AzRoleAdvertizer

last sync: 2024-Nov-25 18:54:42 UTC

Azure Container Registry secure supply chain operator service role

Azure BuiltIn RBAC Role definition

NameAzure Container Registry secure supply chain operator service role
Id96062cf7-95ca-4f89-9b9d-2a2aa47356af
DescriptionGrants Microsoft Defender for Cloud access to Azure Container Registry for security assessment of container images
CreatedOn2023-01-19 15:58:15 UTC
UpdatedOn2024-06-12 15:19:54 UTC
History
Date/Time (UTC ymd) (i) Change Change detail
2024-06-12 18:18:58 add: Role 96062cf7-95ca-4f89-9b9d-2a2aa47356af
Permissions summary Effective control plane and data plane operations: 9 (unique operations)
•delete: 3
•read: 3
•write: 3

Actions: 3
Resolved control plane operations from Actions: 3
Effective control plane operations: 3
•delete: 1
•read: 1
•write: 1

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 16169

DataActions: 6
Resolved data plane operations: 6
Effective data plane operations: 6
•delete: 2
•read: 2
•write: 2

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3297
Actions
Operation Description
Microsoft.ContainerRegistry/registries/artifacts/deleteDelete artifact in a container registry.
Microsoft.ContainerRegistry/registries/pull/readPull or Get images from a container registry.
Microsoft.ContainerRegistry/registries/push/writePush or Write images to a container registry.
NotActions n/a
DataActions
Operation Description
Microsoft.ContainerRegistry/registries/repositories/content/deleteDelete artifact in a container registry.
Microsoft.ContainerRegistry/registries/repositories/content/readPull or Get images from a container registry.
Microsoft.ContainerRegistry/registries/repositories/content/writePush or Write images to a container registry.
Microsoft.ContainerRegistry/registries/repositories/metadata/deleteDelete the metadata of a repository for a container registry
Microsoft.ContainerRegistry/registries/repositories/metadata/readGets the metadata of a specific repository for a container registry
Microsoft.ContainerRegistry/registries/repositories/metadata/writeUpdates the metadata of a repository for a container registry
NotDataActions n/a
Used in
BuiltIn Policy		 none
JSON
api-version=2023-07-01-preview
Condition none