AzRoleAdvertizer

last sync: 2024-Nov-25 18:54:42 UTC

Container Registry Contributor and Data Access Configuration Administrator

Azure BuiltIn RBAC Role definition

NameContainer Registry Contributor and Data Access Configuration Administrator
Id3bc748fc-213d-45c1-8d91-9da5725539b9
DescriptionProvides permissions to create, list, and update container registries and registry configuration properties. Provides permissions to configure data access such as admin user credentials, scope maps, and tokens, which can be used to read, write or delete repositories and images. Does not provide direct permissions to read, list, or write registry contents including repositories and images. Does not provide permissions to modify data plane content such as imports, Artifact Cache or Sync, and Transfer Pipelines. Does not provide permissions for managing Tasks.
CreatedOn2024-10-23 22:38:18 UTC
UpdatedOn2024-10-23 22:38:18 UTC
History
Date/Time (UTC ymd) (i) Change Change detail
2024-10-25 17:51:38 add: Role 3bc748fc-213d-45c1-8d91-9da5725539b9
Permissions summary Effective control plane and data plane operations: 89 (unique operations)
•action: 16
•delete: 9
•read: 52
•write: 12

Actions: 55
Resolved control plane operations from Actions: 89
Effective control plane operations: 89
•action: 16
•delete: 9
•read: 52
•write: 12

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 16083

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3303
Actions
Operation Description
Microsoft.Authorization/*/readwildcarded / no description
Microsoft.ContainerRegistry/locations/operationResults/readGets an async operation result
Microsoft.ContainerRegistry/registries/connectedRegistries/deactivate/actionDeactivates a connected registry for a container registry
Microsoft.ContainerRegistry/registries/connectedRegistries/deleteDeletes a connected registry from a container registry.
Microsoft.ContainerRegistry/registries/connectedRegistries/readGets the properties of the specified connected registry or lists all the connected registries for the specified container registry.
Microsoft.ContainerRegistry/registries/connectedRegistries/writeCreates or updates a connected registry for a container registry with the specified parameters.
Microsoft.ContainerRegistry/registries/deleteDeletes a container registry.
Microsoft.ContainerRegistry/registries/generateCredentials/actionGenerate keys for a token of a specified container registry.
Microsoft.ContainerRegistry/registries/listCredentials/actionLists the login credentials for the specified container registry.
Microsoft.ContainerRegistry/registries/operationStatuses/readGets a registry async operation status
Microsoft.ContainerRegistry/registries/privateEndpointConnections/deleteDeletes the private endpoint connection
Microsoft.ContainerRegistry/registries/privateEndpointConnections/operationStatuses/readGet Private Endpoint Connection Async Operation Status
Microsoft.ContainerRegistry/registries/privateEndpointConnections/readGets the properties of private endpoint connection or list all the private endpoint connections for the specified container registry
Microsoft.ContainerRegistry/registries/privateEndpointConnections/writeApproves/Rejects the private endpoint connection
Microsoft.ContainerRegistry/registries/privateEndpointConnectionsApproval/actionAuto Approves a Private Endpoint Connection
Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/readno description given
Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/diagnosticSettings/writeno description given
Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/logDefinitions/readno description given
Microsoft.ContainerRegistry/registries/providers/Microsoft.Insights/metricDefinitions/readno description given
Microsoft.ContainerRegistry/registries/readGets the properties of the specified container registry or lists all the container registries under the specified resource group or subscription.
Microsoft.ContainerRegistry/registries/regenerateCredential/actionRegenerates one of the login credentials for the specified container registry.
Microsoft.ContainerRegistry/registries/replications/deleteDeletes a replication from a container registry.
Microsoft.ContainerRegistry/registries/replications/operationStatuses/readGets a replication async operation status
Microsoft.ContainerRegistry/registries/replications/readGets the properties of the specified replication or lists all the replications for the specified container registry.
Microsoft.ContainerRegistry/registries/replications/writeCreates or updates a replication for a container registry with the specified parameters.
Microsoft.ContainerRegistry/registries/scopeMaps/deleteDeletes a scope map from a container registry.
Microsoft.ContainerRegistry/registries/scopeMaps/operationStatuses/readGets a scope map async operation status.
Microsoft.ContainerRegistry/registries/scopeMaps/readGets the properties of the specified scope map or lists all the scope maps for the specified container registry.
Microsoft.ContainerRegistry/registries/scopeMaps/writeCreates or updates a scope map for a container registry with the specified parameters.
Microsoft.ContainerRegistry/registries/tokens/deleteDeletes a token from a container registry.
Microsoft.ContainerRegistry/registries/tokens/operationStatuses/readGets a token async operation status.
Microsoft.ContainerRegistry/registries/tokens/readGets the properties of the specified token or lists all the tokens for the specified container registry.
Microsoft.ContainerRegistry/registries/tokens/writeCreates or updates a token for a container registry with the specified parameters.
Microsoft.ContainerRegistry/registries/webhooks/deleteDeletes a webhook from a container registry.
Microsoft.ContainerRegistry/registries/webhooks/getCallbackConfig/actionGets the configuration of service URI and custom headers for the webhook.
Microsoft.ContainerRegistry/registries/webhooks/listEvents/actionLists recent events for the specified webhook.
Microsoft.ContainerRegistry/registries/webhooks/operationStatuses/readGets a webhook async operation status
Microsoft.ContainerRegistry/registries/webhooks/ping/actionTriggers a ping event to be sent to the webhook.
Microsoft.ContainerRegistry/registries/webhooks/readGets the properties of the specified webhook or lists all the webhooks for the specified container registry.
Microsoft.ContainerRegistry/registries/webhooks/writeCreates or updates a webhook for a container registry with the specified parameters.
Microsoft.ContainerRegistry/registries/writeCreates or updates a container registry with the specified parameters.
Microsoft.Insights/AlertRules/Activated/ActionClassic metric alert activated
Microsoft.Insights/AlertRules/DeleteDelete a classic metric alert
Microsoft.Insights/AlertRules/Incidents/ReadRead a classic metric alert incident
Microsoft.Insights/AlertRules/ReadRead a classic metric alert
Microsoft.Insights/AlertRules/Resolved/ActionClassic metric alert resolved
Microsoft.Insights/AlertRules/Throttled/ActionClassic metric alert rule throttled
Microsoft.Insights/AlertRules/WriteCreate or update a classic metric alert
Microsoft.Network/privateEndpoints/privateLinkServiceProxies/writeno description given
Microsoft.Network/virtualNetworks/readGet the virtual network definition
Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/actionJoins resource such as storage account or SQL database to a subnet. Not alertable.
Microsoft.Network/virtualNetworks/subnets/readGets a virtual network subnet definition
Microsoft.Network/virtualNetworks/subnets/writeCreates a virtual network subnet or updates an existing virtual network subnet
Microsoft.Resources/deployments/*wildcarded / no description
Microsoft.Resources/subscriptions/resourceGroups/readRuft Ressourcengruppen ab oder listet diese auf.
NotActions n/a
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy		 none
JSON
api-version=2023-07-01-preview
Condition none