last sync: 2021-Oct-15 16:53:14 UTC

Changes on Azure RBAC Role definitions

Id DisplayName Description Details (UTC ymd) (i)
8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204 Azure Maps Data Contributor Grants access to read, write, and delete access to map related data from an Azure maps account.
2021-10-13 16:30:51
change DataActions
dba33070-676a-4fb0-87fa-064dc56ff7fb Azure Maps Contributor Grants access all Azure Maps resource management.
2021-10-04 15:27:18
add Role
6be48352-4f82-47c9-ad5e-0acacefdb005 Azure Maps Search and Render Data Reader Grants access to very limited set of data APIs for common visual web SDK scenarios. Specifically, render and search data APIs.
2021-10-04 15:27:18
add Role
9980e02c-c2be-4d73-94e8-173b1dc7cf3c Virtual Machine Contributor Lets you manage virtual machines, but not access to them, and not the virtual network or storage account they're connected to.
2021-10-01 15:34:12
change Actions
60fc6e62-5479-42d4-8bf4-67625fcc2840 Disk Pool Operator Used by the StoragePool Resource Provider to manage Disks added to a Disk Pool.
2021-09-14 15:45:54
add Role
fd53cd77-2268-407a-8f46-7e7863d0f521 SignalR REST API Owner Full access to Azure SignalR Service REST APIs
2021-09-13 16:35:21
change DisplayName, Description, DataActions
6ae96244-5829-4925-a7d3-5975537d91dd Azure VM Managed identities restore Contributor Azure VM Managed identities restore Contributors are allowed to perform Azure VM Restores with managed identities both user and system
2021-09-13 16:35:21
add Role
494ae006-db33-4328-bf46-533a6560a3ca Site Recovery Operator Lets you failover and failback but not perform other Site Recovery management operations
2021-09-10 15:51:14
change Actions
1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf Stream Analytics Query Tester Lets you perform query testing without creating a stream analytics job first
2021-09-08 15:40:07
change Actions
a06f5c24-21a7-4e1a-aa2b-f19eb6684f5b Azure Spring Cloud Config Server Contributor Allow read, write and delete access to Azure Spring Cloud Config Server
2021-09-06 17:54:17
add Role
dbaa88c4-0c30-4179-9fb3-46319faa6149 Site Recovery Reader Lets you view Site Recovery status but not perform other management operations
2021-09-02 16:18:17
change Actions
6670b86e-a3f7-4917-ac9b-5d6ab1be4567 Site Recovery Contributor Lets you manage Site Recovery service except vault creation and role assignment
2021-09-02 16:18:17
change Actions
1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf Stream Analytics Query Tester Lets you perform query testing without creating a stream analytics job first
2021-09-01 15:00:06
change Actions
f353d9bd-d4a6-484e-a77a-8050b599b867 Automation Contributor Manage azure automation resources and other resources using azure automation.
2021-09-01 15:00:06
change Actions
d04c6db6-4947-4782-9e91-30a88feb7be7 Azure Spring Cloud Config Server Reader Allow read access to Azure Spring Cloud Config Server
2021-08-26 16:23:33
add Role
cff1b556-2399-4e7e-856d-a8f754be7b65 Azure Spring Cloud Service Registry Reader Allow read access to Azure Spring Cloud Service Registry
2021-08-20 15:48:24
add Role
f5880b48-c26d-48be-b172-7927bfa1c8f1 Azure Spring Cloud Service Registry Contributor Allow read, write and delete access to Azure Spring Cloud Service Registry
2021-08-20 15:48:24
add Role
9980e02c-c2be-4d73-94e8-173b1dc7cf3c Virtual Machine Contributor Lets you manage virtual machines, but not access to them, and not the virtual network or storage account they're connected to.
2021-08-19 16:32:19
change Actions
2837e146-70d7-4cfd-ad55-7efa6464f958 CodeSigning Certificate Profile Signer Sign files with a certificate profile. This role is in preview and subject to change.
2021-08-17 16:31:35
add Role
a79a5197-3a5c-4973-a920-486035ffd60f Grafana Editor Built-in Grafana Editor role
2021-08-13 17:07:50
add Role
22926164-76b3-42b3-bc55-97df8dab3e41 Grafana Admin Built-in Grafana admin role
2021-08-13 17:07:50
add Role
60921a7e-fef1-4a43-9b16-a26c52ad4769 Grafana Viewer Built-in Grafana Viewer role
2021-08-13 17:07:50
add Role
fb1c8493-542b-48eb-b624-b4c8fea62acd Security Admin Security Admin Role
2021-08-12 19:47:01
change NotActions
39bc4728-0917-49c7-9d2c-d95423bc2eb4 Security Reader Security Reader Role
2021-08-12 19:47:01
change Actions
85cb6faf-e071-4c9b-8136-154b5a04f717 Kubernetes Extension Contributor Can create, update, get, list and delete Kubernetes Extensions, and get extension async operations
2021-08-11 15:29:45
add Role
dfce44e4-17b7-4bd1-a6d1-04996ec95633 Device Provisioning Service Data Contributor Allows for full access to Device Provisioning Service data-plane operations.
2021-08-09 22:29:09
add Role
10745317-c249-44a1-a5ce-3a4353c0bbd8 Device Provisioning Service Data Reader Allows for full read access to Device Provisioning Service data-plane properties.
2021-08-09 22:29:09
add Role
f353d9bd-d4a6-484e-a77a-8050b599b867 Automation Contributor Manage azure automation resources and other resources using azure automation.
2021-08-09 19:32:28
add Role
15e0f5a1-3450-4248-8e25-e2afe88a9e85 Test Base Reader Let you view and download packages and test results.
2021-08-06 15:06:08
change Actions
1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf Stream Analytics Query Tester Lets you perform query testing without creating a stream analytics job first
2021-08-06 15:06:08
change Actions
92aaf0da-9dab-42b6-94a3-d43ce8d16293 Log Analytics Contributor Log Analytics Contributor can read all monitoring data and edit monitoring settings. Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; adding solutions; and configuring Azure diagnostics on all Azure resources.
2021-08-06 15:06:08
change Description, Actions
8d289c81-5878-46d4-8554-54e1e3d8b5cb Azure Sentinel Reader Azure Sentinel Reader
2021-08-05 14:48:34
change Actions
ab8e14d6-4a74-4a29-9ba8-549422addade Azure Sentinel Contributor Azure Sentinel Contributor
2021-08-05 14:48:34
change Actions
3e150937-b8fe-4cfb-8069-0eaf05ecd056 Azure Sentinel Responder Azure Sentinel Responder
2021-08-05 14:48:34
change Actions
25fbc0a9-bd7c-42a3-aa1a-3b75d497ee68 Cognitive Services Contributor Lets you create, read, update, delete and manage keys of Cognitive Services.
2021-08-03 20:37:08
change Actions
1c0163c0-47e6-4577-8991-ea5c82e286e4 Virtual Machine Administrator Login View Virtual Machines in the portal and login as administrator
2021-08-02 15:58:24
change Actions, DataActions
fb879df8-f326-4884-b1cf-06f3ad86be52 Virtual Machine User Login View Virtual Machines in the portal and login as a regular user.
2021-08-02 15:58:24
change Actions, DataActions
f2dc8367-1007-4938-bd23-fe263f013447 Cognitive Services Speech User Access to the real-time speech recognition and batch transcription APIs, real-time speech synthesis and long audio APIs, as well as to read the data/test/model/endpoint for custom models, but can't create, delete or modify the data/test/model/endpoint for custom models.
2021-07-29 15:40:44
change Description, DataActions, NotDataActions
0e75ca1e-0464-4b4d-8b93-68208a576181 Cognitive Services Speech Contributor Full access to Speech projects, including read, write and delete all entities, for real-time speech recognition and batch transcription tasks, real-time speech synthesis and long audio tasks, custom speech and custom voice.
2021-07-29 15:40:44
change Description, DataActions
7e4f1700-ea5a-4f59-8f37-079cfe29dce3 SignalR Service Owner Full access to Azure SignalR Service REST APIs
2021-07-29 15:40:44
change DisplayName, DataActions
26e0b698-aa6d-4085-9386-aadae190014d Azure Relay Listener Allows for listen access to Azure Relay resources.
2021-07-21 16:02:28
add Role
2787bf04-f1f5-4bfe-8383-c8a24483ee38 Azure Relay Owner Allows for full access to Azure Relay resources.
2021-07-20 17:09:18
add Role
26baccc8-eea7-41f1-98f4-1762cc7f685d Azure Relay Sender Allows for send access to Azure Relay resources.
2021-07-20 17:09:18
add Role
8508508a-4469-4e45-963b-2518ee0bb728 AgFood Platform Service Contributor Provides contribute access to AgFood Platform Service
2021-07-19 14:20:08
change NotDataActions
3db33094-8700-4567-8da5-1501d4e7e843 FHIR Data Exporter Role allows user or principal to read and export FHIR Data
2021-07-19 14:20:08
change DataActions
e8113dce-c529-4d33-91fa-e9b972617508 Azure Connected SQL Server Onboarding Microsoft.AzureArcData service role to access the resources of Microsoft.AzureArcData stored with RPSAAS.
2021-07-19 14:20:08
add Role
f6c7c914-8db3-469d-8ca1-694a8f32e121 AzureML Data Scientist Can perform all actions within an Azure Machine Learning workspace, except for creating or deleting compute resources and modifying the workspace itself.
2021-07-15 16:24:54
add Role
60fc6e62-5479-42d4-8bf4-67625fcc2840 Disk Pool Operator Used by the StoragePool Resource Provider to manage Disks added to a Disk Pool.
2021-07-12 16:24:45
remove Role
39bc4728-0917-49c7-9d2c-d95423bc2eb4 Security Reader Security Reader Role
2021-07-12 16:24:45
change Actions
3f88fce4-5892-4214-ae73-ba5294559913 FHIR Data Writer Role allows user or principal to read and write FHIR Data
2021-07-09 14:39:01
change DataActions, NotDataActions
60fc6e62-5479-42d4-8bf4-67625fcc2840 Disk Pool Operator Used by the StoragePool Resource Provider to manage Disks added to a Disk Pool.
2021-07-09 14:39:01
add Role
4c8d0bbc-75d3-4935-991f-5f3c56d81508 FHIR Data Reader Role allows user or principal to read FHIR Data
2021-07-09 14:39:01
change DataActions
a1705bd2-3a8f-45a5-8683-466fcfd5cc24 FHIR Data Converter Role allows user or principal to convert data from legacy format to FHIR
2021-07-09 14:39:01
change DataActions
5a1fc7df-4bf1-4951-a576-89034ee01acd FHIR Data Contributor Role allows user or principal full access to FHIR Data
2021-07-09 14:39:01
change DataActions
fb1c8493-542b-48eb-b624-b4c8fea62acd Security Admin Security Admin Role
2021-07-08 14:19:50
change Actions
c8d4ff99-41c3-41a8-9f60-21dfdad59608 AcrQuarantineWriter acr quarantine data writer
2021-07-07 15:26:33
change DataActions
d5a91429-5739-47e2-a06b-3470a27159e7 EventGrid Data Sender Allows send access to event grid events.
2021-07-05 14:23:05
add Role
6cef56e8-d556-48e5-a04f-b8e64114680f AcrImageSigner acr image signer
2021-06-24 14:29:36
change DataActions
cdda3590-29a3-44f6-95f2-9f980659eb04 AcrQuarantineReader acr quarantine data reader
2021-06-24 14:29:36
change DataActions
e89c7a3c-2f64-4fa1-a847-3e4c9ba4283a DICOM Data Reader Read and search DICOM data.
2021-06-18 14:19:53
add Role
58a3b984-7adf-4c20-983a-32417c86fbc8 DICOM Data Owner Full access to DICOM data.
2021-06-18 14:19:53
add Role
0a9a7e1f-b9d0-4cc4-a60d-0319b160aaa3 Storage Table Data Contributor Allows for read, write and delete access to Azure Storage tables and entities
2021-06-15 14:06:27
add Role
76199698-9eea-4c19-bc75-cec21354c6b6 Storage Table Data Reader Allows for read access to Azure Storage tables and entities
2021-06-15 14:06:27
add Role
00c29273-979b-4161-815c-10b084fb9324 Backup Operator Lets you manage backup services, except removal of backup, vault creation and giving access to others
2021-06-14 13:58:52
change Actions
5e467623-bb1f-42f4-a55d-6e525e11384b Backup Contributor Lets you manage backup service,but can't create vaults and give access to others
2021-06-14 13:58:52
change Actions
a795c7a0-d4a2-40c1-ae25-d81f01202912 Backup Reader Can view backup services, but can't make changes
2021-06-10 15:19:34
change Actions
9b7fa17d-e63e-47b0-bb0a-15c516ac86ec SQL DB Contributor Lets you manage SQL databases, but not access to them. Also, you can't manage their security-related policies or their parent SQL servers.
2021-06-10 15:19:34
change NotActions
cd570a14-e51a-42ad-bac8-bafd67325302 Azure Connected Machine Resource Administrator Can read, write, delete and re-onboard Azure Connected Machines.
2021-06-09 16:50:31
change Actions
8ebe5a00-799e-43f5-93ac-243d3dce84a7 Search Index Data Contributor Grants full access to Azure Cognitive Search index data.
2021-06-02 22:45:24
add Role
1407120a-92aa-4202-b7e9-c0e197c71c8f Search Index Data Reader Grants read access to Azure Cognitive Search index data.
2021-06-02 22:45:24
add Role
a795c7a0-d4a2-40c1-ae25-d81f01202912 Backup Reader Can view backup services, but can't make changes
2021-05-25 14:52:54
change Actions
a37b566d-3efa-4beb-a2f2-698963fa42ce Security Detonation Chamber Submission Manager Allowed to create and manage submissions to Security Detonation Chamber
2021-05-24 17:13:01
change DataActions
0b555d9b-b4a7-4f43-b330-627f0e5be8f0 Security Detonation Chamber Submitter Allowed to create submissions to Security Detonation Chamber
2021-05-24 17:13:01
change DataActions
15e0f5a1-3450-4248-8e25-e2afe88a9e85 Test Base Reader Let you view and download packages and test results.
2021-05-12 14:41:18
add Role
99dba123-b5fe-44d5-874c-ced7199a5804 Media Services Streaming Endpoints Administrator Create, read, modify and delete Streaming Endpoints; read-only access to other Media Services resources.
2021-05-07 14:29:30
add Role
532bc159-b25e-42c0-969e-a1d439f60d77 Media Services Live Events Administrator Create, read and modify Live Events, Assets, Asset Filters and Streaming Locators; read-only access to other Media Services resources.
2021-05-07 14:29:30
add Role
c4bba371-dacd-4a26-b320-7250bca963ae Media Services Policy Administrator Create, read, modify, and delete Account Filters, Streaming Policies, Content Key Policies and Transforms; read-only access to other Media Services resources. Cannot create Jobs, Assets or Streaming resources.
2021-05-07 14:29:30
add Role
e4395492-1534-4db2-bedf-88c14621589c Media Services Media Operator Create, read, modify, and delete of Assets, Asset Filters, Streaming Locators and Jobs; read-only access to other Media Services resources.
2021-05-07 14:29:30
add Role
054126f8-9a2b-4f1c-a9ad-eca461f08466 Media Services Account Administrator Create, read, modify and delete Media Services accounts; read-only access to other Media Services resources.
2021-05-03 14:09:38
add Role
cd570a14-e51a-42ad-bac8-bafd67325302 Azure Connected Machine Resource Administrator Can read, write, delete and re-onboard Azure Connected Machines.
2021-04-29 16:55:26
change Actions
1ec5b3c1-b17e-4e25-8312-2acb3c3c5abf Stream Analytics Query Tester Lets you perform query testing without creating a stream analytics job first
2021-04-27 15:39:18
add Role
7a6f0e70-c033-4fb1-828c-08514e5f4102 Collaborative Runtime Operator Can manage resources created by AICS at runtime
2021-04-26 14:08:50
change Actions
494bdba2-168f-4f31-a0a1-191d2f7c028c Azure Iot?Hubs?Twin?Contributor Allows for read and write access to all Azure IoT Hubs device and module twins.
2021-04-23 13:42:10
add Role
4fc6c259-987e-4a07-842e-c321cc9d413f Azure Iot?Hubs?Data?Contributor Allows for full access to Azure IoT Hubs data plane operations.
2021-04-23 13:42:10
add Role
4ea46cd5-c1b2-4a8e-910b-273211f9ce47 Azure Iot Hubs Registry Contributor Allows for full access to Azure IoT Hubs device registry.
2021-04-23 13:42:10
add Role
b447c946-2db7-41ec-983d-d8bf3b1c77e3 Azure Iot Hubs Data Reader Allows for full read access to Azure Iot Hubs data-plane properties
2021-04-23 13:42:10
add Role
a2138dac-4907-4679-a376-736901ed8ad8 AnyBuild Builder Basic user role for AnyBuild. This role allows listing of agent information and execution of remote build capabilities.
2021-04-21 13:28:47
add Role
9894cab4-e18a-44aa-828b-cb588cd6f2d7 Cognitive Services Face Recognizer Lets you perform detect, verify, identify, group, and find similar operations on Face API. This role does not allow create or delete operations, which makes it well suited for endpoints that only need inferencing capabilities, following 'least privilege' best practices.
2021-03-31 14:35:06
add Role
0e75ca1e-0464-4b4d-8b93-68208a576181 Cognitive Services Speech Contributor This is a role that can read, write and delete all speech resources.
2021-03-30 13:51:32
add Role
f2dc8367-1007-4938-bd23-fe263f013447 Cognitive Services Speech User This is a role that can create, read, change and delete batch transcriptions, do real time transcriptions and list or get other speech resources.
2021-03-30 13:51:32
add Role
b5537268-8956-4941-a8f0-646150406f0c Azure Spring Cloud Data Reader Allow read access to Azure Spring Cloud Data
2021-03-25 15:40:30
add Role
12cf5a90-567b-43ae-8102-96cf46c7d9b4 Web PubSub Service Owner (Preview) Full access to Azure Web PubSub Service REST APIs
2021-03-24 14:32:47
add Role
b64e21ea-ac4e-4cdf-9dc9-5b892992bee7 Azure Connected Machine Onboarding Can onboard Azure Connected Machines.
2021-03-24 14:32:47
change Actions
cd570a14-e51a-42ad-bac8-bafd67325302 Azure Connected Machine Resource Administrator Can read, write, delete and re-onboard Azure Connected Machines.
2021-03-24 14:32:47
change Actions
7e4f1700-ea5a-4f59-8f37-079cfe29dce3 SignalR Service Owner (Preview) Full access to Azure SignalR Service REST APIs
2021-03-24 14:32:47
change DataActions
bfb1c7d2-fb1a-466b-b2ba-aee63b92deaf Web PubSub Service Reader (Preview) Read-only access to Azure Web PubSub Service REST APIs
2021-03-24 14:32:47
add Role
daa9e50b-21df-454c-94a6-a8050adab352 Collaborative Data Contributor Can manage data packages of a collaborative.
2021-03-17 17:26:57
change Actions
d17ce0a2-0697-43bc-aac5-9113337ab61c WorkloadBuilder Migration Agent Role WorkloadBuilder Migration Agent Role.
2021-03-12 15:32:19
add Role
466ccd10-b268-4a11-b098-b4849f024126 Cognitive Services QnA Maker Reader Let's you read and test a KB only.
2021-03-11 15:16:45
change DataActions
f4cc2bf9-21be-47a1-bdf1-5c5804381025 Cognitive Services QnA Maker Editor Let's you create, edit, import and export a KB. You cannot publish or delete a KB.
2021-03-11 15:16:45
change DataActions
6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437 SQL Server Contributor Lets you manage SQL servers and databases, but not access to them, and not their security -related policies.
2021-03-09 14:37:39
change NotActions
056cd41c-7e88-42e1-933e-88ba6a50c9c3 SQL Security Manager Lets you manage the security-related policies of SQL servers and databases, but not access to them.
2021-03-09 14:37:39
change Actions
7f646f1b-fa08-80eb-a33b-edd6ce5c915c Experimentation Administrator Experimentation Administrator
2021-03-08 14:55:25
change Actions
352470b3-6a9c-4686-b503-35deb827e500 Security Detonation Chamber Publisher Allowed to publish and modify platforms, workflows and toolsets to Security Detonation Chamber
2021-03-08 14:55:25
change DataActions
7f646f1b-fa08-80eb-a22b-edd6ce5c915c Experimentation Contributor Experimentation Contributor
2021-03-08 14:55:25
change DataActions
6188b7c9-7d01-4f99-a59f-c88b630326c0 Experimentation Metric Contributor Allows for creation, writes and reads to the metric set via the metrics service APIs.
2021-03-08 14:55:25
change DisplayName, Actions, DataActions
ca0835dd-bacc-42dd-8ed2-ed5e7230d15b Object Anchors Account Owner Provides user with ingestion capabilities for an object anchors account.
2021-03-02 15:11:43
add Role
4a167cdf-cb95-4554-9203-2347fe489bd9 Object Anchors Account Reader Lets you read ingestion jobs for an object anchors account.
2021-03-02 15:11:43
add Role
28241645-39f8-410b-ad48-87863e2951d5 Security Detonation Chamber Reader Allowed to query submission info and files from Security Detonation Chamber
2021-03-01 15:42:30
add Role
230815da-be43-4aae-9cb4-875f7bd000aa Cosmos DB Operator Lets you manage Azure Cosmos DB accounts, but not access data in them. Prevents access to account keys and connection strings.
2021-02-26 14:41:31
change NotActions
056cd41c-7e88-42e1-933e-88ba6a50c9c3 SQL Security Manager Lets you manage the security-related policies of SQL servers and databases, but not access to them.
2021-02-15 15:24:20
change Actions
1e241071-0855-49ea-94dc-649edcd759de EventGrid Contributor Lets you manage EventGrid operations.
2021-02-11 14:23:07
change Actions
b8b15564-4fa6-4a59-ab12-03e1d9594795 Autonomous Development Platform Data Contributor (Preview) Grants permissions to upload and manage new Autonomous Development Platform measurements.
2021-02-09 14:46:34
change DataActions
d63b75f7-47ea-4f27-92ac-e0d173aaf093 Autonomous Development Platform Data Reader (Preview) Grants read access to Autonomous Development Platform data.
2021-02-09 14:46:34
change DataActions
27f8b550-c507-4db9-86f2-f4b8e816d59d Autonomous Development Platform Data Owner (Preview) Grants full access to Autonomous Development Platform data.
2021-02-09 14:46:34
change DataActions
1e241071-0855-49ea-94dc-649edcd759de EventGrid Contributor Lets you manage EventGrid operations.
2021-02-09 14:46:34
add Role
7a6f0e70-c033-4fb1-828c-08514e5f4102 Collaborative Runtime Operator Can manage resources created by AICS at runtime
2021-02-08 14:18:19
change Actions
0e5f05e5-9ab9-446b-b98d-1e2157c94125 Quota Request Operator Role Role to read and create Quota Requests and get Quota Request Status.
2021-02-05 15:19:18
change Actions
ba92f5b4-2d11-453d-a403-e96b0029c9fe Storage Blob Data Contributor Allows for read, write and delete access to Azure Storage blob containers and data
2021-02-04 14:17:50
change DataActions
0e5f05e5-9ab9-446b-b98d-1e2157c94125 Quota Request Operator Role Role to read and create Quota Requests and get Quota Request Status.
2021-02-03 15:09:04
add Role
7f646f1b-fa08-80eb-a33b-edd6ce5c915c Experimentation Administrator Experimentation Administrator
2021-02-03 15:09:04
change DataActions
6188b7c9-7d01-4f99-a59f-c88b630326c0 Metric Contributor Allows for creation, writes and reads to the metric set via the metrics service APIs.
2021-01-29 15:07:15
change DataActions
f4c81013-99ee-4d62-a7ee-b3f1f648599a Azure Sentinel Automation Contributor Azure Sentinel Automation Contributor
2021-01-26 16:07:29
change Actions
a1705bd2-3a8f-45a5-8683-466fcfd5cc24 FHIR Data Converter Role allows user or principal to convert data from legacy format to FHIR
2021-01-25 16:07:06
add Role
352470b3-6a9c-4686-b503-35deb827e500 Security Detonation Chamber Publisher Allowed to publish and modify platforms, workflows and toolsets to Security Detonation Chamber
2021-01-25 16:07:06
change DataActions
974c5e8b-45b9-4653-ba55-5f855dd0fb88 Storage Queue Data Contributor Allows for read, write, and delete access to Azure Storage queues and queue messages
2021-01-25 16:07:06
change DataActions
f4c81013-99ee-4d62-a7ee-b3f1f648599a Azure Sentinel Automation Contributor Azure Sentinel Automation Contributor
2021-01-25 16:07:06
add Role
0b555d9b-b4a7-4f43-b330-627f0e5be8f0 Security Detonation Chamber Submitter Allowed to create submissions to Security Detonation Chamber
2021-01-25 16:07:06
change DataActions
a37b566d-3efa-4beb-a2f2-698963fa42ce Security Detonation Chamber Submission Manager Allowed to create and manage submissions to Security Detonation Chamber
2021-01-25 16:07:06
change DataActions
5432c526-bc82-444a-b7ba-57c5b0b5b34f CosmosRestoreOperator Can perform restore action for Cosmos DB database account
2021-01-22 09:15:20
add Role
ae349356-3a1b-4a5e-921d-050484c6347e Application Insights Component Contributor Can manage Application Insights components
2021-01-20 16:06:17
change Actions
7a6f0e70-c033-4fb1-828c-08514e5f4102 Collaborative Runtime Operator Can manage resources created by AICS at runtime
2021-01-19 16:07:23
add Role
00c29273-979b-4161-815c-10b084fb9324 Backup Operator Lets you manage backup services, except removal of backup, vault creation and giving access to others
2021-01-19 16:07:23
change Actions
a37b566d-3efa-4beb-a2f2-698963fa42ce Security Detonation Chamber Submission Manager Allowed to create and manage submissions to Security Detonation Chamber
2021-01-18 16:05:49
add Role
7f646f1b-fa08-80eb-a22b-edd6ce5c915c Experimentation Contributor Experimentation Contributor
2021-01-18 16:05:49
change Actions
7f646f1b-fa08-80eb-a33b-edd6ce5c915c Experimentation Administrator Experimentation Administrator
2021-01-18 16:05:49
change Actions
352470b3-6a9c-4686-b503-35deb827e500 Security Detonation Chamber Publisher Allowed to publish and modify platforms, workflows and toolsets to Security Detonation Chamber
2021-01-18 16:05:49
add Role
49632ef5-d9ac-41f4-b8e7-bbe587fa74a1 Experimentation Reader Experimentation Reader
2021-01-12 16:06:58
change Actions
5548b2cf-c94c-4228-90ba-30851930a12f Microsoft.Kubernetes connected cluster role Microsoft.Kubernetes connected cluster role.
2021-01-08 16:05:47
add Role
7efff54f-a5b4-42b5-a1c5-5411624893ce Disk Snapshot Contributor Provides permission to backup vault to manage disk snapshots.
2021-01-06 16:06:44
change Actions
b8b15564-4fa6-4a59-ab12-03e1d9594795 Autonomous Development Platform Data Contributor (Preview) Grants permissions to upload and manage new Autonomous Development Platform measurements.
2021-01-05 16:06:49
change Description, DataActions, NotDataActions
39bc4728-0917-49c7-9d2c-d95423bc2eb4 Security Reader Security Reader Role
2021-01-04 16:05:39
change Actions
3e5e47e6-65f7-47ef-90b5-e5dd4d455f24 Disk Backup Reader Provides permission to backup vault to perform disk backup.
2020-12-18 16:05:51
change Actions
e147488a-f6f5-4113-8e2d-b22465e65bf6 Key Vault Crypto Service Encryption User (preview) Read metadata of keys and perform wrap/unwrap operations. Only works for key vaults that use the 'Azure role-based access control' permission model.
2020-12-18 16:05:51
change DisplayName, Actions
b50d9833-a0cb-478e-945f-707fcc997c13 Disk Restore Operator Provides permission to backup vault to perform disk restore.
2020-12-18 16:05:51
change Actions
7efff54f-a5b4-42b5-a1c5-5411624893ce Disk Snapshot Contributor Provides permission to backup vault to manage disk snapshots.
2020-12-18 16:05:51
change Actions
27f8b550-c507-4db9-86f2-f4b8e816d59d Autonomous Development Platform Data Owner (Preview) Grants full access to Autonomous Development Platform data.
2020-12-15 16:36:19
add Role
b8b15564-4fa6-4a59-ab12-03e1d9594795 Autonomous Development Platform Data Contributor (Preview) Grants permissions to manage Autonomous Development Platform data entities, but does not allow accessing the underlying data. Note that entity deletion is not permitted by this role.
2020-12-15 16:36:19
add Role
b50d9833-a0cb-478e-945f-707fcc997c13 Disk Restore Operator Provides permission to backup vault to perform disk restore.
2020-12-15 16:36:19
add Role
3e5e47e6-65f7-47ef-90b5-e5dd4d455f24 Disk Backup Reader Provides permission to backup vault to perform disk backup.
2020-12-15 16:36:19
add Role
d63b75f7-47ea-4f27-92ac-e0d173aaf093 Autonomous Development Platform Data Reader (Preview) Grants read access to Autonomous Development Platform data.
2020-12-15 16:36:19
add Role
7efff54f-a5b4-42b5-a1c5-5411624893ce Disk Snapshot Contributor Provides permission to backup vault to manage disk snapshots.
2020-12-15 16:36:19
add Role
0fa44ee9-7a7d-466b-9bb2-2bf446b1204d Desktop Virtualization Workspace Reader Reader of the Desktop Virtualization Workspace.
2020-12-14 15:13:28
add Role
2ad6aaab-ead9-4eaa-8ac5-da422f562408 Desktop Virtualization Session Host Operator Operator of the Desktop Virtualization Session Host.
2020-12-14 15:13:28
add Role
49a72310-ab8d-41df-bbb0-79b649203868 Desktop Virtualization Reader Reader of Desktop Virtualization.
2020-12-14 15:13:28
add Role
aebf23d0-b568-4e86-b8f9-fe83a2c6ab55 Desktop Virtualization Application Group Reader Reader of the Desktop Virtualization Application Group.
2020-12-14 15:13:28
add Role
ea4bfff8-7fb4-485a-aadd-d4129a0ffaa6 Desktop Virtualization User Session Operator Operator of the Desktop Virtualization Uesr Session.
2020-12-14 15:13:28
add Role
e307426c-f9b6-4e81-87de-d99efb3c32bc Desktop Virtualization Host Pool Contributor Contributor of the Desktop Virtualization Host Pool.
2020-12-14 15:13:28
add Role
21efdde3-836f-432b-bf3d-3e8e734d4b2b Desktop Virtualization Workspace Contributor Contributor of the Desktop Virtualization Workspace.
2020-12-14 15:13:28
add Role
86240b0e-9422-4c43-887b-b61143f32ba8 Desktop Virtualization Application Group Contributor Contributor of the Desktop Virtualization Application Group.
2020-12-14 15:13:28
add Role
c7aa55d3-1abb-444a-a5ca-5e51e485d6ec Integration Service Environment Developer Allows developers to create and update workflows, integration accounts and API connections in integration service environments.
2020-12-14 15:13:28
change Actions
082f0a83-3be5-4ba1-904c-961cca79b387 Desktop Virtualization Contributor Contributor of Desktop Virtualization.
2020-12-14 15:13:28
add Role
ceadfde2-b300-400a-ab7b-6143895aa822 Desktop Virtualization Host Pool Reader Reader of the Desktop Virtualization Host Pool.
2020-12-14 15:13:28
add Role
056cd41c-7e88-42e1-933e-88ba6a50c9c3 SQL Security Manager Lets you manage the security-related policies of SQL servers and databases, but not access to them.
2020-12-10 15:11:36
change Actions
72fafb9e-0641-4937-9268-a91bfd8191a3 Cost Management Reader Can view cost data and configuration (e.g. budgets, exports)
2020-12-08 15:44:03
change Actions
3e150937-b8fe-4cfb-8069-0eaf05ecd056 Azure Sentinel Responder Azure Sentinel Responder
2020-12-08 15:44:03
change Actions
434105ed-43f6-45c7-a02f-909b2ba83430 Cost Management Contributor Can view costs and manage cost configuration (e.g. budgets, exports)
2020-12-08 15:44:03
change Actions
ca6382a4-1721-4bcf-a114-ff0c70227b6b Application Group Contributor Contributor of the Application Group.
2020-12-07 15:13:35
change Actions
ca6382a4-1721-4bcf-a114-ff0c70227b6b Application Group Contributor Contributor of the Application Group.
2020-12-04 15:12:58
add Role
dd920d6d-f481-47f1-b461-f338c46b2d9f Marketplace Admin Administrator of marketplace resource provider
2020-11-28 17:50:16
remove Role
6188b7c9-7d01-4f99-a59f-c88b630326c0 Metric Contributor Allows for creation, writes and reads to the metric set via the metrics service APIs.
2020-11-24 15:34:53
change DataActions
c8d896ba-346d-4f50-bc1d-7d1c84130446 Project Babylon Data Reader The Microsoft.ProjectBabylon data reader can read catalog data objects. This role is in preview and subject to change.
2020-11-23 14:37:57
change DisplayName, Description, Actions
9ef4ef9c-a049-46b0-82ab-dd8ac094c889 Project Babylon Data Curator The Microsoft.ProjectBabylon data curator can create, read, modify and delete catalog data objects and establish relationships between objects. This role is in preview and subject to change.
2020-11-23 14:37:57
change DisplayName, Description, Actions
05b7651b-dc44-475e-b74d-df3db49fae0f Project Babylon Data Source Administrator The Microsoft.ProjectBabylon data source administrator can manage data sources and data scans. This role is in preview and subject to change.
2020-11-23 14:37:57
change DisplayName, Description, Actions
8a3c2885-9b38-4fd2-9d99-91af537c1347 Purview Data Curator Role Preview The Microsoft.Purview data curator can create, read, modify and delete catalog data objects and establish relationships between objects
2020-11-19 14:28:56
change Actions
ff100721-1b9d-43d8-af52-42b69c1272db Purview Data Reader Role Preview The Microsoft.Purview data reader can read catalog data objects
2020-11-19 14:28:56
change Actions
e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1 Storage Account Backup Contributor Role Storage Account Backup Contributors are allowed to perform backup and restore of Storage Account.
2020-11-19 14:28:56
change Actions
200bba9e-f0c8-430f-892b-6f0794863803 Purview Data Source Administrator Role Preview The Microsoft.Purview data source administrator can manage data sources and data scans
2020-11-19 14:28:56
change Actions
6188b7c9-7d01-4f99-a59f-c88b630326c0 Metric Contributor Allows for creation, writes and reads to the metric set via the metrics service APIs.
2020-11-18 18:53:03
change DisplayName, DataActions
749f88d5-cbae-40b8-bcfc-e573ddc772fa Monitoring Contributor Can read all monitoring data and update monitoring settings.
2020-11-18 18:53:03
change Actions
f2f79976-90be-4501-89c6-7caf12474683 Azure Data Cloud Lifter Management Grants full access to manage all resources in managed Resource Group.
2020-11-18 18:53:03
remove Role
05b7651b-dc44-475e-b74d-df3db49fae0f Project Babylon Data Source Administrator Role Preview The Microsoft.ProjectBabylon data source administrator can manage data sources and data scans
2020-11-16 13:39:23
add Role
ff100721-1b9d-43d8-af52-42b69c1272db Purview Data Reader Role Preview The Microsoft.Purview data reader can read catalog data objects
2020-11-16 13:39:23
add Role
9ef4ef9c-a049-46b0-82ab-dd8ac094c889 Project Babylon Data Curator Role Preview The Microsoft.ProjectBabylon data curator can create, read, modify and delete catalog data objects and establish relationships between objects
2020-11-16 13:39:23
add Role
8a3c2885-9b38-4fd2-9d99-91af537c1347 Purview Data Curator Role Preview The Microsoft.Purview data curator can create, read, modify and delete catalog data objects and establish relationships between objects
2020-11-16 13:39:23
add Role
200bba9e-f0c8-430f-892b-6f0794863803 Purview Data Source Administrator Role Preview The Microsoft.Purview data source administrator can manage data sources and data scans
2020-11-16 13:39:23
add Role
c8d896ba-346d-4f50-bc1d-7d1c84130446 Project Babylon Data Reader Role Preview The Microsoft.ProjectBabylon data reader can read catalog data objects
2020-11-16 13:39:23
add Role
e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1 Storage Account Backup Contributor Role Storage Account Backup Contributors are allowed to perform backup and restore of Storage Account.
2020-11-16 13:39:23
change Actions
e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1 Storage Account Backup Contributor Role Storage Account Backup Contributors are allowed to perform backup and restore of Storage Account.
2020-11-13 14:22:44
add Role
6188b7c9-7d01-4f99-a59f-c88b630326c0 Metric Contributor Service Role Allows for creation, writes and reads to the metric set via the metrics service APIs.
2020-11-12 14:32:48
add Role
b24988ac-6180-42a0-ab88-20f7382dd24c Contributor Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC.
2020-11-11 15:02:47
change NotActions
3e150937-b8fe-4cfb-8069-0eaf05ecd056 Azure Sentinel Responder Azure Sentinel Responder
2020-11-09 14:42:02
change NotActions
ab8e14d6-4a74-4a29-9ba8-549422addade Azure Sentinel Contributor Azure Sentinel Contributor
2020-11-04 15:39:11
change Actions
8d289c81-5878-46d4-8554-54e1e3d8b5cb Azure Sentinel Reader Azure Sentinel Reader
2020-11-04 15:39:11
change Actions
3e150937-b8fe-4cfb-8069-0eaf05ecd056 Azure Sentinel Responder Azure Sentinel Responder
2020-11-04 15:39:11
change Actions
dffb1e0c-446f-4dde-a09f-99eb5cc68b96 Azure Arc Kubernetes Admin Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces.
2020-11-03 14:38:31
change DataActions, NotDataActions
63f0a09d-1495-4db4-a681-037d84835eb4 Azure Arc Kubernetes Viewer Lets you view all resources in cluster/namespace, except secrets.
2020-11-03 14:38:31
change DataActions, NotDataActions
5b999177-9696-4545-85c7-50de3797e5a1 Azure Arc Kubernetes Writer Lets you update everything in cluster/namespace, except (cluster)roles and (cluster)role bindings.
2020-11-03 14:38:31
change DataActions, NotDataActions
635dd51f-9968-44d3-b7fb-6d9a6bd613ae AzureML Metrics Writer (preview) Lets you write metrics to AzureML workspace
2020-10-29 15:20:50
add Role
f2f79976-90be-4501-89c6-7caf12474683 Azure Data Cloud Lifter Management Grants full access to manage all resources in managed Resource Group.
2020-10-28 15:04:35
change Actions
8508508a-4469-4e45-963b-2518ee0bb728 AgFood Platform Service Contributor Provides contribute access to AgFood Platform Service
2020-10-27 14:13:08
change NotDataActions
f7b75c60-3036-4b75-91c3-6b41c27c1689 Reservation Purchaser Lets you purchase reservations
2020-10-26 14:19:04
add Role
7f6c6a51-bcf8-42ba-9220-52d62157d7db Azure Kubernetes Service RBAC Reader Allows read-only access to see most objects in a namespace. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.
2020-10-23 13:31:33
change Description, Actions, DataActions, NotDataActions
420fcaa2-552c-430f-98ca-3264be4806c7 SignalR App Server (Preview) Lets your app server access SignalR Service with AAD auth options.
2020-10-23 13:31:33
change DataActions
a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb Azure Kubernetes Service RBAC Writer Allows read/write access to most objects in a namespace.This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets and running Pods as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace. Applying this role at cluster scope will give access across all namespaces.
2020-10-23 13:31:33
change Description, Actions, DataActions, NotDataActions
fd53cd77-2268-407a-8f46-7e7863d0f521 SignalR Serverless Contributor (Preview) Lets your app access service in serverless mode with AAD auth options.
2020-10-23 13:31:33
change Description, DataActions
7e4f1700-ea5a-4f59-8f37-079cfe29dce3 SignalR Service Owner (Preview) Full access to Azure SignalR Service REST APIs
2020-10-23 13:31:33
change DataActions
6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437 SQL Server Contributor Lets you manage SQL servers and databases, but not access to them, and not their security -related policies.
2020-10-20 13:29:34
change NotActions
056cd41c-7e88-42e1-933e-88ba6a50c9c3 SQL Security Manager Lets you manage the security-related policies of SQL servers and databases, but not access to them.
2020-10-20 13:29:34
change Actions
9b7fa17d-e63e-47b0-bb0a-15c516ac86ec SQL DB Contributor Lets you manage SQL databases, but not access to them. Also, you can't manage their security-related policies or their parent SQL servers.
2020-10-20 13:29:34
change NotActions
f2f79976-90be-4501-89c6-7caf12474683 Azure Data Cloud Lifter Management Grants full access to manage all resources in managed Resource Group.
2020-10-20 13:29:34
add Role
0b555d9b-b4a7-4f43-b330-627f0e5be8f0 Security Detonation Chamber Submitter Allowed to create submissions to Security Detonation Chamber
2020-10-19 15:27:07
add Role
7e4f1700-ea5a-4f59-8f37-079cfe29dce3 SignalR Service Owner (Preview) Full access to Azure SignalR Service REST APIs
2020-10-13 13:23:37
add Role
ddde6b66-c0df-4114-a159-3618637b3035 SignalR Service Reader (Preview) Read-only access to Azure SignalR Service REST APIs
2020-10-13 13:23:37
add Role
82200a5b-e217-47a5-b665-6d8765ee745b Services Hub Operator Services Hub Operator allows you to perform all read, write, and deletion operations related to Services Hub Connectors.
2020-10-07 08:52:18
change Actions
4fe6d683-8411-4247-8525-b6b5b8a80669 Microsoft.ScVmm service role Microsoft.ScVmm service role.
2020-09-23 13:42:44
remove Role
18500a29-7fe2-46b2-a342-b16a415e101d Managed HSM contributor Lets you manage managed HSM pools, but not access to them.
2020-09-17 14:31:34
add Role
5dffeca3-4936-4216-b2bc-10343a5abb25 Schema Registry Contributor (Preview) Read, write, and delete Schema Registry groups and schemas.
2020-09-14 13:55:19
add Role
7ec7ccdc-f61e-41fe-9aaf-980df0a44eba AgFood Platform Service Reader Provides read access to AgFood Platform Service
2020-09-14 13:55:19
add Role
4fe6d683-8411-4247-8525-b6b5b8a80669 Microsoft.ScVmm service role Microsoft.ScVmm service role.
2020-09-14 13:55:19
add Role
8508508a-4469-4e45-963b-2518ee0bb728 AgFood Platform Service Contributor Provides contribute access to AgFood Platform Service
2020-09-14 13:55:19
add Role
2c56ea50-c6b3-40a6-83c0-9d98858bc7d2 Schema Registry Reader (Preview) Read and list Schema Registry groups and schemas.
2020-09-14 13:55:19
add Role
f8da80de-1ff9-4747-ad80-a19b7f6079e3 AgFood Platform Service Admin Provides admin access to AgFood Platform Service
2020-09-14 13:55:19
add Role
3b20f47b-3825-43cb-8114-4bd2201156a8 Cognitive Services Metrics Advisor User Access to the project.
2020-09-10 14:55:48
add Role
cb43c632-a144-4ec5-977c-e80c4affc34a Cognitive Services Metrics Advisor Administrator Full access to the project, including the system level configuration.
2020-09-10 14:55:48
add Role
d1ee9a80-8b14-47f0-bdc2-f4a351625a7b Device Update Content Reader Gives you read access to content operations, but does not allow making changes
2020-08-23 16:02:03
add Role
e4237640-0e3d-4a46-8fda-70bc94856432 Device Update Deployments Administrator Gives you full access to management operations
2020-08-23 16:02:03
add Role
0378884a-3af5-44ab-8323-f5b22f9f3c98 Device Update Content Administrator Gives you full access to content operations
2020-08-23 16:02:03
add Role
49e2f5d2-7741-4835-8efa-19e1fe35e47f Device Update Deployments Reader Gives you read access to management operations, but does not allow making changes
2020-08-23 16:02:03
add Role
e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f Device Update Reader Gives you read access to management and content operations, but does not allow making changes
2020-08-23 16:02:03
add Role
02ca0879-e8e4-47a5-a61e-5c618b76e64a Device Update Administrator Gives you full access to management and content operations
2020-08-23 16:02:03
add Role
daa9e50b-21df-454c-94a6-a8050adab352 Collaborative Data Contributor Can manage data packages of a collaborative.
2020-08-14 14:27:30
add Role
420fcaa2-552c-430f-98ca-3264be4806c7 SignalR App Server (Preview) Lets your app server access SignalR Service with AAD Auth options.
2020-07-29 13:49:09
add Role
00493d72-78f6-4148-b6c5-d3ce8e4799dd Azure Arc Enabled Kubernetes Cluster User Role List cluster user credentials action.
2020-07-29 13:49:09
add Role
fd53cd77-2268-407a-8f46-7e7863d0f521 SignalR Serverless Contributor (Preview) Lets your app access service in serverless mode.
2020-07-29 13:49:09
add Role
d18777c0-1514-4662-8490-608db7d334b6 Object Understanding Account Reader Lets you read ingestion jobs for an object understanding account.
2020-07-24 14:41:55
add Role
82200a5b-e217-47a5-b665-6d8765ee745b Services Hub Operator Services Hub Operator allows you to perform all read, write, and deletion operations related to Services Hub Connectors.
2020-07-21 19:48:17
add Role
7f6c6a51-bcf8-42ba-9220-52d62157d7db Azure Kubernetes Service RBAC Reader Lets you view all resources in cluster/namespace, except secrets.
2020-07-03 14:58:03
add Role
b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b Azure Kubernetes Service RBAC Cluster Admin Lets you manage all resources in the cluster.
2020-07-03 14:58:03
add Role
3498e952-d568-435e-9b2c-8d77e338d7f7 Azure Kubernetes Service RBAC Admin Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces.
2020-07-03 14:58:03
add Role
a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb Azure Kubernetes Service RBAC Writer Lets you update everything in cluster/namespace, except resource quotas, namespaces, pod security policies, certificate signing requests, (cluster)roles and (cluster)role bindings.
2020-07-03 14:58:03
add Role
63f0a09d-1495-4db4-a681-037d84835eb4 Azure Arc Kubernetes Viewer Lets you view all resources in cluster/namespace, except secrets.
2020-06-15 15:35:59
add Role
8393591c-06b9-48a2-a542-1bd6b377f6a2 Azure Arc Kubernetes Cluster Admin Lets you manage all resources in the cluster.
2020-06-15 15:35:59
add Role
dffb1e0c-446f-4dde-a09f-99eb5cc68b96 Azure Arc Kubernetes Admin Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces.
2020-06-15 15:35:59
add Role
5b999177-9696-4545-85c7-50de3797e5a1 Azure Arc Kubernetes Writer Lets you update everything in cluster/namespace, except (cluster)roles and (cluster)role bindings.
2020-06-15 15:35:59
add Role
e147488a-f6f5-4113-8e2d-b22465e65bf6 Key Vault Crypto Service Encryption (preview) Can read metadata of keys and perform wrap/unwrap operations.
2020-05-21 16:07:05
add Role
00482a5a-887f-4fb3-b363-3b7fe8e74483 Key Vault Administrator (preview) Can perform any action on certificates, keys and secrets of a key vault, except manage permissions.
2020-05-19 20:42:36
add Role
b86a8fe4-44ce-4948-aee5-eccb2c155cd7 Key Vault Secrets Officer (preview) Can perform any action on the secrets of a key vault, except manage permissions.
2020-05-19 20:42:36
add Role
a4417e6f-fecd-4de8-b567-7b0420556985 Key Vault Certificates Officer (preview) Can perform any action on the certificates of a key vault, except manage permissions.
2020-05-19 20:42:36
add Role
21090545-7ca7-4776-b22c-e363652d74d2 Key Vault Reader (preview) Can read metadata of key vaults and its certificates, keys and secrets. Cannot read sensitive values such as secret contents or key material.
2020-05-19 20:42:36
add Role
4633458b-17de-408a-b874-0445c86b69e6 Key Vault Secrets User (preview) Can read secret contents.
2020-05-19 20:42:36
add Role
12338af0-0e69-4776-bea7-57ae8d297424 Key Vault Crypto User (preview) Can perform cryptographic operations on keys and certificates.
2020-05-19 20:42:36
add Role
14b46e9e-c2b7-41b4-b07b-48a6ebf60603 Key Vault Crypto Officer (preview) Can perform any action on the keys of a key vault, except manage permissions.
2020-05-19 20:42:36
add Role
5c4089e1-6d96-4d2f-b296-c1bc7137275f Cognitive Services Custom Vision Deployment Publish, unpublish or export models. Deployment can view the project but can't update.
2020-05-09 14:57:51
add Role
93586559-c37d-4a6b-ba08-b9f0940c2d73 Cognitive Services Custom Vision Reader Read-only actions in the project. Readers can't create or update the project.
2020-05-09 14:57:51
add Role
c1ff6cc2-c111-46fe-8896-e0ef812ad9f3 Cognitive Services Custom Vision Contributor Full access to the project, including the ability to view, create, edit, or delete projects.
2020-05-09 14:57:51
add Role
0a5ae4ab-0d65-4eeb-be61-29fc9b54394b Cognitive Services Custom Vision Trainer View, edit projects and train the models, including the ability to publish, unpublish, export the models. Trainers can't create or delete the project.
2020-05-09 14:57:51
add Role
88424f51-ebe7-446f-bc41-7fa16989e96c Cognitive Services Custom Vision Labeler View, edit training images and create, add, remove, or delete the image tags. Labelers can view the project but can't update anything other than training images and tags.
2020-05-09 14:57:51
add Role
8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204 Azure Maps Data Contributor Grants access to read, write, and delete access to map related data from an Azure maps account.
2020-05-08 05:22:07
add Role
f4cc2bf9-21be-47a1-bdf1-5c5804381025 Cognitive Services QnA Maker Editor Let's you create, edit, import and export a KB. You cannot publish or delete a KB.
2020-05-04 15:11:45
change DisplayName
466ccd10-b268-4a11-b098-b4849f024126 Cognitive Services QnA Maker Reader Let's you read and test a KB only.
2020-05-04 15:11:45
change DisplayName
423170ca-a8f6-4b0f-8487-9e4eb8f49bfa Azure Maps Data Reader Grants access to read map related data from an Azure maps account.
2020-04-29 16:42:26
change DisplayName
aefefa01-2a29-4197-83a8-2828f33ce315 Tenant registration role Service role used by RP's for tenant level registration
2020-04-24 19:20:22
remove Role
aefefa01-2a29-4197-83a8-2828f33ce315 Tenant registration role Service role used by RP's for tenant level registration
2020-04-23 15:06:19
add Role
ed4b1625-bac7-4b49-8578-127fc3440d25 Experiment Administrator Experiment Administrator
2020-04-23 15:06:19
remove Role
4dd61c23-6743-42fe-a388-d8bdd41cb745 Object Understanding Account Owner Provides user with ingestion capabilities for Azure Object Understanding.
2020-04-23 15:06:19
add Role
49632ef5-d9ac-41f4-b8e7-bbe587fa74a1 Experimentation Reader Experimentation Reader
2020-04-23 15:06:19
change DisplayName
70ea1423-466c-4e7b-a2ee-f1206ef2072d Experiment Contributor Experiment Contributor
2020-04-23 15:06:19
remove Role
b879ac78-f1e6-448d-ab4c-5908cd5967c1 VSOnline Virtual Network Service Role This role will have access to customer's virtual networks, nics, and public ips. It used by VSOnline to deploy VMs into customer's virtual network
2020-03-28 01:22:25
remove Role
49632ef5-d9ac-41f4-b8e7-bbe587fa74a1 Experiment Operator Experiment Operator
2020-03-28 01:22:25
change DisplayName
49632ef5-d9ac-41f4-b8e7-bbe587fa74a1 Experimentation Operator Experiment Operator
2020-03-26 18:26:05
add Role
70ea1423-466c-4e7b-a2ee-f1206ef2072d Experiment Contributor Experiment Contributor
2020-03-26 18:26:05
add Role
ed4b1625-bac7-4b49-8578-127fc3440d25 Experiment Administrator Experiment Administrator
2020-03-26 18:26:05
add Role
4c8d0bbc-75d3-4935-991f-5f3c56d81508 FHIR Data Reader Role allows user or principal to read FHIR Data
2020-03-18 07:39:13
add Role
5a1fc7df-4bf1-4951-a576-89034ee01acd FHIR Data Contributor Role allows user or principal full access to FHIR Data
2020-03-18 07:39:13
add Role
3db33094-8700-4567-8da5-1501d4e7e843 FHIR Data Exporter Role allows user or principal to read FHIR Data
2020-03-18 07:39:13
add Role
3f88fce4-5892-4214-ae73-ba5294559913 FHIR Data Writer Role allows user or principal to read and write FHIR Data
2020-03-18 07:39:13
add Role
350f8d15-c687-4448-8ae1-157740a3936d Hierarchy Settings Administrator Allows users to edit and delete Hierarchy Settings
2020-03-14 15:10:08
add Role
b879ac78-f1e6-448d-ab4c-5908cd5967c1 VSOnline Virtual Network Service Role This role will have access to customer's virtual networks, nics, and public ips. It used by VSOnline to deploy VMs into customer's virtual network
2020-03-14 15:10:08
add Role
d57506d4-4c8d-48b1-8587-93c323f6a5a3 Azure Digital Twins Reader (Preview) Read-only role for Digital Twins data-plane properties
2020-03-11 05:47:56
add Role
bcd981a7-7f74-457b-83e1-cceb9e632ffe Azure Digital Twins Owner (Preview) Full access role for Digital Twins data-plane
2020-03-11 05:47:56
add Role
ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8 Azure Kubernetes Service Contributor Role Grants access to read and write Azure Kubernetes Service clusters
2020-02-28 09:58:27
add Role
dd920d6d-f481-47f1-b461-f338c46b2d9f Marketplace Admin Administrator of marketplace resource provider
2020-02-27 09:26:20
add Role
a41e2c5b-bd99-4a07-88f4-9bf657a760b8 Integration Service Environment Contributor Lets you manage integration service environments, but not access to them.
2020-02-21 00:11:51
add Role
c7aa55d3-1abb-444a-a5ca-5e51e485d6ec Integration Service Environment Developer Allows developers to create and update workflows, integration accounts and API connections in integration service environments.
2020-02-21 00:11:51
add Role
4a9ae827-6dc8-4573-8ac7-8239d42aa03f Tag Contributor Lets you manage tags on entities, without providing access to the entities themselves.
2020-02-19 09:00:33
add Role
612c2aa1-cb24-443b-ac28-3ab7272de6f5 Security Assessment Contributor Lets you push assessments to Security Center
2020-02-13 13:58:05
add Role
34e09817-6cbe-4d01-b1a2-e0eac5743d41 Kubernetes Cluster - Azure Arc Onboarding Role definition to authorize any user/service to create connectedClusters resource
2020-02-11 08:11:18
change DisplayName
641177b8-a67a-45b9-a033-47bc880bb21e Managed Application Contributor Role Allows for creating managed application resources.
2020-02-08 03:50:49
add Role
0b072326-6884-49b7-a53d-ae6aa62260ff MLC Service Role This role defines permissions for control plane actions by the Machine Learning Compute (MLC) service.
2020-01-30 21:07:35
remove Role
3df8b902-2a6f-47c7-8cc5-360e9b272a7e Remote Rendering Administrator Provides user with conversion, manage session, rendering and diagnostics capabilities for Azure Remote Rendering
2020-01-24 05:21:10
add Role
d39065c4-c120-43c9-ab0a-63eed9795f0a Remote Rendering Client Provides user with manage session, rendering and diagnostics capabilities for Azure Remote Rendering.
2020-01-24 05:21:10
add Role
7f646f1b-fa08-80eb-a33b-edd6ce5c915c Experimentation Administrator Experimentation Administrator
2019-12-19 07:49:46
add Role
f4cc2bf9-21be-47a1-bdf1-5c5804381025 QnA Maker Editor
2019-12-18 15:43:34
add Role
466ccd10-b268-4a11-b098-b4849f024126 QnA Maker Reader
2019-12-18 15:43:34
add Role
7f646f1b-fa08-80eb-a22b-edd6ce5c915c Experimentation Contributor Experimentation Contributor
2019-12-17 15:43:46
add Role
34e09817-6cbe-4d01-b1a2-e0eac5743d41 Kubernetes Cluster - Azure Arc Onborading Role definition to authorize any user/service to create connectedClusters resource
2019-12-13 11:23:49
change DisplayName
0b072326-6884-49b7-a53d-ae6aa62260ff MLC Service Role This role defines permissions for control plane actions by the Machine Learning Compute (MLC) service.
2019-11-26 15:41:35
add Role
36243c78-bf99-498c-9df9-86d9f8d28608 Resource Policy Contributor Users with rights to create/modify resource policy, create support ticket and read resources/hierarchy.
2019-11-20 21:32:41
change DisplayName
516239f1-63e1-4d78-a4de-a74fb236a071 App Configuration Data Reader Allows read access to App Configuration data.
2019-10-26 02:15:31
add Role
5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b App Configuration Data Owner Allows full access to App Configuration data.
2019-10-26 02:15:31
add Role
b64e21ea-ac4e-4cdf-9dc9-5b892992bee7 Azure Connected Machine Onboarding Can onboard Azure Connected Machines.
2019-10-24 02:15:32
add Role
7f646f1b-fa07-40eb-a22b-edd6ce5c915c Altretya test Service Role Altretya test
2019-10-24 02:15:32
remove Role
91c1777a-f3dc-4fae-b103-61d183457e46 Managed Services Registration assignment Delete Role Managed Services Registration Assignment Delete Role allows the managing tenant users to delete the registration assignment assigned to their tenant.
2019-10-24 02:15:32
add Role
cd570a14-e51a-42ad-bac8-bafd67325302 Azure Connected Machine Resource Administrator Can read, write, delete and re-onboard Azure Connected Machines.
2019-10-24 02:15:32
add Role
7f646f1b-fa07-40eb-a22b-edd6ce5c915c Altretya test Service Role Altretya test
2019-10-07 13:33:12
add Role