5e467623-bb1f-42f4-a55d-6e525e11384b | Backup Contributor | Lets you manage backup service,but can't create vaults and give access to others | change | 2022-10-14 16:34:33
Actions |
| 3498e952-d568-435e-9b2c-8d77e338d7f7 | Azure Kubernetes Service RBAC Admin | Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces. | change | 2022-10-13 16:34:55
Actions |
| b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b | Azure Kubernetes Service RBAC Cluster Admin | Lets you manage all resources in the cluster. | change | 2022-10-13 16:34:55
Actions |
| 7f6c6a51-bcf8-42ba-9220-52d62157d7db | Azure Kubernetes Service RBAC Reader | Allows read-only access to see most objects in a namespace. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces. | change | 2022-10-13 16:34:55
Actions |
| a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb | Azure Kubernetes Service RBAC Writer | Allows read/write access to most objects in a namespace.This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets and running Pods as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace. Applying this role at cluster scope will give access across all namespaces. | change | 2022-10-13 16:34:55
Actions |
| 18e40d4e-8d2e-438d-97e1-9528336e149c | Deployment Environments User | Provides access to manage environment resources. | change | 2022-10-12 16:34:55
DisplayName, Description, Actions |
| 331c37c6-af14-46d9-b9f4-e1909e1b95a0 | DevCenter Project Admin | Provides access to manage project resources. | change | 2022-10-12 16:34:55
DataActions |
| 5e467623-bb1f-42f4-a55d-6e525e11384b | Backup Contributor | Lets you manage backup service,but can't create vaults and give access to others | change | 2022-09-28 16:34:30
Actions |
| a795c7a0-d4a2-40c1-ae25-d81f01202912 | Backup Reader | Can view backup services, but can't make changes | change | 2022-09-28 16:34:30
Actions |
| 67d33e57-3129-45e6-bb0b-7cc522f762fa | Azure Arc VMware Private Clouds Onboarding | Azure Arc VMware Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vCenter instances to Azure. | change | 2022-09-27 16:35:31
Actions |
| 331c37c6-af14-46d9-b9f4-e1909e1b95a0 | DevCenter Project Admin | Provides access to manage project resources. | change | 2022-09-27 16:35:31
DataActions |
| 1823dd4f-9b8c-4ab6-ab4e-7397a3684615 | AzureML Registry User | Can perform all actions on Machine Learning Services Registry assets as well as get Registry resources. | add | 2022-09-27 16:35:31
Role |
| e503ece1-11d0-4e8e-8e2c-7a6c3bf38815 | AzureML Compute Operator | Can access and perform CRUD operations on Machine Learning Services managed compute resources (including Notebook VMs). | add | 2022-09-27 16:35:31
Role |
| 00c29273-979b-4161-815c-10b084fb9324 | Backup Operator | Lets you manage backup services, except removal of backup, vault creation and giving access to others | change | 2022-09-26 16:35:37
Actions |
| 51d6186e-6489-4900-b93f-92e23144cca5 | Microsoft Sentinel Playbook Operator | Microsoft Sentinel Playbook Operator | change | 2022-09-26 16:35:37
Actions |
| 18e40d4e-8d2e-438d-97e1-9528336e149c | Microsoft.DevCenter Deployment Environments User | Microsoft.DevCenter Deployment Environments User. | add | 2022-09-26 16:35:37
Role |
| 80558df3-64f9-4c0f-b32d-e5094b036b0b | Azure Spring Apps Connect Role | Azure Spring Apps Connect Role | add | 2022-09-23 16:35:48
Role |
| a99b0159-1064-4c22-a57b-c9b3caa1c054 | Azure Spring Apps Remote Debugging Role | Azure Spring Apps Remote Debugging Role | add | 2022-09-23 16:35:48
Role |
| 51d6186e-6489-4900-b93f-92e23144cca5 | Microsoft Sentinel Playbook Operator | Microsoft Sentinel Playbook Operator | add | 2022-09-20 16:36:14
Role |
| 5d58bcaf-24a5-4b20-bdb6-eed9f69fbe4c | Management Group Contributor | Management Group Contributor Role | change | 2022-09-19 16:35:35
Actions |
| ac63b705-f282-497d-ac71-919bf39d939d | Management Group Reader | Management Group Reader Role | change | 2022-09-19 16:35:35
Actions |
| b8b15564-4fa6-4a59-ab12-03e1d9594795 | Autonomous Development Platform Data Contributor (Preview) | Grants permissions to upload and manage new Autonomous Development Platform measurements. | change | 2022-09-15 16:34:33
DataActions |
| 7e4f1700-ea5a-4f59-8f37-079cfe29dce3 | SignalR Service Owner | Full access to Azure SignalR Service REST APIs | change | 2022-09-15 16:34:33
DataActions |
| c6decf44-fd0a-444c-a844-d653c394e7ab | Data Labeling - Labeler | Can label data in Labeling. | add | 2022-09-09 16:35:25
Role |
| d57506d4-4c8d-48b1-8587-93c323f6a5a3 | Azure Digital Twins Data Reader | Read-only role for Digital Twins data-plane properties | change | 2022-09-08 16:34:42
DisplayName, DataActions |
| 392ae280-861d-42bd-9ea5-08ee6d83b80e | Template Spec Reader | Allows read access to Template Specs at the assigned scope. | add | 2022-09-08 16:34:42
Role |
| bcd981a7-7f74-457b-83e1-cceb9e632ffe | Azure Digital Twins Data Owner | Full access role for Digital Twins data-plane | change | 2022-09-08 16:34:42
DisplayName, DataActions |
| 1c9b6475-caf0-4164-b5a1-2142a7116f4b | Template Spec Contributor | Allows full access to Template Spec operations at the assigned scope. | add | 2022-09-08 16:34:42
Role |
| f58310d9-a9f6-439a-9e8d-f62e7b41a168 | Role Based Access Control Administrator (Preview) | Manage access to Azure resources by assigning roles using Azure RBAC. This role does not allow you to manage access using other ways, such as Azure Policy. | add | 2022-09-07 16:35:18
Role |
| 43d0d8ad-25c7-4714-9337-8ba259a9fe05 | Monitoring Reader | Can read all monitoring data. | change | 2022-09-06 17:33:15
DataActions |
| 749f88d5-cbae-40b8-bcfc-e573ddc772fa | Monitoring Contributor | Can read all monitoring data and update monitoring settings. | change | 2022-09-06 17:33:15
DataActions |
| 2cc479cb-7b4d-49a8-b449-8c00fd0f0a4b | Web Plan Contributor | Lets you manage the web plans for websites, but not access to them. | change | 2022-09-05 16:34:39
Actions |
| 30b27cfc-9c84-438e-b0ce-70e35255df80 | Azure Kubernetes Fleet Manager RBAC Reader | Allows read-only access to see most objects in a namespace. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces. | change | 2022-08-29 16:36:36
DataActions |
| 434fb43a-c01c-447e-9f67-c3ad923cfaba | Azure Kubernetes Fleet Manager RBAC Admin | This role grants admin access - provides write permissions on most objects within a a namespace, with the exception of ResourceQuota object and the namespace object itself. Applying this role at cluster scope will give access across all namespaces. | change | 2022-08-29 16:36:36
DataActions |
| 5af6afb3-c06c-4fa4-8848-71a8aee05683 | Azure Kubernetes Fleet Manager RBAC Writer | Allows read/write access to most objects in a namespace.This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace. Applying this role at cluster scope will give access across all namespaces. | change | 2022-08-29 16:36:36
Description, DataActions |
| ba79058c-0414-4a34-9e42-c3399d80cd5a | Kubernetes Namespace User | Allows a user to read namespace resources and retrieve kubeconfig for the cluster | add | 2022-08-24 16:35:21
Role |
| 5af6afb3-c06c-4fa4-8848-71a8aee05683 | Azure Kubernetes Fleet Manager RBAC Writer | Allows read/write access to most objects in a namespace.This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets and running Pods as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace. Applying this role at cluster scope will give access across all namespaces. | add | 2022-08-22 16:34:26
Role |
| 63bb64ad-9799-4770-b5c3-24ed299a07bf | Azure Kubernetes Fleet Manager Contributor Role | Grants access to read and write Azure Kubernetes Fleet Manager clusters | add | 2022-08-22 16:34:26
Role |
| 30b27cfc-9c84-438e-b0ce-70e35255df80 | Azure Kubernetes Fleet Manager RBAC Reader | Allows read-only access to see most objects in a namespace. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces. | add | 2022-08-22 16:34:26
Role |
| b0d8363b-8ddd-447d-831f-62ca05bff136 | Monitoring Data Reader | Can read all monitoring data. | add | 2022-08-22 16:34:26
Role |
| 434fb43a-c01c-447e-9f67-c3ad923cfaba | Azure Kubernetes Fleet Manager RBAC Admin | This role grants admin access - provides write permissions on most objects within a a namespace, with the exception of ResourceQuota object and the namespace object itself. Applying this role at cluster scope will give access across all namespaces. | add | 2022-08-22 16:34:26
Role |
| 18ab4d3d-a1bf-4477-8ad9-8359bc988f69 | Azure Kubernetes Fleet Manager RBAC Cluster Admin | Lets you manage all resources in the fleet manager cluster. | add | 2022-08-22 16:34:26
Role |
| a2c4a527-7dc0-4ee3-897b-403ade70fafb | Video Indexer Restricted Viewer | Has access to view and search through all video's insights and transcription in the Video Indexer portal. No access to model customization, embedding of widget, downloading videos, or sharing the account. | add | 2022-08-10 16:33:37
Role |
| 8d289c81-5878-46d4-8554-54e1e3d8b5cb | Microsoft Sentinel Reader | Microsoft Sentinel Reader | change | 2022-08-02 16:33:17
NotActions |
| 3e150937-b8fe-4cfb-8069-0eaf05ecd056 | Microsoft Sentinel Responder | Microsoft Sentinel Responder | change | 2022-08-02 16:33:17
DisplayName, Description, NotActions |
| ab8e14d6-4a74-4a29-9ba8-549422addade | Microsoft Sentinel Contributor | Microsoft Sentinel Contributor | change | 2022-08-02 16:33:17
DisplayName, Description, NotActions |
| 4339b7cf-9826-4e41-b4ed-c7f4505dac08 | Code Signing Identity Verifier | Manage identity or business verification requests. This role is in preview and subject to change. | add | 2022-07-29 16:32:42
Role |
| 45d50f46-0b78-4001-a660-4198cbe8cd05 | DevCenter Dev Box User | Provides access to create and manage dev boxes. | change | 2022-07-25 16:32:45
Actions, DataActions |
| 749f88d5-cbae-40b8-bcfc-e573ddc772fa | Monitoring Contributor | Can read all monitoring data and update monitoring settings. | change | 2022-07-25 16:32:45
DataActions |
| 5e467623-bb1f-42f4-a55d-6e525e11384b | Backup Contributor | Lets you manage backup service,but can't create vaults and give access to others | change | 2022-07-25 16:32:45
Actions |
| 331c37c6-af14-46d9-b9f4-e1909e1b95a0 | DevCenter Project Admin | Provides access to manage project resources. | change | 2022-07-25 16:32:45
Actions, NotActions, DataActions |
| af6a70f8-3c9f-4105-acf1-d719e9fca4ca | Elastic San Reader | Read Azure Elastic SAN and all sub-resources | change | 2022-07-21 16:31:45
Actions |
| a8281131-f312-4f34-8d98-ae12be9f0d23 | Elastic San Volume Group Owner | Lets you manage a volume group in elastic san account | change | 2022-07-21 16:31:45
Actions |
| 489581de-a3bd-480d-9518-53dea7416b33 | Desktop Virtualization Power On Contributor | This role is in preview and subject to change. Provide permission to the Azure Virtual Desktop Resource Provider to start virtual machines. | add | 2022-07-18 16:33:50
Role |
| 40c5ff49-9181-41f8-ae61-143b0e78555e | Desktop Virtualization Power On Off Contributor | This role is in preview and subject to change. Provide permission to the Azure Virtual Desktop Resource Provider to start and stop virtual machines. | add | 2022-07-18 16:33:50
Role |
| a959dbd1-f747-45e3-8ba6-dd80f235f97c | Desktop Virtualization Virtual Machine Contributor | This role is in preview and subject to change. Provide permission to the Azure Virtual Desktop Resource Provider to create, delete, update, start, and stop virtual machines. | add | 2022-07-18 16:33:50
Role |
| a6333a3e-0164-44c3-b281-7a577aff287f | Windows Admin Center Administrator Login | Let's you manage the OS of your resource via Windows Admin Center as an administrator. | change | 2022-07-13 16:33:16
Actions, DataActions |
| 43d0d8ad-25c7-4714-9337-8ba259a9fe05 | Monitoring Reader | Can read all monitoring data. | change | 2022-07-07 16:32:17
DataActions |
| a8281131-f312-4f34-8d98-ae12be9f0d23 | Elastic San Volume Group Owner | Lets you manage a volume group in elastic san account | add | 2022-07-04 16:35:09
Role |
| 76cc9ee4-d5d3-4a45-a930-26add3d73475 | Access Review Operator Service Role | Lets you grant Access Review System app permissions to discover and revoke access as needed by the access review process. | add | 2022-07-04 16:35:09
Role |
| 80dcbedb-47ef-405d-95bd-188a1b4ac406 | Elastic San Contributor | Lets you manage elastic san accounts | change | 2022-06-29 16:32:23
Actions |
| eeaeda52-9324-47f6-8069-5d5bade478b2 | Domain Services Contributor | Can manage Azure AD Domain Services and related network configurations | change | 2022-06-27 16:32:39
Actions |
| 361898ef-9ed1-48c2-849c-a832951106bb | Domain Services Reader | Can view Azure AD Domain Services and related network configurations | change | 2022-06-27 16:32:39
Actions |
| eeaeda52-9324-47f6-8069-5d5bade478b2 | Domain Services Contributor | Can manage Azure AD Domain Services and related network configurations | change | 2022-06-22 16:32:37
Actions |
| 361898ef-9ed1-48c2-849c-a832951106bb | Domain Services Reader | Can view Azure AD Domain Services and related network configurations | change | 2022-06-22 16:32:37
Actions |
| 7628b7b8-a8b2-4cdc-b46f-e9b35248918e | Cognitive Services Language Reader | Has access to Read and Test functions under Language portal | change | 2022-06-17 16:31:04
DataActions |
| d24ecba3-c1f4-40fa-a7bb-4588a071e8fd | VM Scanner Operator | Role that provides access to disk snapshot for security analysis. | add | 2022-06-08 16:32:24
Role |
| af6a70f8-3c9f-4105-acf1-d719e9fca4ca | Elastic San Reader | Read Azure Elastic SAN and all sub-resources | add | 2022-06-01 16:31:39
Role |
| b8b15564-4fa6-4a59-ab12-03e1d9594795 | Autonomous Development Platform Data Contributor (Preview) | Grants permissions to upload and manage new Autonomous Development Platform measurements. | change | 2022-05-31 16:32:29
DataActions |
| a6333a3e-0164-44c3-b281-7a577aff287f | Windows Admin Center Administrator Login | Let's you manage the OS of your resource via Windows Admin Center as an administrator. | change | 2022-05-30 16:30:40
Actions, DataActions |
| 80dcbedb-47ef-405d-95bd-188a1b4ac406 | Elastic San Contributor | Lets you manage elastic san accounts | add | 2022-05-26 16:30:22
Role |
| 0e75ca1e-0464-4b4d-8b93-68208a576181 | Cognitive Services Speech Contributor | Full access to Speech projects, including read, write and delete all entities, for real-time speech recognition and batch transcription tasks, real-time speech synthesis and long audio tasks, custom speech and custom voice. | change | 2022-05-20 16:30:38
Actions |
| f2dc8367-1007-4938-bd23-fe263f013447 | Cognitive Services Speech User | Access to the real-time speech recognition and batch transcription APIs, real-time speech synthesis and long audio APIs, as well as to read the data/test/model/endpoint for custom models, but can't create, delete or modify the data/test/model/endpoint for custom models. | change | 2022-05-20 16:30:38
Actions |
| 0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8 | Azure Kubernetes Service Cluster Admin Role | List cluster admin credential action. | change | 2022-05-17 16:30:38
Actions |
| c031e6a8-4391-4de0-8d69-4706a7ed3729 | API Management Developer Portal Content Editor | Can customize the developer portal, edit its content, and publish it. | add | 2022-05-11 16:32:15
Role |
| 8d289c81-5878-46d4-8554-54e1e3d8b5cb | Microsoft Sentinel Reader | Microsoft Sentinel Reader | change | 2022-05-09 16:29:26
DisplayName, Description, Actions |
| e582369a-e17b-42a5-b10c-874c387c530b | Azure Arc ScVmm VM Contributor | Arc ScVmm VM Contributor has permissions to perform all VM actions. | add | 2022-05-05 21:31:23
Role |
| a92dfd61-77f9-4aec-a531-19858b406c87 | Azure Arc ScVmm Administrator role | Arc ScVmm VM Administrator has permissions to perform all ScVmm actions. | add | 2022-05-05 21:31:23
Role |
| c0781e91-8102-4553-8951-97c6d4243cda | Azure Arc ScVmm Private Cloud User | Azure Arc ScVmm Private Cloud User has permissions to use the ScVmm resources to deploy VMs. | add | 2022-05-05 21:31:23
Role |
| 6aac74c4-6311-40d2-bbdd-7d01e7c6e3a9 | Azure Arc ScVmm Private Clouds Onboarding | Azure Arc ScVmm Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vmm server instances to Azure. | add | 2022-05-05 21:31:23
Role |
| a6333a3e-0164-44c3-b281-7a577aff287f | Windows Admin Center Administrator Login | Let's you manage the OS of your resource via Windows Admin Center as an administrator. | change | 2022-05-04 16:30:32
Actions |
| a6333a3e-0164-44c3-b281-7a577aff287f | Windows Admin Center Administrator Login | Let's you manage the OS of your resource via Windows Admin Center as an administrator. | change | 2022-05-03 16:57:51
Actions |
| 6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437 | SQL Server Contributor | Lets you manage SQL servers and databases, but not access to them, and not their security -related policies. | change | 2022-04-29 18:06:01
NotActions |
| 056cd41c-7e88-42e1-933e-88ba6a50c9c3 | SQL Security Manager | Lets you manage the security-related policies of SQL servers and databases, but not access to them. | change | 2022-04-28 17:39:09
Actions |
| 4465e953-8ced-4406-a58e-0f6e3f3b530b | FHIR Data Importer | Role allows user or principal to read and import FHIR Data | add | 2022-04-21 16:39:45
Role |
| e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1 | Storage Account Backup Contributor | Lets you perform backup and restore operations using Azure Backup on the storage account. | change | 2022-04-20 16:54:13
DisplayName, Description, Actions |
| 602da2ba-a5c2-41da-b01d-5360126ab525 | Virtual Machine Local User Login | View Virtual Machines in the portal and login as a local user configured on the arc server | change | 2022-04-18 16:32:42
Actions |
| f7b75c60-3036-4b75-91c3-6b41c27c1689 | Reservation Purchaser | Lets you purchase reservations | change | 2022-04-14 16:55:58
Actions |
| cd08ab90-6b14-449c-ad9a-8f8e549482c6 | Scheduled Patching Contributor | Provides access to manage maintenance configurations with maintenance scope InGuestPatch and corresponding configuration assignments | change | 2022-04-13 16:45:15
Actions |
| cd08ab90-6b14-449c-ad9a-8f8e549482c6 | Scheduled Patching Contributor | Provides access to manage maintenance configurations with maintenance scope InGuestPatch and corresponding configuration assignments | add | 2022-04-11 16:38:49
Role |
| 602da2ba-a5c2-41da-b01d-5360126ab525 | Virtual Machine Local User Login | View Virtual Machines in the portal and login as a local user configured on the arc server | add | 2022-04-07 17:18:35
Role |
| a6333a3e-0164-44c3-b281-7a577aff287f | Windows Admin Center Administrator Login | Let's you manage the OS of your resource via Windows Admin Center as an administrator. | change | 2022-04-05 17:06:52
Actions |
| 331c37c6-af14-46d9-b9f4-e1909e1b95a0 | DevCenter Project Admin | Provides access to manage project resources. | add | 2022-04-01 20:29:16
Role |
| 45d50f46-0b78-4001-a660-4198cbe8cd05 | DevCenter Dev Box User | Provides access to create and manage dev boxes. | add | 2022-03-31 18:06:31
Role |
| f2310ca1-dc64-4889-bb49-c8e0fa3d47a8 | Cognitive Services Language Writer | Has access to all Read, Test, and Write functions under Language Portal | change | 2022-03-30 16:45:33
DataActions, NotDataActions |
| 7628b7b8-a8b2-4cdc-b46f-e9b35248918e | Cognitive Services Language Reader | Has access to Read and Test functions under Language portal | change | 2022-03-30 16:45:33
DataActions, NotDataActions |
| f07febfe-79bc-46b1-8b37-790e26e6e498 | Cognitive Services Language Owner | Has access to all Read, Test, Write, Deploy and Delete functions under Language portal | change | 2022-03-30 16:45:33
DataActions, NotDataActions |
| 1ef6a3be-d0ac-425d-8c01-acb62866290b | Compute Gallery Sharing Admin | This role allows user to share gallery to another subscription/tenant or share it to the public. | add | 2022-03-28 17:59:08
Role |
| 18ed5180-3e48-46fd-8541-4ea054d57064 | Azure Kubernetes Service Policy Add-on Deployment | Deploy the Azure Policy add-on on Azure Kubernetes Service clusters | change | 2022-03-16 17:58:57
Actions |
| a6333a3e-0164-44c3-b281-7a577aff287f | Windows Admin Center Administrator Login | Let's you manage the OS of your resource via Windows Admin Center as an administrator. | change | 2022-03-16 17:58:57
Actions |
| 749f88d5-cbae-40b8-bcfc-e573ddc772fa | Monitoring Contributor | Can read all monitoring data and update monitoring settings. | change | 2022-03-11 18:17:07
Actions |
| 0e75ca1e-0464-4b4d-8b93-68208a576181 | Cognitive Services Speech Contributor | Full access to Speech projects, including read, write and delete all entities, for real-time speech recognition and batch transcription tasks, real-time speech synthesis and long audio tasks, custom speech and custom voice. | change | 2022-03-10 18:07:12
DataActions |
| 6b77f0a0-0d89-41cc-acd1-579c22c17a67 | AgFood Platform Sensor Partner Contributor | Provides contribute access to manage sensor related entities in AgFood Platform Service | add | 2022-03-09 19:15:11
Role |
| 18500a29-7fe2-46b2-a342-b16a415e101d | Managed HSM contributor | Lets you manage managed HSM pools, but not access to them. | change | 2022-03-08 17:46:41
Actions |
| 749f88d5-cbae-40b8-bcfc-e573ddc772fa | Monitoring Contributor | Can read all monitoring data and update monitoring settings. | change | 2022-03-08 17:46:41
Actions |
| 959f8984-c045-4866-89c7-12bf9737be2e | Data Operator for Managed Disks | Provides permissions to upload data to empty managed disks, read, or export data of managed disks (not attached to running VMs) and snapshots using SAS URIs and Azure AD authentication. | add | 2022-03-01 18:03:34
Role |
| 0f2ebee7-ffd4-4fc0-b3b7-664099fdad5d | DNS Resolver Contributor | Lets you manage DNS resolver resources | change | 2022-03-01 18:03:34
Actions |
| 0f2ebee7-ffd4-4fc0-b3b7-664099fdad5d | DNS Resolver Contributor | Lets you manage DNS resolver resources | add | 2022-02-28 17:26:57
Role |
| eeaeda52-9324-47f6-8069-5d5bade478b2 | Domain Services Contributor | Can manage Azure AD Domain Services and related network configurations | add | 2022-02-23 18:03:00
Role |
| 361898ef-9ed1-48c2-849c-a832951106bb | Domain Services Reader | Can view Azure AD Domain Services and related network configurations | add | 2022-02-23 18:03:00
Role |
| 088ab73d-1256-47ae-bea9-9de8e7131f31 | Guest Configuration Resource Contributor | Lets you read, write Guest Configuration Resource. | change | 2022-02-11 18:30:29
Description, Actions |
| 18ed5180-3e48-46fd-8541-4ea054d57064 | Azure Kubernetes Service Policy Add-on Deployment | Deploy the Azure Policy add-on on Azure Kubernetes Service clusters | change | 2022-02-10 17:19:06
Actions |
| 18ed5180-3e48-46fd-8541-4ea054d57064 | Azure Kubernetes Service Policy Add-on Deployment | Deploy the Azure Policy add-on on Azure Kubernetes Service clusters | add | 2022-02-08 18:24:32
Role |
| a6333a3e-0164-44c3-b281-7a577aff287f | Windows Admin Center Administrator Login | Let's you manage the OS of your resource via Windows Admin Center as an administrator. | add | 2022-02-07 17:17:23
Role |
| 00493d72-78f6-4148-b6c5-d3ce8e4799dd | Azure Arc Enabled Kubernetes Cluster User Role | List cluster user credentials action. | change | 2022-02-02 17:45:29
Actions |
| f2dc8367-1007-4938-bd23-fe263f013447 | Cognitive Services Speech User | Access to the real-time speech recognition and batch transcription APIs, real-time speech synthesis and long audio APIs, as well as to read the data/test/model/endpoint for custom models, but can't create, delete or modify the data/test/model/endpoint for custom models. | change | 2022-01-28 19:51:28
DataActions, NotDataActions |
| 4447db05-44ed-4da3-ae60-6cbece780e32 | Chamber User | Lets you view everything under your HPC Workbench chamber, but not make any changes. | change | 2022-01-27 17:51:50
Actions |
| 871e35f6-b5c1-49cc-a043-bde969a0f2cd | CDN Endpoint Reader | Can view CDN endpoints, but can't make changes. | change | 2022-01-27 17:51:50
Actions |
| f4c81013-99ee-4d62-a7ee-b3f1f648599a | Microsoft Sentinel Automation Contributor | Microsoft Sentinel Automation Contributor | change | 2022-01-26 17:48:32
DisplayName, Description, Actions |
| 4e9b8407-af2e-495b-ae54-bb60a55b1b5a | Chamber Admin | Lets you manage everything under your HPC Workbench chamber. | add | 2022-01-20 18:36:47
Role |
| 4447db05-44ed-4da3-ae60-6cbece780e32 | Chamber User | Lets you view everything under your HPC Workbench chamber, but not make any changes. | add | 2022-01-20 18:36:47
Role |
| 088ab73d-1256-47ae-bea9-9de8e7131f31 | Guest Configuration Resource Contributor | Grants access to read or write to Guest Configuration resources. | add | 2022-01-14 17:44:10
Role |
| 67d33e57-3129-45e6-bb0b-7cc522f762fa | Azure Arc VMware Private Clouds Onboarding | Azure Arc VMware Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vCenter instances to Azure. | add | 2022-01-14 17:44:10
Role |
| e4237640-0e3d-4a46-8fda-70bc94856432 | Device Update Deployments Administrator | Gives you full access to management operations | change | 2022-01-13 19:18:33
DataActions |
| 49e2f5d2-7741-4835-8efa-19e1fe35e47f | Device Update Deployments Reader | Gives you read access to management operations, but does not allow making changes | change | 2022-01-13 19:18:33
DataActions |
| 14b46e9e-c2b7-41b4-b07b-48a6ebf60603 | Key Vault Crypto Officer | Perform any action on the keys of a key vault, except manage permissions. Only works for key vaults that use the 'Azure role-based access control' permission model. | change | 2022-01-07 18:14:37
DisplayName, DataActions |
| 27f8b550-c507-4db9-86f2-f4b8e816d59d | Autonomous Development Platform Data Owner (Preview) | Grants full access to Autonomous Development Platform data. | change | 2022-01-04 13:44:22
Actions, DataActions |
| b8b15564-4fa6-4a59-ab12-03e1d9594795 | Autonomous Development Platform Data Contributor (Preview) | Grants permissions to upload and manage new Autonomous Development Platform measurements. | change | 2022-01-04 13:44:22
Actions, DataActions, NotDataActions |
| d63b75f7-47ea-4f27-92ac-e0d173aaf093 | Autonomous Development Platform Data Reader (Preview) | Grants read access to Autonomous Development Platform data. | change | 2022-01-04 13:44:22
Actions, DataActions |
| 749f88d5-cbae-40b8-bcfc-e573ddc772fa | Monitoring Contributor | Can read all monitoring data and update monitoring settings. | change | 2022-01-04 11:26:52
Actions |
| 3913510d-42f4-4e42-8a64-420c390055eb | Monitoring Metrics Publisher | Enables publishing metrics against Azure resources | change | 2022-01-04 11:26:52
DataActions |
| b279062a-9be3-42a0-92ae-8b3cf002ec4d | Workbook Reader | Can read workbooks. | change | 2022-01-04 11:26:52
Actions |
| e8ddcd69-c73f-4f9f-9844-4100522f16ad | Workbook Contributor | Can save shared workbooks. | change | 2022-01-04 11:26:52
Actions |
| 00c29273-979b-4161-815c-10b084fb9324 | Backup Operator | Lets you manage backup services, except removal of backup, vault creation and giving access to others | change | 2021-12-16 17:24:54
Actions |
| cd570a14-e51a-42ad-bac8-bafd67325302 | Azure Connected Machine Resource Administrator | Can read, write, delete and re-onboard Azure Connected Machines. | change | 2021-12-15 17:18:05
Actions |
| fb879df8-f326-4884-b1cf-06f3ad86be52 | Virtual Machine User Login | View Virtual Machines in the portal and login as a regular user. | change | 2021-11-18 17:19:50
Actions |
| 1c0163c0-47e6-4577-8991-ea5c82e286e4 | Virtual Machine Administrator Login | View Virtual Machines in the portal and login as administrator | change | 2021-11-18 17:19:50
Actions |
| 12cf5a90-567b-43ae-8102-96cf46c7d9b4 | Web PubSub Service Owner (Preview) | Full access to Azure Web PubSub Service REST APIs | change | 2021-11-16 16:27:38
DataActions |
| bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf | Web PubSub Service Reader (Preview) | Read-only access to Azure Web PubSub Service REST APIs | change | 2021-11-16 16:27:38
DataActions |
| 420fcaa2-552c-430f-98ca-3264be4806c7 | SignalR App Server | Lets your app server access SignalR Service with AAD auth options. | change | 2021-11-16 16:27:38
DisplayName, DataActions |
| fb1c8493-542b-48eb-b624-b4c8fea62acd | Security Admin | Security Admin Role | change | 2021-11-15 17:00:51
NotActions |
| f69b8690-cc87-41d6-b77a-a4bc3c0a966f | Lab Services Contributor | The lab services contributor role | add | 2021-11-11 17:21:27
Role |
| ce40b423-cede-4313-a93f-9b28290b72e1 | Lab Assistant | The lab assistant role | add | 2021-11-11 17:21:27
Role |
| 5daaa2af-1fe8-407c-9122-bba179798270 | Lab Contributor | The lab contributor role | add | 2021-11-11 17:21:27
Role |
| 2a5c394f-5eb7-4d4f-9c8e-e8eae39faebc | Lab Services Reader | The lab services reader role | add | 2021-11-11 17:21:27
Role |
| b2de6794-95db-4659-8781-7e080d3f2b9d | Cognitive Services Immersive Reader User | Provides access to create Immersive Reader sessions and call APIs | add | 2021-11-11 17:21:27
Role |
| b97fb8bc-a8b2-4522-a38b-dd33c7e65ead | Lab Creator | Lets you create new labs under your Azure Lab Accounts. | change | 2021-11-11 17:21:27
Actions, DataActions |
| a36e6959-b6be-4b12-8e9f-ef4b474d304d | Lab Operator | The lab operator role | add | 2021-11-11 17:21:27
Role |
| 0c8b84dc-067c-4039-9615-fa1a4b77c726 | PlayFab Contributor | Provides contributor access to PlayFab resources | add | 2021-11-10 17:42:24
Role |
| 3ae3fb29-0000-4ccd-bf80-542e7b26e081 | Load Test Reader | View and list all load tests and load test resources but can not make any changes | add | 2021-11-10 17:42:24
Role |
| 749a398d-560b-491b-bb21-08924219302e | Load Test Contributor | View, create, update, delete and execute load tests. View and list load test resources but can not make any changes. | add | 2021-11-09 16:56:00
Role |
| 45bb0b16-2f0c-4e78-afaa-a07599b003f6 | Load Test Owner | Execute all operations on load test resources and load tests | add | 2021-11-09 16:56:00
Role |
| a9a19cc5-31f4-447c-901f-56c0bb18fcaf | PlayFab Reader | Provides read access to PlayFab resources | add | 2021-11-08 16:50:39
Role |
| 749f88d5-cbae-40b8-bcfc-e573ddc772fa | Monitoring Contributor | Can read all monitoring data and update monitoring settings. | change | 2021-11-08 16:50:39
Actions |
| ddc140ed-e463-4246-9145-7c664192013f | Azure Arc VMware Administrator role | Arc VMware VM Contributor has permissions to perform all connected VMwarevSphere actions. | add | 2021-11-05 17:28:15
Role |
| 7628b7b8-a8b2-4cdc-b46f-e9b35248918e | Cognitive Services Language Reader | Has access to Read and Test functions under Language portal | add | 2021-11-04 17:27:00
Role |
| f72c8140-2111-481c-87ff-72b910f6e3f8 | Cognitive Services LUIS Owner | Has access to all Read, Test, Write, Deploy and Delete functions under LUIS | add | 2021-11-04 17:27:00
Role |
| 6322a993-d5c9-4bed-b113-e49bbea25b27 | Cognitive Services LUIS Writer | Has access to all Read, Test, and Write functions under LUIS | add | 2021-11-04 17:27:00
Role |
| f07febfe-79bc-46b1-8b37-790e26e6e498 | Cognitive Services Language Owner | Has access to all Read, Test, Write, Deploy and Delete functions under Language portal | add | 2021-11-04 17:27:00
Role |
| f2310ca1-dc64-4889-bb49-c8e0fa3d47a8 | Cognitive Services Language Writer | Has access to all Read, Test, and Write functions under Language Portal | add | 2021-11-04 17:27:00
Role |
| 18e81cdc-4e98-4e29-a639-e7d10c5a6226 | Cognitive Services LUIS Reader | Has access to Read and Test functions under LUIS. | add | 2021-11-04 17:27:00
Role |
| b748a06d-6150-4f8a-aaa9-ce3940cd96cb | Azure Arc VMware VM Contributor | Arc VMware VM Contributor has permissions to perform all VM actions. | add | 2021-10-28 15:43:30
Role |
| ce551c02-7c42-47e0-9deb-e3b6fc3a9a83 | Azure Arc VMware Private Cloud User | Azure Arc VMware Private Cloud User has permissions to use the VMware cloud resources to deploy VMs. | add | 2021-10-28 15:43:30
Role |
| f2dc8367-1007-4938-bd23-fe263f013447 | Cognitive Services Speech User | Access to the real-time speech recognition and batch transcription APIs, real-time speech synthesis and long audio APIs, as well as to read the data/test/model/endpoint for custom models, but can't create, delete or modify the data/test/model/endpoint for custom models. | change | 2021-10-26 15:38:27
Actions |
| 0e75ca1e-0464-4b4d-8b93-68208a576181 | Cognitive Services Speech Contributor | Full access to Speech projects, including read, write and delete all entities, for real-time speech recognition and batch transcription tasks, real-time speech synthesis and long audio tasks, custom speech and custom voice. | change | 2021-10-26 15:38:27
Actions |
| 8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204 | Azure Maps Data Contributor | Grants access to read, write, and delete access to map related data from an Azure maps account. | change | 2021-10-13 16:30:51
DataActions |
| 6be48352-4f82-47c9-ad5e-0acacefdb005 | Azure Maps Search and Render Data Reader | Grants access to very limited set of data APIs for common visual web SDK scenarios. Specifically, render and search data APIs. | add | 2021-10-04 15:27:18
Role |
| dba33070-676a-4fb0-87fa-064dc56ff7fb | Azure Maps Contributor | Grants access all Azure Maps resource management. | add | 2021-10-04 15:27:18
Role |
| 9980e02c-c2be-4d73-94e8-173b1dc7cf3c | Virtual Machine Contributor | Lets you manage virtual machines, but not access to them, and not the virtual network or storage account they're connected to. | change | 2021-10-01 15:34:12
Actions |
| 60fc6e62-5479-42d4-8bf4-67625fcc2840 | Disk Pool Operator | Used by the StoragePool Resource Provider to manage Disks added to a Disk Pool. | add | 2021-09-14 15:45:54
Role |
| 6ae96244-5829-4925-a7d3-5975537d91dd | Azure VM Managed identities restore Contributor | Azure VM Managed identities restore Contributors are allowed to perform Azure VM Restores with managed identities both user and system | add | 2021-09-13 16:35:21
Role |
| fd53cd77-2268-407a-8f46-7e7863d0f521 | SignalR REST API Owner | Full access to Azure SignalR Service REST APIs | change | 2021-09-13 16:35:21
DisplayName, Description, DataActions |
| 494ae006-db33-4328-bf46-533a6560a3ca | Site Recovery Operator | Lets you failover and failback but not perform other Site Recovery management operations | change | 2021-09-10 15:51:14
Actions |
| 1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf | Stream Analytics Query Tester | Lets you perform query testing without creating a stream analytics job first | change | 2021-09-08 15:40:07
Actions |
| a06f5c24-21a7-4e1a-aa2b-f19eb6684f5b | Azure Spring Cloud Config Server Contributor | Allow read, write and delete access to Azure Spring Cloud Config Server | add | 2021-09-06 17:54:17
Role |
| 6670b86e-a3f7-4917-ac9b-5d6ab1be4567 | Site Recovery Contributor | Lets you manage Site Recovery service except vault creation and role assignment | change | 2021-09-02 16:18:17
Actions |
| dbaa88c4-0c30-4179-9fb3-46319faa6149 | Site Recovery Reader | Lets you view Site Recovery status but not perform other management operations | change | 2021-09-02 16:18:17
Actions |
| 1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf | Stream Analytics Query Tester | Lets you perform query testing without creating a stream analytics job first | change | 2021-09-01 15:00:06
Actions |
| f353d9bd-d4a6-484e-a77a-8050b599b867 | Automation Contributor | Manage azure automation resources and other resources using azure automation. | change | 2021-09-01 15:00:06
Actions |
| d04c6db6-4947-4782-9e91-30a88feb7be7 | Azure Spring Cloud Config Server Reader | Allow read access to Azure Spring Cloud Config Server | add | 2021-08-26 16:23:33
Role |
| f5880b48-c26d-48be-b172-7927bfa1c8f1 | Azure Spring Cloud Service Registry Contributor | Allow read, write and delete access to Azure Spring Cloud Service Registry | add | 2021-08-20 15:48:24
Role |
| cff1b556-2399-4e7e-856d-a8f754be7b65 | Azure Spring Cloud Service Registry Reader | Allow read access to Azure Spring Cloud Service Registry | add | 2021-08-20 15:48:24
Role |
| 9980e02c-c2be-4d73-94e8-173b1dc7cf3c | Virtual Machine Contributor | Lets you manage virtual machines, but not access to them, and not the virtual network or storage account they're connected to. | change | 2021-08-19 16:32:19
Actions |
| 2837e146-70d7-4cfd-ad55-7efa6464f958 | CodeSigning Certificate Profile Signer | Sign files with a certificate profile. This role is in preview and subject to change. | add | 2021-08-17 16:31:35
Role |
| a79a5197-3a5c-4973-a920-486035ffd60f | Grafana Editor | Built-in Grafana Editor role | add | 2021-08-13 17:07:50
Role |
| 22926164-76b3-42b3-bc55-97df8dab3e41 | Grafana Admin | Built-in Grafana admin role | add | 2021-08-13 17:07:50
Role |
| 60921a7e-fef1-4a43-9b16-a26c52ad4769 | Grafana Viewer | Built-in Grafana Viewer role | add | 2021-08-13 17:07:50
Role |
| 39bc4728-0917-49c7-9d2c-d95423bc2eb4 | Security Reader | Security Reader Role | change | 2021-08-12 19:47:01
Actions |
| fb1c8493-542b-48eb-b624-b4c8fea62acd | Security Admin | Security Admin Role | change | 2021-08-12 19:47:01
NotActions |
| 85cb6faf-e071-4c9b-8136-154b5a04f717 | Kubernetes Extension Contributor | Can create, update, get, list and delete Kubernetes Extensions, and get extension async operations | add | 2021-08-11 15:29:45
Role |
| dfce44e4-17b7-4bd1-a6d1-04996ec95633 | Device Provisioning Service Data Contributor | Allows for full access to Device Provisioning Service data-plane operations. | add | 2021-08-09 22:29:09
Role |
| 10745317-c249-44a1-a5ce-3a4353c0bbd8 | Device Provisioning Service Data Reader | Allows for full read access to Device Provisioning Service data-plane properties. | add | 2021-08-09 22:29:09
Role |
| f353d9bd-d4a6-484e-a77a-8050b599b867 | Automation Contributor | Manage azure automation resources and other resources using azure automation. | add | 2021-08-09 19:32:28
Role |
| 92aaf0da-9dab-42b6-94a3-d43ce8d16293 | Log Analytics Contributor | Log Analytics Contributor can read all monitoring data and edit monitoring settings. Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; adding solutions; and configuring Azure diagnostics on all Azure resources. | change | 2021-08-06 15:06:08
Description, Actions |
| 15e0f5a1-3450-4248-8e25-e2afe88a9e85 | Test Base Reader | Let you view and download packages and test results. | change | 2021-08-06 15:06:08
Actions |
| 1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf | Stream Analytics Query Tester | Lets you perform query testing without creating a stream analytics job first | change | 2021-08-06 15:06:08
Actions |
| ab8e14d6-4a74-4a29-9ba8-549422addade | Azure Sentinel Contributor | Azure Sentinel Contributor | change | 2021-08-05 14:48:34
Actions |
| 8d289c81-5878-46d4-8554-54e1e3d8b5cb | Azure Sentinel Reader | Azure Sentinel Reader | change | 2021-08-05 14:48:34
Actions |
| 3e150937-b8fe-4cfb-8069-0eaf05ecd056 | Azure Sentinel Responder | Azure Sentinel Responder | change | 2021-08-05 14:48:34
Actions |
| 25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68 | Cognitive Services Contributor | Lets you create, read, update, delete and manage keys of Cognitive Services. | change | 2021-08-03 20:37:08
Actions |
| 1c0163c0-47e6-4577-8991-ea5c82e286e4 | Virtual Machine Administrator Login | View Virtual Machines in the portal and login as administrator | change | 2021-08-02 15:58:24
Actions, DataActions |
| fb879df8-f326-4884-b1cf-06f3ad86be52 | Virtual Machine User Login | View Virtual Machines in the portal and login as a regular user. | change | 2021-08-02 15:58:24
Actions, DataActions |
| 0e75ca1e-0464-4b4d-8b93-68208a576181 | Cognitive Services Speech Contributor | Full access to Speech projects, including read, write and delete all entities, for real-time speech recognition and batch transcription tasks, real-time speech synthesis and long audio tasks, custom speech and custom voice. | change | 2021-07-29 15:40:44
Description, DataActions |
| 7e4f1700-ea5a-4f59-8f37-079cfe29dce3 | SignalR Service Owner | Full access to Azure SignalR Service REST APIs | change | 2021-07-29 15:40:44
DisplayName, DataActions |
| f2dc8367-1007-4938-bd23-fe263f013447 | Cognitive Services Speech User | Access to the real-time speech recognition and batch transcription APIs, real-time speech synthesis and long audio APIs, as well as to read the data/test/model/endpoint for custom models, but can't create, delete or modify the data/test/model/endpoint for custom models. | change | 2021-07-29 15:40:44
Description, DataActions, NotDataActions |
| 26e0b698-aa6d-4085-9386-aadae190014d | Azure Relay Listener | Allows for listen access to Azure Relay resources. | add | 2021-07-21 16:02:28
Role |
| 26baccc8-eea7-41f1-98f4-1762cc7f685d | Azure Relay Sender | Allows for send access to Azure Relay resources. | add | 2021-07-20 17:09:18
Role |
| 2787bf04-f1f5-4bfe-8383-c8a24483ee38 | Azure Relay Owner | Allows for full access to Azure Relay resources. | add | 2021-07-20 17:09:18
Role |
| e8113dce-c529-4d33-91fa-e9b972617508 | Azure Connected SQL Server Onboarding | Microsoft.AzureArcData service role to access the resources of Microsoft.AzureArcData stored with RPSAAS. | add | 2021-07-19 14:20:08
Role |
| 8508508a-4469-4e45-963b-2518ee0bb728 | AgFood Platform Service Contributor | Provides contribute access to AgFood Platform Service | change | 2021-07-19 14:20:08
NotDataActions |
| 3db33094-8700-4567-8da5-1501d4e7e843 | FHIR Data Exporter | Role allows user or principal to read and export FHIR Data | change | 2021-07-19 14:20:08
DataActions |
| f6c7c914-8db3-469d-8ca1-694a8f32e121 | AzureML Data Scientist | Can perform all actions within an Azure Machine Learning workspace, except for creating or deleting compute resources and modifying the workspace itself. | add | 2021-07-15 16:24:54
Role |
| 39bc4728-0917-49c7-9d2c-d95423bc2eb4 | Security Reader | Security Reader Role | change | 2021-07-12 16:24:45
Actions |
| 60fc6e62-5479-42d4-8bf4-67625fcc2840 | Disk Pool Operator | Used by the StoragePool Resource Provider to manage Disks added to a Disk Pool. | remove | 2021-07-12 16:24:45
Role |
| 60fc6e62-5479-42d4-8bf4-67625fcc2840 | Disk Pool Operator | Used by the StoragePool Resource Provider to manage Disks added to a Disk Pool. | add | 2021-07-09 14:39:01
Role |
| 4c8d0bbc-75d3-4935-991f-5f3c56d81508 | FHIR Data Reader | Role allows user or principal to read FHIR Data | change | 2021-07-09 14:39:01
DataActions |
| a1705bd2-3a8f-45a5-8683-466fcfd5cc24 | FHIR Data Converter | Role allows user or principal to convert data from legacy format to FHIR | change | 2021-07-09 14:39:01
DataActions |
| 3f88fce4-5892-4214-ae73-ba5294559913 | FHIR Data Writer | Role allows user or principal to read and write FHIR Data | change | 2021-07-09 14:39:01
DataActions, NotDataActions |
| 5a1fc7df-4bf1-4951-a576-89034ee01acd | FHIR Data Contributor | Role allows user or principal full access to FHIR Data | change | 2021-07-09 14:39:01
DataActions |
| fb1c8493-542b-48eb-b624-b4c8fea62acd | Security Admin | Security Admin Role | change | 2021-07-08 14:19:50
Actions |
| c8d4ff99-41c3-41a8-9f60-21dfdad59608 | AcrQuarantineWriter | acr quarantine data writer | change | 2021-07-07 15:26:33
DataActions |
| d5a91429-5739-47e2-a06b-3470a27159e7 | EventGrid Data Sender | Allows send access to event grid events. | add | 2021-07-05 14:23:05
Role |
| 6cef56e8-d556-48e5-a04f-b8e64114680f | AcrImageSigner | acr image signer | change | 2021-06-24 14:29:36
DataActions |
| cdda3590-29a3-44f6-95f2-9f980659eb04 | AcrQuarantineReader | acr quarantine data reader | change | 2021-06-24 14:29:36
DataActions |
| 58a3b984-7adf-4c20-983a-32417c86fbc8 | DICOM Data Owner | Full access to DICOM data. | add | 2021-06-18 14:19:53
Role |
| e89c7a3c-2f64-4fa1-a847-3e4c9ba4283a | DICOM Data Reader | Read and search DICOM data. | add | 2021-06-18 14:19:53
Role |
| 0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3 | Storage Table Data Contributor | Allows for read, write and delete access to Azure Storage tables and entities | add | 2021-06-15 14:06:27
Role |
| 76199698-9eea-4c19-bc75-cec21354c6b6 | Storage Table Data Reader | Allows for read access to Azure Storage tables and entities | add | 2021-06-15 14:06:27
Role |
| 5e467623-bb1f-42f4-a55d-6e525e11384b | Backup Contributor | Lets you manage backup service,but can't create vaults and give access to others | change | 2021-06-14 13:58:52
Actions |
| 00c29273-979b-4161-815c-10b084fb9324 | Backup Operator | Lets you manage backup services, except removal of backup, vault creation and giving access to others | change | 2021-06-14 13:58:52
Actions |
| 9b7fa17d-e63e-47b0-bb0a-15c516ac86ec | SQL DB Contributor | Lets you manage SQL databases, but not access to them. Also, you can't manage their security-related policies or their parent SQL servers. | change | 2021-06-10 15:19:34
NotActions |
| a795c7a0-d4a2-40c1-ae25-d81f01202912 | Backup Reader | Can view backup services, but can't make changes | change | 2021-06-10 15:19:34
Actions |
| cd570a14-e51a-42ad-bac8-bafd67325302 | Azure Connected Machine Resource Administrator | Can read, write, delete and re-onboard Azure Connected Machines. | change | 2021-06-09 16:50:31
Actions |
| 1407120a-92aa-4202-b7e9-c0e197c71c8f | Search Index Data Reader | Grants read access to Azure Cognitive Search index data. | add | 2021-06-02 22:45:24
Role |
| 8ebe5a00-799e-43f5-93ac-243d3dce84a7 | Search Index Data Contributor | Grants full access to Azure Cognitive Search index data. | add | 2021-06-02 22:45:24
Role |
| a795c7a0-d4a2-40c1-ae25-d81f01202912 | Backup Reader | Can view backup services, but can't make changes | change | 2021-05-25 14:52:54
Actions |
| 0b555d9b-b4a7-4f43-b330-627f0e5be8f0 | Security Detonation Chamber Submitter | Allowed to create submissions to Security Detonation Chamber | change | 2021-05-24 17:13:01
DataActions |
| a37b566d-3efa-4beb-a2f2-698963fa42ce | Security Detonation Chamber Submission Manager | Allowed to create and manage submissions to Security Detonation Chamber | change | 2021-05-24 17:13:01
DataActions |
| 15e0f5a1-3450-4248-8e25-e2afe88a9e85 | Test Base Reader | Let you view and download packages and test results. | add | 2021-05-12 14:41:18
Role |
| 532bc159-b25e-42c0-969e-a1d439f60d77 | Media Services Live Events Administrator | Create, read and modify Live Events, Assets, Asset Filters and Streaming Locators; read-only access to other Media Services resources. | add | 2021-05-07 14:29:30
Role |
| 99dba123-b5fe-44d5-874c-ced7199a5804 | Media Services Streaming Endpoints Administrator | Create, read, modify and delete Streaming Endpoints; read-only access to other Media Services resources. | add | 2021-05-07 14:29:30
Role |
| c4bba371-dacd-4a26-b320-7250bca963ae | Media Services Policy Administrator | Create, read, modify, and delete Account Filters, Streaming Policies, Content Key Policies and Transforms; read-only access to other Media Services resources. Cannot create Jobs, Assets or Streaming resources. | add | 2021-05-07 14:29:30
Role |
| e4395492-1534-4db2-bedf-88c14621589c | Media Services Media Operator | Create, read, modify, and delete of Assets, Asset Filters, Streaming Locators and Jobs; read-only access to other Media Services resources. | add | 2021-05-07 14:29:30
Role |
| 054126f8-9a2b-4f1c-a9ad-eca461f08466 | Media Services Account Administrator | Create, read, modify and delete Media Services accounts; read-only access to other Media Services resources. | add | 2021-05-03 14:09:38
Role |
| cd570a14-e51a-42ad-bac8-bafd67325302 | Azure Connected Machine Resource Administrator | Can read, write, delete and re-onboard Azure Connected Machines. | change | 2021-04-29 16:55:26
Actions |
| 1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf | Stream Analytics Query Tester | Lets you perform query testing without creating a stream analytics job first | add | 2021-04-27 15:39:18
Role |
| 7a6f0e70-c033-4fb1-828c-08514e5f4102 | Collaborative Runtime Operator | Can manage resources created by AICS at runtime | change | 2021-04-26 14:08:50
Actions |
| 4ea46cd5-c1b2-4a8e-910b-273211f9ce47 | Azure Iot Hubs Registry Contributor | Allows for full access to Azure IoT Hubs device registry. | add | 2021-04-23 13:42:10
Role |
| b447c946-2db7-41ec-983d-d8bf3b1c77e3 | Azure Iot Hubs Data Reader | Allows for full read access to Azure Iot Hubs data-plane properties | add | 2021-04-23 13:42:10
Role |
| 494bdba2-168f-4f31-a0a1-191d2f7c028c | Azure Iot?Hubs?Twin?Contributor | Allows for read and write access to all Azure IoT Hubs device and module twins. | add | 2021-04-23 13:42:10
Role |
| 4fc6c259-987e-4a07-842e-c321cc9d413f | Azure Iot?Hubs?Data?Contributor | Allows for full access to Azure IoT Hubs data plane operations. | add | 2021-04-23 13:42:10
Role |
| a2138dac-4907-4679-a376-736901ed8ad8 | AnyBuild Builder | Basic user role for AnyBuild. This role allows listing of agent information and execution of remote build capabilities. | add | 2021-04-21 13:28:47
Role |
| 9894cab4-e18a-44aa-828b-cb588cd6f2d7 | Cognitive Services Face Recognizer | Lets you perform detect, verify, identify, group, and find similar operations on Face API. This role does not allow create or delete operations, which makes it well suited for endpoints that only need inferencing capabilities, following 'least privilege' best practices. | add | 2021-03-31 14:35:06
Role |
| f2dc8367-1007-4938-bd23-fe263f013447 | Cognitive Services Speech User | This is a role that can create, read, change and delete batch transcriptions, do real time transcriptions and list or get other speech resources. | add | 2021-03-30 13:51:32
Role |
| 0e75ca1e-0464-4b4d-8b93-68208a576181 | Cognitive Services Speech Contributor | This is a role that can read, write and delete all speech resources. | add | 2021-03-30 13:51:32
Role |
| b5537268-8956-4941-a8f0-646150406f0c | Azure Spring Cloud Data Reader | Allow read access to Azure Spring Cloud Data | add | 2021-03-25 15:40:30
Role |
| 7e4f1700-ea5a-4f59-8f37-079cfe29dce3 | SignalR Service Owner (Preview) | Full access to Azure SignalR Service REST APIs | change | 2021-03-24 14:32:47
DataActions |
| cd570a14-e51a-42ad-bac8-bafd67325302 | Azure Connected Machine Resource Administrator | Can read, write, delete and re-onboard Azure Connected Machines. | change | 2021-03-24 14:32:47
Actions |
| b64e21ea-ac4e-4cdf-9dc9-5b892992bee7 | Azure Connected Machine Onboarding | Can onboard Azure Connected Machines. | change | 2021-03-24 14:32:47
Actions |
| bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf | Web PubSub Service Reader (Preview) | Read-only access to Azure Web PubSub Service REST APIs | add | 2021-03-24 14:32:47
Role |
| 12cf5a90-567b-43ae-8102-96cf46c7d9b4 | Web PubSub Service Owner (Preview) | Full access to Azure Web PubSub Service REST APIs | add | 2021-03-24 14:32:47
Role |
| daa9e50b-21df-454c-94a6-a8050adab352 | Collaborative Data Contributor | Can manage data packages of a collaborative. | change | 2021-03-17 17:26:57
Actions |
| d17ce0a2-0697-43bc-aac5-9113337ab61c | WorkloadBuilder Migration Agent Role | WorkloadBuilder Migration Agent Role. | add | 2021-03-12 15:32:19
Role |
| f4cc2bf9-21be-47a1-bdf1-5c5804381025 | Cognitive Services QnA Maker Editor | Let's you create, edit, import and export a KB. You cannot publish or delete a KB. | change | 2021-03-11 15:16:45
DataActions |
| 466ccd10-b268-4a11-b098-b4849f024126 | Cognitive Services QnA Maker Reader | Let's you read and test a KB only. | change | 2021-03-11 15:16:45
DataActions |
| 6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437 | SQL Server Contributor | Lets you manage SQL servers and databases, but not access to them, and not their security -related policies. | change | 2021-03-09 14:37:39
NotActions |
| 056cd41c-7e88-42e1-933e-88ba6a50c9c3 | SQL Security Manager | Lets you manage the security-related policies of SQL servers and databases, but not access to them. | change | 2021-03-09 14:37:39
Actions |
| 7f646f1b-fa08-80eb-a22b-edd6ce5c915c | Experimentation Contributor | Experimentation Contributor | change | 2021-03-08 14:55:25
DataActions |
| 6188b7c9-7d01-4f99-a59f-c88b630326c0 | Experimentation Metric Contributor | Allows for creation, writes and reads to the metric set via the metrics service APIs. | change | 2021-03-08 14:55:25
DisplayName, Actions, DataActions |
| 7f646f1b-fa08-80eb-a33b-edd6ce5c915c | Experimentation Administrator | Experimentation Administrator | change | 2021-03-08 14:55:25
Actions |
| 352470b3-6a9c-4686-b503-35deb827e500 | Security Detonation Chamber Publisher | Allowed to publish and modify platforms, workflows and toolsets to Security Detonation Chamber | change | 2021-03-08 14:55:25
DataActions |
| ca0835dd-bacc-42dd-8ed2-ed5e7230d15b | Object Anchors Account Owner | Provides user with ingestion capabilities for an object anchors account. | add | 2021-03-02 15:11:43
Role |
| 4a167cdf-cb95-4554-9203-2347fe489bd9 | Object Anchors Account Reader | Lets you read ingestion jobs for an object anchors account. | add | 2021-03-02 15:11:43
Role |
| 28241645-39f8-410b-ad48-87863e2951d5 | Security Detonation Chamber Reader | Allowed to query submission info and files from Security Detonation Chamber | add | 2021-03-01 15:42:30
Role |
| 230815da-be43-4aae-9cb4-875f7bd000aa | Cosmos DB Operator | Lets you manage Azure Cosmos DB accounts, but not access data in them. Prevents access to account keys and connection strings. | change | 2021-02-26 14:41:31
NotActions |
| 056cd41c-7e88-42e1-933e-88ba6a50c9c3 | SQL Security Manager | Lets you manage the security-related policies of SQL servers and databases, but not access to them. | change | 2021-02-15 15:24:20
Actions |
| 1e241071-0855-49ea-94dc-649edcd759de | EventGrid Contributor | Lets you manage EventGrid operations. | change | 2021-02-11 14:23:07
Actions |
| 1e241071-0855-49ea-94dc-649edcd759de | EventGrid Contributor | Lets you manage EventGrid operations. | add | 2021-02-09 14:46:34
Role |
| b8b15564-4fa6-4a59-ab12-03e1d9594795 | Autonomous Development Platform Data Contributor (Preview) | Grants permissions to upload and manage new Autonomous Development Platform measurements. | change | 2021-02-09 14:46:34
DataActions |
| d63b75f7-47ea-4f27-92ac-e0d173aaf093 | Autonomous Development Platform Data Reader (Preview) | Grants read access to Autonomous Development Platform data. | change | 2021-02-09 14:46:34
DataActions |
| 27f8b550-c507-4db9-86f2-f4b8e816d59d | Autonomous Development Platform Data Owner (Preview) | Grants full access to Autonomous Development Platform data. | change | 2021-02-09 14:46:34
DataActions |
| 7a6f0e70-c033-4fb1-828c-08514e5f4102 | Collaborative Runtime Operator | Can manage resources created by AICS at runtime | change | 2021-02-08 14:18:19
Actions |
| 0e5f05e5-9ab9-446b-b98d-1e2157c94125 | Quota Request Operator Role | Role to read and create Quota Requests and get Quota Request Status. | change | 2021-02-05 15:19:18
Actions |
| ba92f5b4-2d11-453d-a403-e96b0029c9fe | Storage Blob Data Contributor | Allows for read, write and delete access to Azure Storage blob containers and data | change | 2021-02-04 14:17:50
DataActions |
| 0e5f05e5-9ab9-446b-b98d-1e2157c94125 | Quota Request Operator Role | Role to read and create Quota Requests and get Quota Request Status. | add | 2021-02-03 15:09:04
Role |
| 7f646f1b-fa08-80eb-a33b-edd6ce5c915c | Experimentation Administrator | Experimentation Administrator | change | 2021-02-03 15:09:04
DataActions |
| 6188b7c9-7d01-4f99-a59f-c88b630326c0 | Metric Contributor | Allows for creation, writes and reads to the metric set via the metrics service APIs. | change | 2021-01-29 15:07:15
DataActions |
| f4c81013-99ee-4d62-a7ee-b3f1f648599a | Azure Sentinel Automation Contributor | Azure Sentinel Automation Contributor | change | 2021-01-26 16:07:29
Actions |
| 0b555d9b-b4a7-4f43-b330-627f0e5be8f0 | Security Detonation Chamber Submitter | Allowed to create submissions to Security Detonation Chamber | change | 2021-01-25 16:07:06
DataActions |
| a37b566d-3efa-4beb-a2f2-698963fa42ce | Security Detonation Chamber Submission Manager | Allowed to create and manage submissions to Security Detonation Chamber | change | 2021-01-25 16:07:06
DataActions |
| a1705bd2-3a8f-45a5-8683-466fcfd5cc24 | FHIR Data Converter | Role allows user or principal to convert data from legacy format to FHIR | add | 2021-01-25 16:07:06
Role |
| f4c81013-99ee-4d62-a7ee-b3f1f648599a | Azure Sentinel Automation Contributor | Azure Sentinel Automation Contributor | add | 2021-01-25 16:07:06
Role |
| 974c5e8b-45b9-4653-ba55-5f855dd0fb88 | Storage Queue Data Contributor | Allows for read, write, and delete access to Azure Storage queues and queue messages | change | 2021-01-25 16:07:06
DataActions |
| 352470b3-6a9c-4686-b503-35deb827e500 | Security Detonation Chamber Publisher | Allowed to publish and modify platforms, workflows and toolsets to Security Detonation Chamber | change | 2021-01-25 16:07:06
DataActions |
| 5432c526-bc82-444a-b7ba-57c5b0b5b34f | CosmosRestoreOperator | Can perform restore action for Cosmos DB database account | add | 2021-01-22 09:15:20
Role |
| ae349356-3a1b-4a5e-921d-050484c6347e | Application Insights Component Contributor | Can manage Application Insights components | change | 2021-01-20 16:06:17
Actions |
| 00c29273-979b-4161-815c-10b084fb9324 | Backup Operator | Lets you manage backup services, except removal of backup, vault creation and giving access to others | change | 2021-01-19 16:07:23
Actions |
| 7a6f0e70-c033-4fb1-828c-08514e5f4102 | Collaborative Runtime Operator | Can manage resources created by AICS at runtime | add | 2021-01-19 16:07:23
Role |
| 7f646f1b-fa08-80eb-a22b-edd6ce5c915c | Experimentation Contributor | Experimentation Contributor | change | 2021-01-18 16:05:49
Actions |
| a37b566d-3efa-4beb-a2f2-698963fa42ce | Security Detonation Chamber Submission Manager | Allowed to create and manage submissions to Security Detonation Chamber | add | 2021-01-18 16:05:49
Role |
| 352470b3-6a9c-4686-b503-35deb827e500 | Security Detonation Chamber Publisher | Allowed to publish and modify platforms, workflows and toolsets to Security Detonation Chamber | add | 2021-01-18 16:05:49
Role |
| 7f646f1b-fa08-80eb-a33b-edd6ce5c915c | Experimentation Administrator | Experimentation Administrator | change | 2021-01-18 16:05:49
Actions |
| 49632ef5-d9ac-41f4-b8e7-bbe587fa74a1 | Experimentation Reader | Experimentation Reader | change | 2021-01-12 16:06:58
Actions |
| 5548b2cf-c94c-4228-90ba-30851930a12f | Microsoft.Kubernetes connected cluster role | Microsoft.Kubernetes connected cluster role. | add | 2021-01-08 16:05:47
Role |
| 7efff54f-a5b4-42b5-a1c5-5411624893ce | Disk Snapshot Contributor | Provides permission to backup vault to manage disk snapshots. | change | 2021-01-06 16:06:44
Actions |
| b8b15564-4fa6-4a59-ab12-03e1d9594795 | Autonomous Development Platform Data Contributor (Preview) | Grants permissions to upload and manage new Autonomous Development Platform measurements. | change | 2021-01-05 16:06:49
Description, DataActions, NotDataActions |
| 39bc4728-0917-49c7-9d2c-d95423bc2eb4 | Security Reader | Security Reader Role | change | 2021-01-04 16:05:39
Actions |
| 3e5e47e6-65f7-47ef-90b5-e5dd4d455f24 | Disk Backup Reader | Provides permission to backup vault to perform disk backup. | change | 2020-12-18 16:05:51
Actions |
| b50d9833-a0cb-478e-945f-707fcc997c13 | Disk Restore Operator | Provides permission to backup vault to perform disk restore. | change | 2020-12-18 16:05:51
Actions |
| e147488a-f6f5-4113-8e2d-b22465e65bf6 | Key Vault Crypto Service Encryption User (preview) | Read metadata of keys and perform wrap/unwrap operations. Only works for key vaults that use the 'Azure role-based access control' permission model. | change | 2020-12-18 16:05:51
DisplayName, Actions |
| 7efff54f-a5b4-42b5-a1c5-5411624893ce | Disk Snapshot Contributor | Provides permission to backup vault to manage disk snapshots. | change | 2020-12-18 16:05:51
Actions |
| d63b75f7-47ea-4f27-92ac-e0d173aaf093 | Autonomous Development Platform Data Reader (Preview) | Grants read access to Autonomous Development Platform data. | add | 2020-12-15 16:36:19
Role |
| 27f8b550-c507-4db9-86f2-f4b8e816d59d | Autonomous Development Platform Data Owner (Preview) | Grants full access to Autonomous Development Platform data. | add | 2020-12-15 16:36:19
Role |
| 3e5e47e6-65f7-47ef-90b5-e5dd4d455f24 | Disk Backup Reader | Provides permission to backup vault to perform disk backup. | add | 2020-12-15 16:36:19
Role |
| 7efff54f-a5b4-42b5-a1c5-5411624893ce | Disk Snapshot Contributor | Provides permission to backup vault to manage disk snapshots. | add | 2020-12-15 16:36:19
Role |
| b8b15564-4fa6-4a59-ab12-03e1d9594795 | Autonomous Development Platform Data Contributor (Preview) | Grants permissions to manage Autonomous Development Platform data entities, but does not allow accessing the underlying data. Note that entity deletion is not permitted by this role. | add | 2020-12-15 16:36:19
Role |
| b50d9833-a0cb-478e-945f-707fcc997c13 | Disk Restore Operator | Provides permission to backup vault to perform disk restore. | add | 2020-12-15 16:36:19
Role |
| 0fa44ee9-7a7d-466b-9bb2-2bf446b1204d | Desktop Virtualization Workspace Reader | Reader of the Desktop Virtualization Workspace. | add | 2020-12-14 15:13:28
Role |
| aebf23d0-b568-4e86-b8f9-fe83a2c6ab55 | Desktop Virtualization Application Group Reader | Reader of the Desktop Virtualization Application Group. | add | 2020-12-14 15:13:28
Role |
| 2ad6aaab-ead9-4eaa-8ac5-da422f562408 | Desktop Virtualization Session Host Operator | Operator of the Desktop Virtualization Session Host. | add | 2020-12-14 15:13:28
Role |
| 86240b0e-9422-4c43-887b-b61143f32ba8 | Desktop Virtualization Application Group Contributor | Contributor of the Desktop Virtualization Application Group. | add | 2020-12-14 15:13:28
Role |
| ceadfde2-b300-400a-ab7b-6143895aa822 | Desktop Virtualization Host Pool Reader | Reader of the Desktop Virtualization Host Pool. | add | 2020-12-14 15:13:28
Role |
| 49a72310-ab8d-41df-bbb0-79b649203868 | Desktop Virtualization Reader | Reader of Desktop Virtualization. | add | 2020-12-14 15:13:28
Role |
| c7aa55d3-1abb-444a-a5ca-5e51e485d6ec | Integration Service Environment Developer | Allows developers to create and update workflows, integration accounts and API connections in integration service environments. | change | 2020-12-14 15:13:28
Actions |
| ea4bfff8-7fb4-485a-aadd-d4129a0ffaa6 | Desktop Virtualization User Session Operator | Operator of the Desktop Virtualization Uesr Session. | add | 2020-12-14 15:13:28
Role |
| e307426c-f9b6-4e81-87de-d99efb3c32bc | Desktop Virtualization Host Pool Contributor | Contributor of the Desktop Virtualization Host Pool. | add | 2020-12-14 15:13:28
Role |
| 21efdde3-836f-432b-bf3d-3e8e734d4b2b | Desktop Virtualization Workspace Contributor | Contributor of the Desktop Virtualization Workspace. | add | 2020-12-14 15:13:28
Role |
| 082f0a83-3be5-4ba1-904c-961cca79b387 | Desktop Virtualization Contributor | Contributor of Desktop Virtualization. | add | 2020-12-14 15:13:28
Role |
| 056cd41c-7e88-42e1-933e-88ba6a50c9c3 | SQL Security Manager | Lets you manage the security-related policies of SQL servers and databases, but not access to them. | change | 2020-12-10 15:11:36
Actions |
| 3e150937-b8fe-4cfb-8069-0eaf05ecd056 | Azure Sentinel Responder | Azure Sentinel Responder | change | 2020-12-08 15:44:03
Actions |
| 434105ed-43f6-45c7-a02f-909b2ba83430 | Cost Management Contributor | Can view costs and manage cost configuration (e.g. budgets, exports) | change | 2020-12-08 15:44:03
Actions |
| 72fafb9e-0641-4937-9268-a91bfd8191a3 | Cost Management Reader | Can view cost data and configuration (e.g. budgets, exports) | change | 2020-12-08 15:44:03
Actions |
| ca6382a4-1721-4bcf-a114-ff0c70227b6b | Application Group Contributor | Contributor of the Application Group. | change | 2020-12-07 15:13:35
Actions |
| ca6382a4-1721-4bcf-a114-ff0c70227b6b | Application Group Contributor | Contributor of the Application Group. | add | 2020-12-04 15:12:58
Role |
| dd920d6d-f481-47f1-b461-f338c46b2d9f | Marketplace Admin | Administrator of marketplace resource provider | remove | 2020-11-28 17:50:16
Role |
| 6188b7c9-7d01-4f99-a59f-c88b630326c0 | Metric Contributor | Allows for creation, writes and reads to the metric set via the metrics service APIs. | change | 2020-11-24 15:34:53
DataActions |
| c8d896ba-346d-4f50-bc1d-7d1c84130446 | Project Babylon Data Reader | The Microsoft.ProjectBabylon data reader can read catalog data objects. This role is in preview and subject to change. | change | 2020-11-23 14:37:57
DisplayName, Description, Actions |
| 05b7651b-dc44-475e-b74d-df3db49fae0f | Project Babylon Data Source Administrator | The Microsoft.ProjectBabylon data source administrator can manage data sources and data scans. This role is in preview and subject to change. | change | 2020-11-23 14:37:57
DisplayName, Description, Actions |
| 9ef4ef9c-a049-46b0-82ab-dd8ac094c889 | Project Babylon Data Curator | The Microsoft.ProjectBabylon data curator can create, read, modify and delete catalog data objects and establish relationships between objects. This role is in preview and subject to change. | change | 2020-11-23 14:37:57
DisplayName, Description, Actions |
| 200bba9e-f0c8-430f-892b-6f0794863803 | Purview Data Source Administrator Role Preview | The Microsoft.Purview data source administrator can manage data sources and data scans | change | 2020-11-19 14:28:56
Actions |
| e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1 | Storage Account Backup Contributor Role | Storage Account Backup Contributors are allowed to perform backup and restore of Storage Account. | change | 2020-11-19 14:28:56
Actions |
| 8a3c2885-9b38-4fd2-9d99-91af537c1347 | Purview Data Curator Role Preview | The Microsoft.Purview data curator can create, read, modify and delete catalog data objects and establish relationships between objects | change | 2020-11-19 14:28:56
Actions |
| ff100721-1b9d-43d8-af52-42b69c1272db | Purview Data Reader Role Preview | The Microsoft.Purview data reader can read catalog data objects | change | 2020-11-19 14:28:56
Actions |
| 749f88d5-cbae-40b8-bcfc-e573ddc772fa | Monitoring Contributor | Can read all monitoring data and update monitoring settings. | change | 2020-11-18 18:53:03
Actions |
| f2f79976-90be-4501-89c6-7caf12474683 | Azure Data Cloud Lifter Management | Grants full access to manage all resources in managed Resource Group. | remove | 2020-11-18 18:53:03
Role |
| 6188b7c9-7d01-4f99-a59f-c88b630326c0 | Metric Contributor | Allows for creation, writes and reads to the metric set via the metrics service APIs. | change | 2020-11-18 18:53:03
DisplayName, DataActions |
| 05b7651b-dc44-475e-b74d-df3db49fae0f | Project Babylon Data Source Administrator Role Preview | The Microsoft.ProjectBabylon data source administrator can manage data sources and data scans | add | 2020-11-16 13:39:23
Role |
| 9ef4ef9c-a049-46b0-82ab-dd8ac094c889 | Project Babylon Data Curator Role Preview | The Microsoft.ProjectBabylon data curator can create, read, modify and delete catalog data objects and establish relationships between objects | add | 2020-11-16 13:39:23
Role |
| e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1 | Storage Account Backup Contributor Role | Storage Account Backup Contributors are allowed to perform backup and restore of Storage Account. | change | 2020-11-16 13:39:23
Actions |
| ff100721-1b9d-43d8-af52-42b69c1272db | Purview Data Reader Role Preview | The Microsoft.Purview data reader can read catalog data objects | add | 2020-11-16 13:39:23
Role |
| 8a3c2885-9b38-4fd2-9d99-91af537c1347 | Purview Data Curator Role Preview | The Microsoft.Purview data curator can create, read, modify and delete catalog data objects and establish relationships between objects | add | 2020-11-16 13:39:23
Role |
| c8d896ba-346d-4f50-bc1d-7d1c84130446 | Project Babylon Data Reader Role Preview | The Microsoft.ProjectBabylon data reader can read catalog data objects | add | 2020-11-16 13:39:23
Role |
| 200bba9e-f0c8-430f-892b-6f0794863803 | Purview Data Source Administrator Role Preview | The Microsoft.Purview data source administrator can manage data sources and data scans | add | 2020-11-16 13:39:23
Role |
| e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1 | Storage Account Backup Contributor Role | Storage Account Backup Contributors are allowed to perform backup and restore of Storage Account. | add | 2020-11-13 14:22:44
Role |
| 6188b7c9-7d01-4f99-a59f-c88b630326c0 | Metric Contributor Service Role | Allows for creation, writes and reads to the metric set via the metrics service APIs. | add | 2020-11-12 14:32:48
Role |
| b24988ac-6180-42a0-ab88-20f7382dd24c | Contributor | Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC. | change | 2020-11-11 15:02:47
NotActions |
| 3e150937-b8fe-4cfb-8069-0eaf05ecd056 | Azure Sentinel Responder | Azure Sentinel Responder | change | 2020-11-09 14:42:02
NotActions |
| 8d289c81-5878-46d4-8554-54e1e3d8b5cb | Azure Sentinel Reader | Azure Sentinel Reader | change | 2020-11-04 15:39:11
Actions |
| ab8e14d6-4a74-4a29-9ba8-549422addade | Azure Sentinel Contributor | Azure Sentinel Contributor | change | 2020-11-04 15:39:11
Actions |
| 3e150937-b8fe-4cfb-8069-0eaf05ecd056 | Azure Sentinel Responder | Azure Sentinel Responder | change | 2020-11-04 15:39:11
Actions |
| dffb1e0c-446f-4dde-a09f-99eb5cc68b96 | Azure Arc Kubernetes Admin | Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces. | change | 2020-11-03 14:38:31
DataActions, NotDataActions |
| 5b999177-9696-4545-85c7-50de3797e5a1 | Azure Arc Kubernetes Writer | Lets you update everything in cluster/namespace, except (cluster)roles and (cluster)role bindings. | change | 2020-11-03 14:38:31
DataActions, NotDataActions |
| 63f0a09d-1495-4db4-a681-037d84835eb4 | Azure Arc Kubernetes Viewer | Lets you view all resources in cluster/namespace, except secrets. | change | 2020-11-03 14:38:31
DataActions, NotDataActions |
| 635dd51f-9968-44d3-b7fb-6d9a6bd613ae | AzureML Metrics Writer (preview) | Lets you write metrics to AzureML workspace | add | 2020-10-29 15:20:50
Role |
| f2f79976-90be-4501-89c6-7caf12474683 | Azure Data Cloud Lifter Management | Grants full access to manage all resources in managed Resource Group. | change | 2020-10-28 15:04:35
Actions |
| 8508508a-4469-4e45-963b-2518ee0bb728 | AgFood Platform Service Contributor | Provides contribute access to AgFood Platform Service | change | 2020-10-27 14:13:08
NotDataActions |
| f7b75c60-3036-4b75-91c3-6b41c27c1689 | Reservation Purchaser | Lets you purchase reservations | add | 2020-10-26 14:19:04
Role |
| 420fcaa2-552c-430f-98ca-3264be4806c7 | SignalR App Server (Preview) | Lets your app server access SignalR Service with AAD auth options. | change | 2020-10-23 13:31:33
DataActions |
| 7e4f1700-ea5a-4f59-8f37-079cfe29dce3 | SignalR Service Owner (Preview) | Full access to Azure SignalR Service REST APIs | change | 2020-10-23 13:31:33
DataActions |
| 7f6c6a51-bcf8-42ba-9220-52d62157d7db | Azure Kubernetes Service RBAC Reader | Allows read-only access to see most objects in a namespace. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces. | change | 2020-10-23 13:31:33
Description, Actions, DataActions, NotDataActions |
| fd53cd77-2268-407a-8f46-7e7863d0f521 | SignalR Serverless Contributor (Preview) | Lets your app access service in serverless mode with AAD auth options. | change | 2020-10-23 13:31:33
Description, DataActions |
| a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb | Azure Kubernetes Service RBAC Writer | Allows read/write access to most objects in a namespace.This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets and running Pods as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace. Applying this role at cluster scope will give access across all namespaces. | change | 2020-10-23 13:31:33
Description, Actions, DataActions, NotDataActions |
| 9b7fa17d-e63e-47b0-bb0a-15c516ac86ec | SQL DB Contributor | Lets you manage SQL databases, but not access to them. Also, you can't manage their security-related policies or their parent SQL servers. | change | 2020-10-20 13:29:34
NotActions |
| f2f79976-90be-4501-89c6-7caf12474683 | Azure Data Cloud Lifter Management | Grants full access to manage all resources in managed Resource Group. | add | 2020-10-20 13:29:34
Role |
| 056cd41c-7e88-42e1-933e-88ba6a50c9c3 | SQL Security Manager | Lets you manage the security-related policies of SQL servers and databases, but not access to them. | change | 2020-10-20 13:29:34
Actions |
| 6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437 | SQL Server Contributor | Lets you manage SQL servers and databases, but not access to them, and not their security -related policies. | change | 2020-10-20 13:29:34
NotActions |
| 0b555d9b-b4a7-4f43-b330-627f0e5be8f0 | Security Detonation Chamber Submitter | Allowed to create submissions to Security Detonation Chamber | add | 2020-10-19 15:27:07
Role |
| ddde6b66-c0df-4114-a159-3618637b3035 | SignalR Service Reader (Preview) | Read-only access to Azure SignalR Service REST APIs | add | 2020-10-13 13:23:37
Role |
| 7e4f1700-ea5a-4f59-8f37-079cfe29dce3 | SignalR Service Owner (Preview) | Full access to Azure SignalR Service REST APIs | add | 2020-10-13 13:23:37
Role |
| 82200a5b-e217-47a5-b665-6d8765ee745b | Services Hub Operator | Services Hub Operator allows you to perform all read, write, and deletion operations related to Services Hub Connectors. | change | 2020-10-07 08:52:18
Actions |
| 4fe6d683-8411-4247-8525-b6b5b8a80669 | Microsoft.ScVmm service role | Microsoft.ScVmm service role. | remove | 2020-09-23 13:42:44
Role |
| 18500a29-7fe2-46b2-a342-b16a415e101d | Managed HSM contributor | Lets you manage managed HSM pools, but not access to them. | add | 2020-09-17 14:31:34
Role |
| 4fe6d683-8411-4247-8525-b6b5b8a80669 | Microsoft.ScVmm service role | Microsoft.ScVmm service role. | add | 2020-09-14 13:55:19
Role |
| 5dffeca3-4936-4216-b2bc-10343a5abb25 | Schema Registry Contributor (Preview) | Read, write, and delete Schema Registry groups and schemas. | add | 2020-09-14 13:55:19
Role |
| 8508508a-4469-4e45-963b-2518ee0bb728 | AgFood Platform Service Contributor | Provides contribute access to AgFood Platform Service | add | 2020-09-14 13:55:19
Role |
| 7ec7ccdc-f61e-41fe-9aaf-980df0a44eba | AgFood Platform Service Reader | Provides read access to AgFood Platform Service | add | 2020-09-14 13:55:19
Role |
| f8da80de-1ff9-4747-ad80-a19b7f6079e3 | AgFood Platform Service Admin | Provides admin access to AgFood Platform Service | add | 2020-09-14 13:55:19
Role |
| 2c56ea50-c6b3-40a6-83c0-9d98858bc7d2 | Schema Registry Reader (Preview) | Read and list Schema Registry groups and schemas. | add | 2020-09-14 13:55:19
Role |
| cb43c632-a144-4ec5-977c-e80c4affc34a | Cognitive Services Metrics Advisor Administrator | Full access to the project, including the system level configuration. | add | 2020-09-10 14:55:48
Role |
| 3b20f47b-3825-43cb-8114-4bd2201156a8 | Cognitive Services Metrics Advisor User | Access to the project. | add | 2020-09-10 14:55:48
Role |
| 49e2f5d2-7741-4835-8efa-19e1fe35e47f | Device Update Deployments Reader | Gives you read access to management operations, but does not allow making changes | add | 2020-08-23 16:02:03
Role |
| 02ca0879-e8e4-47a5-a61e-5c618b76e64a | Device Update Administrator | Gives you full access to management and content operations | add | 2020-08-23 16:02:03
Role |
| e4237640-0e3d-4a46-8fda-70bc94856432 | Device Update Deployments Administrator | Gives you full access to management operations | add | 2020-08-23 16:02:03
Role |
| 0378884a-3af5-44ab-8323-f5b22f9f3c98 | Device Update Content Administrator | Gives you full access to content operations | add | 2020-08-23 16:02:03
Role |
| d1ee9a80-8b14-47f0-bdc2-f4a351625a7b | Device Update Content Reader | Gives you read access to content operations, but does not allow making changes | add | 2020-08-23 16:02:03
Role |
| e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f | Device Update Reader | Gives you read access to management and content operations, but does not allow making changes | add | 2020-08-23 16:02:03
Role |
| daa9e50b-21df-454c-94a6-a8050adab352 | Collaborative Data Contributor | Can manage data packages of a collaborative. | add | 2020-08-14 14:27:30
Role |
| 00493d72-78f6-4148-b6c5-d3ce8e4799dd | Azure Arc Enabled Kubernetes Cluster User Role | List cluster user credentials action. | add | 2020-07-29 13:49:09
Role |
| fd53cd77-2268-407a-8f46-7e7863d0f521 | SignalR Serverless Contributor (Preview) | Lets your app access service in serverless mode. | add | 2020-07-29 13:49:09
Role |
| 420fcaa2-552c-430f-98ca-3264be4806c7 | SignalR App Server (Preview) | Lets your app server access SignalR Service with AAD Auth options. | add | 2020-07-29 13:49:09
Role |
| d18777c0-1514-4662-8490-608db7d334b6 | Object Understanding Account Reader | Lets you read ingestion jobs for an object understanding account. | add | 2020-07-24 14:41:55
Role |
| 82200a5b-e217-47a5-b665-6d8765ee745b | Services Hub Operator | Services Hub Operator allows you to perform all read, write, and deletion operations related to Services Hub Connectors. | add | 2020-07-21 19:48:17
Role |
| 3498e952-d568-435e-9b2c-8d77e338d7f7 | Azure Kubernetes Service RBAC Admin | Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces. | add | 2020-07-03 14:58:03
Role |
| a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb | Azure Kubernetes Service RBAC Writer | Lets you update everything in cluster/namespace, except resource quotas, namespaces, pod security policies, certificate signing requests, (cluster)roles and (cluster)role bindings. | add | 2020-07-03 14:58:03
Role |
| b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b | Azure Kubernetes Service RBAC Cluster Admin | Lets you manage all resources in the cluster. | add | 2020-07-03 14:58:03
Role |
| 7f6c6a51-bcf8-42ba-9220-52d62157d7db | Azure Kubernetes Service RBAC Reader | Lets you view all resources in cluster/namespace, except secrets. | add | 2020-07-03 14:58:03
Role |
| 5b999177-9696-4545-85c7-50de3797e5a1 | Azure Arc Kubernetes Writer | Lets you update everything in cluster/namespace, except (cluster)roles and (cluster)role bindings. | add | 2020-06-15 15:35:59
Role |
| 8393591c-06b9-48a2-a542-1bd6b377f6a2 | Azure Arc Kubernetes Cluster Admin | Lets you manage all resources in the cluster. | add | 2020-06-15 15:35:59
Role |
| dffb1e0c-446f-4dde-a09f-99eb5cc68b96 | Azure Arc Kubernetes Admin | Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces. | add | 2020-06-15 15:35:59
Role |
| 63f0a09d-1495-4db4-a681-037d84835eb4 | Azure Arc Kubernetes Viewer | Lets you view all resources in cluster/namespace, except secrets. | add | 2020-06-15 15:35:59
Role |
| e147488a-f6f5-4113-8e2d-b22465e65bf6 | Key Vault Crypto Service Encryption (preview) | Can read metadata of keys and perform wrap/unwrap operations. | add | 2020-05-21 16:07:05
Role |
| 4633458b-17de-408a-b874-0445c86b69e6 | Key Vault Secrets User (preview) | Can read secret contents. | add | 2020-05-19 20:42:36
Role |
| a4417e6f-fecd-4de8-b567-7b0420556985 | Key Vault Certificates Officer (preview) | Can perform any action on the certificates of a key vault, except manage permissions. | add | 2020-05-19 20:42:36
Role |
| 14b46e9e-c2b7-41b4-b07b-48a6ebf60603 | Key Vault Crypto Officer (preview) | Can perform any action on the keys of a key vault, except manage permissions. | add | 2020-05-19 20:42:36
Role |
| 00482a5a-887f-4fb3-b363-3b7fe8e74483 | Key Vault Administrator (preview) | Can perform any action on certificates, keys and secrets of a key vault, except manage permissions. | add | 2020-05-19 20:42:36
Role |
| b86a8fe4-44ce-4948-aee5-eccb2c155cd7 | Key Vault Secrets Officer (preview) | Can perform any action on the secrets of a key vault, except manage permissions. | add | 2020-05-19 20:42:36
Role |
| 12338af0-0e69-4776-bea7-57ae8d297424 | Key Vault Crypto User (preview) | Can perform cryptographic operations on keys and certificates. | add | 2020-05-19 20:42:36
Role |
| 21090545-7ca7-4776-b22c-e363652d74d2 | Key Vault Reader (preview) | Can read metadata of key vaults and its certificates, keys and secrets. Cannot read sensitive values such as secret contents or key material. | add | 2020-05-19 20:42:36
Role |
| 93586559-c37d-4a6b-ba08-b9f0940c2d73 | Cognitive Services Custom Vision Reader | Read-only actions in the project. Readers can't create or update the project. | add | 2020-05-09 14:57:51
Role |
| 88424f51-ebe7-446f-bc41-7fa16989e96c | Cognitive Services Custom Vision Labeler | View, edit training images and create, add, remove, or delete the image tags. Labelers can view the project but can't update anything other than training images and tags. | add | 2020-05-09 14:57:51
Role |
| 0a5ae4ab-0d65-4eeb-be61-29fc9b54394b | Cognitive Services Custom Vision Trainer | View, edit projects and train the models, including the ability to publish, unpublish, export the models. Trainers can't create or delete the project. | add | 2020-05-09 14:57:51
Role |
| c1ff6cc2-c111-46fe-8896-e0ef812ad9f3 | Cognitive Services Custom Vision Contributor | Full access to the project, including the ability to view, create, edit, or delete projects. | add | 2020-05-09 14:57:51
Role |
| 5c4089e1-6d96-4d2f-b296-c1bc7137275f | Cognitive Services Custom Vision Deployment | Publish, unpublish or export models. Deployment can view the project but can't update. | add | 2020-05-09 14:57:51
Role |
| 8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204 | Azure Maps Data Contributor | Grants access to read, write, and delete access to map related data from an Azure maps account. | add | 2020-05-08 05:22:07
Role |
| 466ccd10-b268-4a11-b098-b4849f024126 | Cognitive Services QnA Maker Reader | Let's you read and test a KB only. | change | 2020-05-04 15:11:45
DisplayName |
| f4cc2bf9-21be-47a1-bdf1-5c5804381025 | Cognitive Services QnA Maker Editor | Let's you create, edit, import and export a KB. You cannot publish or delete a KB. | change | 2020-05-04 15:11:45
DisplayName |
| 423170ca-a8f6-4b0f-8487-9e4eb8f49bfa | Azure Maps Data Reader | Grants access to read map related data from an Azure maps account. | change | 2020-04-29 16:42:26
DisplayName |
| aefefa01-2a29-4197-83a8-2828f33ce315 | Tenant registration role | Service role used by RP's for tenant level registration | remove | 2020-04-24 19:20:22
Role |
| ed4b1625-bac7-4b49-8578-127fc3440d25 | Experiment Administrator | Experiment Administrator | remove | 2020-04-23 15:06:19
Role |
| 49632ef5-d9ac-41f4-b8e7-bbe587fa74a1 | Experimentation Reader | Experimentation Reader | change | 2020-04-23 15:06:19
DisplayName |
| aefefa01-2a29-4197-83a8-2828f33ce315 | Tenant registration role | Service role used by RP's for tenant level registration | add | 2020-04-23 15:06:19
Role |
| 70ea1423-466c-4e7b-a2ee-f1206ef2072d | Experiment Contributor | Experiment Contributor | remove | 2020-04-23 15:06:19
Role |
| 4dd61c23-6743-42fe-a388-d8bdd41cb745 | Object Understanding Account Owner | Provides user with ingestion capabilities for Azure Object Understanding. | add | 2020-04-23 15:06:19
Role |
| b879ac78-f1e6-448d-ab4c-5908cd5967c1 | VSOnline Virtual Network Service Role | This role will have access to customer's virtual networks, nics, and public ips. It used by VSOnline to deploy VMs into customer's virtual network | remove | 2020-03-28 01:22:25
Role |
| 49632ef5-d9ac-41f4-b8e7-bbe587fa74a1 | Experiment Operator | Experiment Operator | change | 2020-03-28 01:22:25
DisplayName |
| 70ea1423-466c-4e7b-a2ee-f1206ef2072d | Experiment Contributor | Experiment Contributor | add | 2020-03-26 18:26:05
Role |
| 49632ef5-d9ac-41f4-b8e7-bbe587fa74a1 | Experimentation Operator | Experiment Operator | add | 2020-03-26 18:26:05
Role |
| ed4b1625-bac7-4b49-8578-127fc3440d25 | Experiment Administrator | Experiment Administrator | add | 2020-03-26 18:26:05
Role |
| 3f88fce4-5892-4214-ae73-ba5294559913 | FHIR Data Writer | Role allows user or principal to read and write FHIR Data | add | 2020-03-18 07:39:13
Role |
| 3db33094-8700-4567-8da5-1501d4e7e843 | FHIR Data Exporter | Role allows user or principal to read FHIR Data | add | 2020-03-18 07:39:13
Role |
| 5a1fc7df-4bf1-4951-a576-89034ee01acd | FHIR Data Contributor | Role allows user or principal full access to FHIR Data | add | 2020-03-18 07:39:13
Role |
| 4c8d0bbc-75d3-4935-991f-5f3c56d81508 | FHIR Data Reader | Role allows user or principal to read FHIR Data | add | 2020-03-18 07:39:13
Role |
| b879ac78-f1e6-448d-ab4c-5908cd5967c1 | VSOnline Virtual Network Service Role | This role will have access to customer's virtual networks, nics, and public ips. It used by VSOnline to deploy VMs into customer's virtual network | add | 2020-03-14 15:10:08
Role |
| 350f8d15-c687-4448-8ae1-157740a3936d | Hierarchy Settings Administrator | Allows users to edit and delete Hierarchy Settings | add | 2020-03-14 15:10:08
Role |
| bcd981a7-7f74-457b-83e1-cceb9e632ffe | Azure Digital Twins Owner (Preview) | Full access role for Digital Twins data-plane | add | 2020-03-11 05:47:56
Role |
| d57506d4-4c8d-48b1-8587-93c323f6a5a3 | Azure Digital Twins Reader (Preview) | Read-only role for Digital Twins data-plane properties | add | 2020-03-11 05:47:56
Role |
| ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8 | Azure Kubernetes Service Contributor Role | Grants access to read and write Azure Kubernetes Service clusters | add | 2020-02-28 09:58:27
Role |
| dd920d6d-f481-47f1-b461-f338c46b2d9f | Marketplace Admin | Administrator of marketplace resource provider | add | 2020-02-27 09:26:20
Role |
| c7aa55d3-1abb-444a-a5ca-5e51e485d6ec | Integration Service Environment Developer | Allows developers to create and update workflows, integration accounts and API connections in integration service environments. | add | 2020-02-21 00:11:51
Role |
| a41e2c5b-bd99-4a07-88f4-9bf657a760b8 | Integration Service Environment Contributor | Lets you manage integration service environments, but not access to them. | add | 2020-02-21 00:11:51
Role |
| 4a9ae827-6dc8-4573-8ac7-8239d42aa03f | Tag Contributor | Lets you manage tags on entities, without providing access to the entities themselves. | add | 2020-02-19 09:00:33
Role |
| 612c2aa1-cb24-443b-ac28-3ab7272de6f5 | Security Assessment Contributor | Lets you push assessments to Security Center | add | 2020-02-13 13:58:05
Role |
| 34e09817-6cbe-4d01-b1a2-e0eac5743d41 | Kubernetes Cluster - Azure Arc Onboarding | Role definition to authorize any user/service to create connectedClusters resource | change | 2020-02-11 08:11:18
DisplayName |
| 641177b8-a67a-45b9-a033-47bc880bb21e | Managed Application Contributor Role | Allows for creating managed application resources. | add | 2020-02-08 03:50:49
Role |
| 0b072326-6884-49b7-a53d-ae6aa62260ff | MLC Service Role | This role defines permissions for control plane actions by the Machine Learning Compute (MLC) service. | remove | 2020-01-30 21:07:35
Role |
| 3df8b902-2a6f-47c7-8cc5-360e9b272a7e | Remote Rendering Administrator | Provides user with conversion, manage session, rendering and diagnostics capabilities for Azure Remote Rendering | add | 2020-01-24 05:21:10
Role |
| d39065c4-c120-43c9-ab0a-63eed9795f0a | Remote Rendering Client | Provides user with manage session, rendering and diagnostics capabilities for Azure Remote Rendering. | add | 2020-01-24 05:21:10
Role |
| 7f646f1b-fa08-80eb-a33b-edd6ce5c915c | Experimentation Administrator | Experimentation Administrator | add | 2019-12-19 07:49:46
Role |
| f4cc2bf9-21be-47a1-bdf1-5c5804381025 | QnA Maker Editor | add | 2019-12-18 15:43:34
Role |
|
| 466ccd10-b268-4a11-b098-b4849f024126 | QnA Maker Reader | add | 2019-12-18 15:43:34
Role |
|
| 7f646f1b-fa08-80eb-a22b-edd6ce5c915c | Experimentation Contributor | Experimentation Contributor | add | 2019-12-17 15:43:46
Role |
| 34e09817-6cbe-4d01-b1a2-e0eac5743d41 | Kubernetes Cluster - Azure Arc Onborading | Role definition to authorize any user/service to create connectedClusters resource | change | 2019-12-13 11:23:49
DisplayName |
| 0b072326-6884-49b7-a53d-ae6aa62260ff | MLC Service Role | This role defines permissions for control plane actions by the Machine Learning Compute (MLC) service. | add | 2019-11-26 15:41:35
Role |
| 36243c78-bf99-498c-9df9-86d9f8d28608 | Resource Policy Contributor | Users with rights to create/modify resource policy, create support ticket and read resources/hierarchy. | change | 2019-11-20 21:32:41
DisplayName |
| 5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b | App Configuration Data Owner | Allows full access to App Configuration data. | add | 2019-10-26 02:15:31
Role |
| 516239f1-63e1-4d78-a4de-a74fb236a071 | App Configuration Data Reader | Allows read access to App Configuration data. | add | 2019-10-26 02:15:31
Role |
| 91c1777a-f3dc-4fae-b103-61d183457e46 | Managed Services Registration assignment Delete Role | Managed Services Registration Assignment Delete Role allows the managing tenant users to delete the registration assignment assigned to their tenant. | add | 2019-10-24 02:15:32
Role |
| b64e21ea-ac4e-4cdf-9dc9-5b892992bee7 | Azure Connected Machine Onboarding | Can onboard Azure Connected Machines. | add | 2019-10-24 02:15:32
Role |
| 7f646f1b-fa07-40eb-a22b-edd6ce5c915c | Altretya test Service Role | Altretya test | remove | 2019-10-24 02:15:32
Role |
| cd570a14-e51a-42ad-bac8-bafd67325302 | Azure Connected Machine Resource Administrator | Can read, write, delete and re-onboard Azure Connected Machines. | add | 2019-10-24 02:15:32
Role |
| 7f646f1b-fa07-40eb-a22b-edd6ce5c915c | Altretya test Service Role | Altretya test | add | 2019-10-07 13:33:12
Role |