AzRoleAdvertizer

last sync: 2024-Sep-19 17:51:49 UTC

Azure Red Hat OpenShift Image Registry Operator Role

Azure BuiltIn RBAC Role definition

NameAzure Red Hat OpenShift Image Registry Operator Role
Id8b32b316-c2f5-4ddf-b05b-83dacd2d08b5
DescriptionEnables permissions for the operator to manage a singleton instance of the OpenShift image registry. It manages all configuration of the registry, including creating storage.
CreatedOn2024-01-31 16:20:01 UTC
UpdatedOn2024-07-31 16:34:05 UTC
History
Date/Time (UTC ymd) (i) Change Change detail
2024-04-15 17:47:24 change: Actions, DataActions Actions: 'add Microsoft.Storage/storageAccounts/blobServices/read; add Microsoft.Storage/storageAccounts/blobServices/containers/read; add Microsoft.Storage/storageAccounts/blobServices/containers/write; add Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action; add Microsoft.Storage/storageAccounts/read; add Microsoft.Storage/storageAccounts/write; add Microsoft.Storage/storageAccounts/delete; add Microsoft.Storage/storageAccounts/listKeys/action; add Microsoft.Resources/tags/write',
DataActions: 'add Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete; add Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write; add Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read; add Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action; add Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action'
2024-01-31 19:57:40 add: Role 8b32b316-c2f5-4ddf-b05b-83dacd2d08b5
Permissions summary Effective control plane and data plane operations: 14 (unique operations)
•action: 4
•delete: 2
•read: 4
•write: 4

Actions: 9
Resolved control plane operations from Actions: 9
Effective control plane operations: 9
•action: 2
•delete: 1
•read: 3
•write: 3

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 15786

DataActions: 5
Resolved data plane operations: 5
Effective data plane operations: 5
•action: 2
•delete: 1
•read: 1
•write: 1

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3254
Actions
Operation Description
Microsoft.Resources/tags/writeUpdates the tags on a resource by replacing or merging existing tags with a new set of tags, or removing existing tags.
Microsoft.Storage/storageAccounts/blobServices/containers/readReturns list of containers
Microsoft.Storage/storageAccounts/blobServices/containers/writeReturns the result of put blob container
Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/actionReturns a user delegation key for the blob service
Microsoft.Storage/storageAccounts/blobServices/readReturns blob service properties or statistics
Microsoft.Storage/storageAccounts/deleteDeletes an existing storage account.
Microsoft.Storage/storageAccounts/listKeys/actionReturns the access keys for the specified storage account.
Microsoft.Storage/storageAccounts/readReturns the list of storage accounts or gets the properties for the specified storage account.
Microsoft.Storage/storageAccounts/writeCreates a storage account with the specified parameters or update the properties or tags or adds custom domain for the specified storage account.
NotActions n/a
DataActions
Operation Description
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/actionReturns the result of adding blob content
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/deleteReturns the result of deleting a blob
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/actionMoves the blob from one path to another
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/readReturns a blob or a list of blobs
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/writeReturns the result of writing a blob
NotDataActions n/a
Used in
BuiltIn Policy		 none
JSON
api-version=2023-07-01-preview
Condition none