| Id | DisplayName | Description | Details (UTC ymd) (i) |
|---|---|---|---|
| f2f79976-90be-4501-89c6-7caf12474683 | Azure Data Cloud Lifter Management | Grants full access to manage all resources in managed Resource Group. | 2020-10-28 15:04:35
change Actions |
| 8508508a-4469-4e45-963b-2518ee0bb728 | AgFood Platform Service Contributor | Provides contribute access to AgFood Platform Service | 2020-10-27 14:13:08
change NotDataActions |
| f7b75c60-3036-4b75-91c3-6b41c27c1689 | Reservation Purchaser | Lets you purchase reservations | 2020-10-26 14:19:04
add Role |
| 7f6c6a51-bcf8-42ba-9220-52d62157d7db | Azure Kubernetes Service RBAC Reader | Allows read-only access to see most objects in a namespace. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces. | 2020-10-23 13:31:33
change Description, Actions, DataActions, NotDataActions |
| fd53cd77-2268-407a-8f46-7e7863d0f521 | SignalR Serverless Contributor (Preview) | Lets your app access service in serverless mode with AAD auth options. | 2020-10-23 13:31:33
change Description, DataActions |
| 7e4f1700-ea5a-4f59-8f37-079cfe29dce3 | SignalR Service Owner (Preview) | Full access to Azure SignalR Service REST APIs | 2020-10-23 13:31:33
change DataActions |
| a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb | Azure Kubernetes Service RBAC Writer | Allows read/write access to most objects in a namespace.This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets and running Pods as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace. Applying this role at cluster scope will give access across all namespaces. | 2020-10-23 13:31:33
change Description, Actions, DataActions, NotDataActions |
| 420fcaa2-552c-430f-98ca-3264be4806c7 | SignalR App Server (Preview) | Lets your app server access SignalR Service with AAD auth options. | 2020-10-23 13:31:33
change DataActions |
| f2f79976-90be-4501-89c6-7caf12474683 | Azure Data Cloud Lifter Management | Grants full access to manage all resources in managed Resource Group. | 2020-10-20 13:29:34
add Role |
| 9b7fa17d-e63e-47b0-bb0a-15c516ac86ec | SQL DB Contributor | Lets you manage SQL databases, but not access to them. Also, you can't manage their security-related policies or their parent SQL servers. | 2020-10-20 13:29:34
change NotActions |
| 6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437 | SQL Server Contributor | Lets you manage SQL servers and databases, but not access to them, and not their security -related policies. | 2020-10-20 13:29:34
change NotActions |
| 056cd41c-7e88-42e1-933e-88ba6a50c9c3 | SQL Security Manager | Lets you manage the security-related policies of SQL servers and databases, but not access to them. | 2020-10-20 13:29:34
change Actions |
| 0b555d9b-b4a7-4f43-b330-627f0e5be8f0 | Security Detonation Chamber Submitter | Allowed to create submissions to Security Detonation Chamber | 2020-10-19 15:27:07
add Role |
| 7e4f1700-ea5a-4f59-8f37-079cfe29dce3 | SignalR Service Owner (Preview) | Full access to Azure SignalR Service REST APIs | 2020-10-13 13:23:37
add Role |
| ddde6b66-c0df-4114-a159-3618637b3035 | SignalR Service Reader (Preview) | Read-only access to Azure SignalR Service REST APIs | 2020-10-13 13:23:37
add Role |
| 82200a5b-e217-47a5-b665-6d8765ee745b | Services Hub Operator | Services Hub Operator allows you to perform all read, write, and deletion operations related to Services Hub Connectors. | 2020-10-07 08:52:18
change Actions |
| 4fe6d683-8411-4247-8525-b6b5b8a80669 | Microsoft.ScVmm service role | Microsoft.ScVmm service role. | 2020-09-23 13:42:44
remove Role |
| 18500a29-7fe2-46b2-a342-b16a415e101d | Managed HSM contributor | Lets you manage managed HSM pools, but not access to them. | 2020-09-17 14:31:34
add Role |
| 4fe6d683-8411-4247-8525-b6b5b8a80669 | Microsoft.ScVmm service role | Microsoft.ScVmm service role. | 2020-09-14 13:55:19
add Role |
| f8da80de-1ff9-4747-ad80-a19b7f6079e3 | AgFood Platform Service Admin | Provides admin access to AgFood Platform Service | 2020-09-14 13:55:19
add Role |
| 8508508a-4469-4e45-963b-2518ee0bb728 | AgFood Platform Service Contributor | Provides contribute access to AgFood Platform Service | 2020-09-14 13:55:19
add Role |
| 5dffeca3-4936-4216-b2bc-10343a5abb25 | Schema Registry Contributor (Preview) | Read, write, and delete Schema Registry groups and schemas. | 2020-09-14 13:55:19
add Role |
| 2c56ea50-c6b3-40a6-83c0-9d98858bc7d2 | Schema Registry Reader (Preview) | Read and list Schema Registry groups and schemas. | 2020-09-14 13:55:19
add Role |
| 7ec7ccdc-f61e-41fe-9aaf-980df0a44eba | AgFood Platform Service Reader | Provides read access to AgFood Platform Service | 2020-09-14 13:55:19
add Role |
| 3b20f47b-3825-43cb-8114-4bd2201156a8 | Cognitive Services Metrics Advisor User | Access to the project. | 2020-09-10 14:55:48
add Role |
| cb43c632-a144-4ec5-977c-e80c4affc34a | Cognitive Services Metrics Advisor Administrator | Full access to the project, including the system level configuration. | 2020-09-10 14:55:48
add Role |
| 0378884a-3af5-44ab-8323-f5b22f9f3c98 | Device Update Content Administrator | Gives you full access to content operations | 2020-08-23 16:02:03
add Role |
| e4237640-0e3d-4a46-8fda-70bc94856432 | Device Update Deployments Administrator | Gives you full access to management operations | 2020-08-23 16:02:03
add Role |
| d1ee9a80-8b14-47f0-bdc2-f4a351625a7b | Device Update Content Reader | Gives you read access to content operations, but does not allow making changes | 2020-08-23 16:02:03
add Role |
| 49e2f5d2-7741-4835-8efa-19e1fe35e47f | Device Update Deployments Reader | Gives you read access to management operations, but does not allow making changes | 2020-08-23 16:02:03
add Role |
| e9dba6fb-3d52-4cf0-bce3-f06ce71b9e0f | Device Update Reader | Gives you read access to management and content operations, but does not allow making changes | 2020-08-23 16:02:03
add Role |
| 02ca0879-e8e4-47a5-a61e-5c618b76e64a | Device Update Administrator | Gives you full access to management and content operations | 2020-08-23 16:02:03
add Role |
| daa9e50b-21df-454c-94a6-a8050adab352 | Collaborative Data Contributor | Can manage data packages of a collaborative. | 2020-08-14 14:27:30
add Role |
| 00493d72-78f6-4148-b6c5-d3ce8e4799dd | Azure Arc Enabled Kubernetes Cluster User Role | List cluster user credentials action. | 2020-07-29 13:49:09
add Role |
| fd53cd77-2268-407a-8f46-7e7863d0f521 | SignalR Serverless Contributor (Preview) | Lets your app access service in serverless mode. | 2020-07-29 13:49:09
add Role |
| 420fcaa2-552c-430f-98ca-3264be4806c7 | SignalR App Server (Preview) | Lets your app server access SignalR Service with AAD Auth options. | 2020-07-29 13:49:09
add Role |
| d18777c0-1514-4662-8490-608db7d334b6 | Object Understanding Account Reader | Lets you read ingestion jobs for an object understanding account. | 2020-07-24 14:41:55
add Role |
| 82200a5b-e217-47a5-b665-6d8765ee745b | Services Hub Operator | Services Hub Operator allows you to perform all read, write, and deletion operations related to Services Hub Connectors. | 2020-07-21 19:48:17
add Role |
| 3498e952-d568-435e-9b2c-8d77e338d7f7 | Azure Kubernetes Service RBAC Admin | Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces. | 2020-07-03 14:58:03
add Role |
| a7ffa36f-339b-4b5c-8bdf-e2c188b2c0eb | Azure Kubernetes Service RBAC Writer | Lets you update everything in cluster/namespace, except resource quotas, namespaces, pod security policies, certificate signing requests, (cluster)roles and (cluster)role bindings. | 2020-07-03 14:58:03
add Role |
| 7f6c6a51-bcf8-42ba-9220-52d62157d7db | Azure Kubernetes Service RBAC Reader | Lets you view all resources in cluster/namespace, except secrets. | 2020-07-03 14:58:03
add Role |
| b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b | Azure Kubernetes Service RBAC Cluster Admin | Lets you manage all resources in the cluster. | 2020-07-03 14:58:03
add Role |
| 8393591c-06b9-48a2-a542-1bd6b377f6a2 | Azure Arc Kubernetes Cluster Admin | Lets you manage all resources in the cluster. | 2020-06-15 15:35:59
add Role |
| dffb1e0c-446f-4dde-a09f-99eb5cc68b96 | Azure Arc Kubernetes Admin | Lets you manage all resources under cluster/namespace, except update or delete resource quotas and namespaces. | 2020-06-15 15:35:59
add Role |
| 63f0a09d-1495-4db4-a681-037d84835eb4 | Azure Arc Kubernetes Viewer | Lets you view all resources in cluster/namespace, except secrets. | 2020-06-15 15:35:59
add Role |
| 5b999177-9696-4545-85c7-50de3797e5a1 | Azure Arc Kubernetes Writer | Lets you update everything in cluster/namespace, except (cluster)roles and (cluster)role bindings. | 2020-06-15 15:35:59
add Role |
| e147488a-f6f5-4113-8e2d-b22465e65bf6 | Key Vault Crypto Service Encryption (preview) | Can read metadata of keys and perform wrap/unwrap operations. | 2020-05-21 16:07:05
add Role |
| 00482a5a-887f-4fb3-b363-3b7fe8e74483 | Key Vault Administrator (preview) | Can perform any action on certificates, keys and secrets of a key vault, except manage permissions. | 2020-05-19 20:42:36
add Role |
| 12338af0-0e69-4776-bea7-57ae8d297424 | Key Vault Crypto User (preview) | Can perform cryptographic operations on keys and certificates. | 2020-05-19 20:42:36
add Role |
| 4633458b-17de-408a-b874-0445c86b69e6 | Key Vault Secrets User (preview) | Can read secret contents. | 2020-05-19 20:42:36
add Role |
| a4417e6f-fecd-4de8-b567-7b0420556985 | Key Vault Certificates Officer (preview) | Can perform any action on the certificates of a key vault, except manage permissions. | 2020-05-19 20:42:36
add Role |
| 21090545-7ca7-4776-b22c-e363652d74d2 | Key Vault Reader (preview) | Can read metadata of key vaults and its certificates, keys and secrets. Cannot read sensitive values such as secret contents or key material. | 2020-05-19 20:42:36
add Role |
| b86a8fe4-44ce-4948-aee5-eccb2c155cd7 | Key Vault Secrets Officer (preview) | Can perform any action on the secrets of a key vault, except manage permissions. | 2020-05-19 20:42:36
add Role |
| 14b46e9e-c2b7-41b4-b07b-48a6ebf60603 | Key Vault Crypto Officer (preview) | Can perform any action on the keys of a key vault, except manage permissions. | 2020-05-19 20:42:36
add Role |
| 5c4089e1-6d96-4d2f-b296-c1bc7137275f | Cognitive Services Custom Vision Deployment | Publish, unpublish or export models. Deployment can view the project but can't update. | 2020-05-09 14:57:51
add Role |
| 0a5ae4ab-0d65-4eeb-be61-29fc9b54394b | Cognitive Services Custom Vision Trainer | View, edit projects and train the models, including the ability to publish, unpublish, export the models. Trainers can't create or delete the project. | 2020-05-09 14:57:51
add Role |
| 93586559-c37d-4a6b-ba08-b9f0940c2d73 | Cognitive Services Custom Vision Reader | Read-only actions in the project. Readers can't create or update the project. | 2020-05-09 14:57:51
add Role |
| c1ff6cc2-c111-46fe-8896-e0ef812ad9f3 | Cognitive Services Custom Vision Contributor | Full access to the project, including the ability to view, create, edit, or delete projects. | 2020-05-09 14:57:51
add Role |
| 88424f51-ebe7-446f-bc41-7fa16989e96c | Cognitive Services Custom Vision Labeler | View, edit training images and create, add, remove, or delete the image tags. Labelers can view the project but can't update anything other than training images and tags. | 2020-05-09 14:57:51
add Role |
| 8f5e0ce6-4f7b-4dcf-bddf-e6f48634a204 | Azure Maps Data Contributor | Grants access to read, write, and delete access to map related data from an Azure maps account. | 2020-05-08 05:22:07
add Role |
| f4cc2bf9-21be-47a1-bdf1-5c5804381025 | Cognitive Services QnA Maker Editor | Let's you create, edit, import and export a KB. You cannot publish or delete a KB. | 2020-05-04 15:11:45
change DisplayName |
| 466ccd10-b268-4a11-b098-b4849f024126 | Cognitive Services QnA Maker Reader | Let's you read and test a KB only. | 2020-05-04 15:11:45
change DisplayName |
| 423170ca-a8f6-4b0f-8487-9e4eb8f49bfa | Azure Maps Data Reader | Grants access to read map related data from an Azure maps account. | 2020-04-29 16:42:26
change DisplayName |
| aefefa01-2a29-4197-83a8-2828f33ce315 | Tenant registration role | Service role used by RP's for tenant level registration | 2020-04-24 19:20:22
remove Role |
| 70ea1423-466c-4e7b-a2ee-f1206ef2072d | Experiment Contributor | Experiment Contributor | 2020-04-23 15:06:19
remove Role |
| 49632ef5-d9ac-41f4-b8e7-bbe587fa74a1 | Experimentation Reader | Experimentation Reader | 2020-04-23 15:06:19
change DisplayName |
| 4dd61c23-6743-42fe-a388-d8bdd41cb745 | Object Understanding Account Owner | Provides user with ingestion capabilities for Azure Object Understanding. | 2020-04-23 15:06:19
add Role |
| ed4b1625-bac7-4b49-8578-127fc3440d25 | Experiment Administrator | Experiment Administrator | 2020-04-23 15:06:19
remove Role |
| aefefa01-2a29-4197-83a8-2828f33ce315 | Tenant registration role | Service role used by RP's for tenant level registration | 2020-04-23 15:06:19
add Role |
| b879ac78-f1e6-448d-ab4c-5908cd5967c1 | VSOnline Virtual Network Service Role | This role will have access to customer's virtual networks, nics, and public ips. It used by VSOnline to deploy VMs into customer's virtual network | 2020-03-28 01:22:25
remove Role |
| 49632ef5-d9ac-41f4-b8e7-bbe587fa74a1 | Experiment Operator | Experiment Operator | 2020-03-28 01:22:25
change DisplayName |
| 49632ef5-d9ac-41f4-b8e7-bbe587fa74a1 | Experimentation Operator | Experiment Operator | 2020-03-26 18:26:05
add Role |
| ed4b1625-bac7-4b49-8578-127fc3440d25 | Experiment Administrator | Experiment Administrator | 2020-03-26 18:26:05
add Role |
| 70ea1423-466c-4e7b-a2ee-f1206ef2072d | Experiment Contributor | Experiment Contributor | 2020-03-26 18:26:05
add Role |
| 5a1fc7df-4bf1-4951-a576-89034ee01acd | FHIR Data Contributor | Role allows user or principal full access to FHIR Data | 2020-03-18 07:39:13
add Role |
| 3db33094-8700-4567-8da5-1501d4e7e843 | FHIR Data Exporter | Role allows user or principal to read FHIR Data | 2020-03-18 07:39:13
add Role |
| 3f88fce4-5892-4214-ae73-ba5294559913 | FHIR Data Writer | Role allows user or principal to read and write FHIR Data | 2020-03-18 07:39:13
add Role |
| 4c8d0bbc-75d3-4935-991f-5f3c56d81508 | FHIR Data Reader | Role allows user or principal to read FHIR Data | 2020-03-18 07:39:13
add Role |
| 350f8d15-c687-4448-8ae1-157740a3936d | Hierarchy Settings Administrator | Allows users to edit and delete Hierarchy Settings | 2020-03-14 15:10:08
add Role |
| b879ac78-f1e6-448d-ab4c-5908cd5967c1 | VSOnline Virtual Network Service Role | This role will have access to customer's virtual networks, nics, and public ips. It used by VSOnline to deploy VMs into customer's virtual network | 2020-03-14 15:10:08
add Role |
| d57506d4-4c8d-48b1-8587-93c323f6a5a3 | Azure Digital Twins Reader (Preview) | Read-only role for Digital Twins data-plane properties | 2020-03-11 05:47:56
add Role |
| bcd981a7-7f74-457b-83e1-cceb9e632ffe | Azure Digital Twins Owner (Preview) | Full access role for Digital Twins data-plane | 2020-03-11 05:47:56
add Role |
| ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8 | Azure Kubernetes Service Contributor Role | Grants access to read and write Azure Kubernetes Service clusters | 2020-02-28 09:58:27
add Role |
| dd920d6d-f481-47f1-b461-f338c46b2d9f | Marketplace Admin | Administrator of marketplace resource provider | 2020-02-27 09:26:20
add Role |
| a41e2c5b-bd99-4a07-88f4-9bf657a760b8 | Integration Service Environment Contributor | Lets you manage integration service environments, but not access to them. | 2020-02-21 00:11:51
add Role |
| c7aa55d3-1abb-444a-a5ca-5e51e485d6ec | Integration Service Environment Developer | Allows developers to create and update workflows, integration accounts and API connections in integration service environments. | 2020-02-21 00:11:51
add Role |
| 4a9ae827-6dc8-4573-8ac7-8239d42aa03f | Tag Contributor | Lets you manage tags on entities, without providing access to the entities themselves. | 2020-02-19 09:00:33
add Role |
| 612c2aa1-cb24-443b-ac28-3ab7272de6f5 | Security Assessment Contributor | Lets you push assessments to Security Center | 2020-02-13 13:58:05
add Role |
| 34e09817-6cbe-4d01-b1a2-e0eac5743d41 | Kubernetes Cluster - Azure Arc Onboarding | Role definition to authorize any user/service to create connectedClusters resource | 2020-02-11 08:11:18
change DisplayName |
| 641177b8-a67a-45b9-a033-47bc880bb21e | Managed Application Contributor Role | Allows for creating managed application resources. | 2020-02-08 03:50:49
add Role |
| 0b072326-6884-49b7-a53d-ae6aa62260ff | MLC Service Role | This role defines permissions for control plane actions by the Machine Learning Compute (MLC) service. | 2020-01-30 21:07:35
remove Role |
| 3df8b902-2a6f-47c7-8cc5-360e9b272a7e | Remote Rendering Administrator | Provides user with conversion, manage session, rendering and diagnostics capabilities for Azure Remote Rendering | 2020-01-24 05:21:10
add Role |
| d39065c4-c120-43c9-ab0a-63eed9795f0a | Remote Rendering Client | Provides user with manage session, rendering and diagnostics capabilities for Azure Remote Rendering. | 2020-01-24 05:21:10
add Role |
| 7f646f1b-fa08-80eb-a33b-edd6ce5c915c | Experimentation Administrator | Experimentation Administrator | 2019-12-19 07:49:46
add Role |
| 466ccd10-b268-4a11-b098-b4849f024126 | QnA Maker Reader | 2019-12-18 15:43:34
add Role |
|
| f4cc2bf9-21be-47a1-bdf1-5c5804381025 | QnA Maker Editor | 2019-12-18 15:43:34
add Role |
|
| 7f646f1b-fa08-80eb-a22b-edd6ce5c915c | Experimentation Contributor | Experimentation Contributor | 2019-12-17 15:43:46
add Role |
| 34e09817-6cbe-4d01-b1a2-e0eac5743d41 | Kubernetes Cluster - Azure Arc Onborading | Role definition to authorize any user/service to create connectedClusters resource | 2019-12-13 11:23:49
change DisplayName |
| 0b072326-6884-49b7-a53d-ae6aa62260ff | MLC Service Role | This role defines permissions for control plane actions by the Machine Learning Compute (MLC) service. | 2019-11-26 15:41:35
add Role |
| 36243c78-bf99-498c-9df9-86d9f8d28608 | Resource Policy Contributor | Users with rights to create/modify resource policy, create support ticket and read resources/hierarchy. | 2019-11-20 21:32:41
change DisplayName |
| 516239f1-63e1-4d78-a4de-a74fb236a071 | App Configuration Data Reader | Allows read access to App Configuration data. | 2019-10-26 02:15:31
add Role |
| 5ae67dd6-50cb-40e7-96ff-dc2bfa4b606b | App Configuration Data Owner | Allows full access to App Configuration data. | 2019-10-26 02:15:31
add Role |
| 91c1777a-f3dc-4fae-b103-61d183457e46 | Managed Services Registration assignment Delete Role | Managed Services Registration Assignment Delete Role allows the managing tenant users to delete the registration assignment assigned to their tenant. | 2019-10-24 02:15:32
add Role |
| cd570a14-e51a-42ad-bac8-bafd67325302 | Azure Connected Machine Resource Administrator | Can read, write, delete and re-onboard Azure Connected Machines. | 2019-10-24 02:15:32
add Role |
| 7f646f1b-fa07-40eb-a22b-edd6ce5c915c | Altretya test Service Role | Altretya test | 2019-10-24 02:15:32
remove Role |
| b64e21ea-ac4e-4cdf-9dc9-5b892992bee7 | Azure Connected Machine Onboarding | Can onboard Azure Connected Machines. | 2019-10-24 02:15:32
add Role |
| 7f646f1b-fa07-40eb-a22b-edd6ce5c915c | Altretya test Service Role | Altretya test | 2019-10-07 13:33:12
add Role |