AzRoleAdvertizer

last sync: 2024-Sep-19 17:51:49 UTC

Domain Services Contributor

Azure BuiltIn RBAC Role definition

NameDomain Services Contributor
Ideeaeda52-9324-47f6-8069-5d5bade478b2
DescriptionCan manage Azure AD Domain Services and related network configurations
CreatedOn2022-02-15 19:40:22 UTC
UpdatedOn2022-06-27 19:30:44 UTC
History
Date/Time (UTC ymd) (i) Change Change detail
2022-06-27 16:32:39 change: Actions Actions: 'add Microsoft.Insights/Logs/Read; add Microsoft.Insights/Metrics/Read; add Microsoft.Insights/DiagnosticSettings/*; add Microsoft.Insights/DiagnosticSettingsCategories/Read'
2022-06-22 16:32:37 change: Actions Actions: 'remove Microsoft.AAD/domainServices/read; remove Microsoft.AAD/domainServices/write; remove Microsoft.AAD/domainServices/delete; remove Microsoft.AAD/domainServices/providers/Microsoft.Insights/diagnosticSettings/read; remove Microsoft.AAD/domainServices/providers/Microsoft.Insights/diagnosticSettings/write; remove Microsoft.AAD/domainServices/providers/Microsoft.Insights/logDefinitions/read; remove Microsoft.AAD/domainServices/oucontainer/read; remove Microsoft.AAD/domainServices/oucontainer/write; remove Microsoft.AAD/domainServices/oucontainer/delete; add Microsoft.AAD/domainServices/*'
2022-02-23 18:03:00 add: Role eeaeda52-9324-47f6-8069-5d5bade478b2
Permissions summary Effective control plane and data plane operations: 120 (unique operations)
•action: 21
•delete: 14
•read: 71
•write: 14

Actions: 69
Resolved control plane operations from Actions: 120
Effective control plane operations: 120
•action: 21
•delete: 14
•read: 71
•write: 14

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 15675

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3259
Actions
Operation Description
Microsoft.AAD/domainServices/*wildcarded / no description
Microsoft.AAD/register/actionRegister Domain Service
Microsoft.AAD/unregister/actionUnregister Domain Service
Microsoft.Authorization/*/readwildcarded / no description
Microsoft.Insights/AlertRules/Activated/ActionClassic metric alert activated
Microsoft.Insights/AlertRules/DeleteDelete a classic metric alert
Microsoft.Insights/AlertRules/Incidents/ReadRead a classic metric alert incident
Microsoft.Insights/AlertRules/ReadRead a classic metric alert
Microsoft.Insights/AlertRules/Resolved/ActionClassic metric alert resolved
Microsoft.Insights/AlertRules/Throttled/ActionClassic metric alert rule throttled
Microsoft.Insights/AlertRules/WriteCreate or update a classic metric alert
Microsoft.Insights/DiagnosticSettings/*wildcarded / no description
Microsoft.Insights/DiagnosticSettingsCategories/ReadRead diagnostic settings categories
Microsoft.Insights/Logs/ReadReading data from all your logs
Microsoft.Insights/Metrics/ReadRead metrics
Microsoft.Network/azureFirewalls/readGet Azure Firewall
Microsoft.Network/ddosProtectionPlans/join/actionJoins a DDoS Protection Plan. Not alertable.
Microsoft.Network/ddosProtectionPlans/readGets a DDoS Protection Plan
Microsoft.Network/loadBalancers/*/readwildcarded / no description
Microsoft.Network/loadBalancers/backendAddressPools/join/actionJoins a load balancer backend address pool. Not Alertable.
Microsoft.Network/loadBalancers/deleteDeletes a load balancer
Microsoft.Network/loadBalancers/inboundNatRules/join/actionJoins a load balancer inbound nat rule. Not Alertable.
Microsoft.Network/loadBalancers/readGets a load balancer definition
Microsoft.Network/natGateways/join/actionJoins a NAT Gateway
Microsoft.Network/networkInterfaces/deleteDeletes a network interface
Microsoft.Network/networkInterfaces/join/actionJoins a Virtual Machine to a network interface. Not Alertable.
Microsoft.Network/networkInterfaces/readGets a network interface definition.
Microsoft.Network/networkInterfaces/writeCreates a network interface or updates an existing network interface.
Microsoft.Network/networkSecurityGroups/defaultSecurityRules/readGets a default security rule definition
Microsoft.Network/networkSecurityGroups/deleteDeletes a network security group
Microsoft.Network/networkSecurityGroups/join/actionJoins a network security group. Not Alertable.
Microsoft.Network/networkSecurityGroups/readGets a network security group definition
Microsoft.Network/networkSecurityGroups/securityRules/deleteDeletes a security rule
Microsoft.Network/networkSecurityGroups/securityRules/readGets a security rule definition
Microsoft.Network/networkSecurityGroups/securityRules/writeCreates a security rule or updates an existing security rule
Microsoft.Network/networkSecurityGroups/writeCreates a network security group or updates an existing network security group
Microsoft.Network/register/actionRegisters the subscription
Microsoft.Network/routeTables/deleteDeletes a route table definition
Microsoft.Network/routeTables/join/actionJoins a route table. Not Alertable.
Microsoft.Network/routeTables/readGets a route table definition
Microsoft.Network/routeTables/routes/deleteDeletes a route definition
Microsoft.Network/routeTables/routes/readGets a route definition
Microsoft.Network/routeTables/routes/writeCreates a route or Updates an existing route
Microsoft.Network/routeTables/writeCreates a route table or Updates an existing rotue table
Microsoft.Network/unregister/actionUnregisters the subscription
Microsoft.Network/virtualNetworks/deleteDeletes a virtual network
Microsoft.Network/virtualNetworks/join/actionJoins a virtual network. Not Alertable.
Microsoft.Network/virtualNetworks/peer/actionPeers a virtual network with another virtual network
Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/diagnosticSettings/readno description given
Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/readno description given
Microsoft.Network/virtualNetworks/readGet the virtual network definition
Microsoft.Network/virtualNetworks/subnets/deleteDeletes a virtual network subnet
Microsoft.Network/virtualNetworks/subnets/join/actionJoins a virtual network. Not Alertable.
Microsoft.Network/virtualNetworks/subnets/readGets a virtual network subnet definition
Microsoft.Network/virtualNetworks/subnets/writeCreates a virtual network subnet or updates an existing virtual network subnet
Microsoft.Network/virtualNetworks/virtualNetworkPeerings/deleteDeletes a virtual network peering
Microsoft.Network/virtualNetworks/virtualNetworkPeerings/readGets a virtual network peering definition
Microsoft.Network/virtualNetworks/virtualNetworkPeerings/writeCreates a virtual network peering or updates an existing virtual network peering
Microsoft.Network/virtualNetworks/writeCreates a virtual network or updates an existing virtual network
Microsoft.Resources/deployments/cancel/actionCancels a deployment.
Microsoft.Resources/deployments/deleteDeletes a deployment.
Microsoft.Resources/deployments/exportTemplate/actionExport template for a deployment
Microsoft.Resources/deployments/operations/readGets or lists deployment operations.
Microsoft.Resources/deployments/operationstatuses/readGets or lists deployment operation statuses.
Microsoft.Resources/deployments/readGets or lists deployments.
Microsoft.Resources/deployments/validate/actionValidates an deployment.
Microsoft.Resources/deployments/whatIf/actionPredicts template deployment changes.
Microsoft.Resources/deployments/writeCreates or updates an deployment.
Microsoft.Resources/subscriptions/resourceGroups/readGets or lists resource groups.
NotActions n/a
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy		 none
JSON
api-version=2023-07-01-preview
Condition none