AzRoleAdvertizer

last sync: 2024-Sep-19 17:51:49 UTC

LocalNGFirewallAdministrator role

Azure BuiltIn RBAC Role definition

NameLocalNGFirewallAdministrator role
Ida8835c7d-b5cb-47fa-b6f0-65ea10ce07a2
DescriptionAllows user to create, modify, describe, or delete NGFirewalls.
CreatedOn2023-02-06 16:01:22 UTC
UpdatedOn2023-03-14 15:28:19 UTC
History
Date/Time (UTC ymd) (i) Change Change detail
2023-03-14 18:45:47 change: Actions Actions: 'add Microsoft.OperationalInsights/workspaces/write; add Microsoft.OperationalInsights/workspaces/sharedKeys/read; add Microsoft.OperationalInsights/workspaces/read; add Microsoft.Network/virtualNetworks/read; add Microsoft.Network/virtualNetworks/subnets/join/action; add Microsoft.Network/publicIPAddresses/write; add Microsoft.Network/publicIPAddresses/read; add Microsoft.Network/publicIPAddresses/join/action; add Microsoft.Network/networkVirtualAppliances/read; add Microsoft.Network/networkVirtualAppliances/write; add Microsoft.Network/networkVirtualAppliances/delete; add Microsoft.Network/virtualHubs/read; add Microsoft.Network/virtualWans/read; add Microsoft.Network/virtualWans/virtualHubs/read; add Microsoft.Network/networkSecurityGroups/read; add Microsoft.Network/networkSecurityGroups/join/action'
2023-02-22 18:54:52 change: Actions Actions: 'add Microsoft.Insights/metrics/read; add Microsoft.Insights/metricDefinitions/read; add Microsoft.Support/*'
2023-02-13 18:41:36 add: Role a8835c7d-b5cb-47fa-b6f0-65ea10ce07a2
Permissions summary Effective control plane and data plane operations: 83 (unique operations)
•: 1
•Action: 16
•Delete: 4
•read: 55
•Write: 7

Actions: 28
Resolved control plane operations from Actions: 83
Effective control plane operations: 83
•: 1
•Action: 16
•Delete: 4
•read: 55
•Write: 7

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 15712

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3259
Actions
Operation Description
Microsoft.Authorization/*/readwildcarded / no description
Microsoft.Insights/alertRules/*wildcarded / no description
Microsoft.Insights/metricDefinitions/readRead metric definitions
Microsoft.Insights/metrics/readRead metrics
Microsoft.Network/networkSecurityGroups/join/actionJoins a network security group. Not Alertable.
Microsoft.Network/networkSecurityGroups/readGets a network security group definition
Microsoft.Network/networkVirtualAppliances/deleteDelete a Network Virtual Appliance
Microsoft.Network/networkVirtualAppliances/readGet a Network Virtual Appliance
Microsoft.Network/networkVirtualAppliances/writeCreate or update a Network Virtual Appliance
Microsoft.Network/publicIPAddresses/join/actionJoins a public ip address. Not Alertable.
Microsoft.Network/publicIPAddresses/readGets a public ip address definition.
Microsoft.Network/publicIPAddresses/writeCreates a public Ip address or updates an existing public Ip address.
Microsoft.Network/virtualHubs/readGet a Virtual Hub
Microsoft.Network/virtualNetworks/readGet the virtual network definition
Microsoft.Network/virtualNetworks/subnets/join/actionJoins a virtual network. Not Alertable.
Microsoft.Network/virtualWans/readGet a Virtual Wan
Microsoft.Network/virtualWans/virtualHubs/readGets all Virtual Hubs that reference a Virtual Wan.
Microsoft.OperationalInsights/workspaces/readGets an existing workspace
Microsoft.OperationalInsights/workspaces/sharedKeys/readRetrieves the shared keys for the workspace. These keys are used to connect Microsoft Operational Insights agents to the workspace.
Microsoft.OperationalInsights/workspaces/writeCreates a new workspace or links to an existing workspace by providing the customer id from the existing workspace.
Microsoft.ResourceHealth/availabilityStatuses/readGets the availability statuses for all resources in the specified scope
Microsoft.Resources/deployments/*wildcarded / no description
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups.
Microsoft.Support/*wildcarded / no description
PaloAltoNetworks.Cloudngfw/firewalls/*wildcarded / no description
PaloAltoNetworks.Cloudngfw/globalRulestacks/readno description given
PaloAltoNetworks.Cloudngfw/localRulestacks/readno description given
PaloAltoNetworks.Cloudngfw/Locations/operationStatuses/readno description given
NotActions n/a
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy		 none
JSON
api-version=2023-07-01-preview
Condition none