From 678cfae819653008a917d58c7c1217c7952bc19d Mon Sep 17 00:00:00 2001 From: "Ian Mckay [bot]" Date: Thu, 19 Sep 2024 14:02:47 +0000 Subject: [PATCH] Update SAR data --- aws/historic_counts.json | 8 + aws/iam_definition.json | 108 +- aws/managed_policies.json | 59 + .../AWSDirectoryServiceDataFullAccess.json | 131 + ...AWSDirectoryServiceDataReadOnlyAccess.json | 86 + aws/managedpolicies/AWSIoTFullAccess.json | 30 + aws/managedpolicies/AdministratorAccess.json | 50 + aws/managedpolicies/PowerUserAccess.json | 50 + aws/managedpolicies/ReadOnlyAccess.json | 10 + aws/managedpolicies/SecurityAudit.json | 10 + aws/managedpolicies/SupportUser.json | 10 + aws/managedpolicies/ViewOnlyAccess.json | 10 + azure/api.json | 88 +- azure/built-in-roles-raw.json | 1910 +- azure/built-in-roles.json | 25226 ++++++++-------- azure/map.json | 10 + azure/provider-operations.json | 24 + gcp/map.json | 52 +- gcp/predefined_roles.json | 64 +- gcp/role_permissions.json | 240 +- gcp/roles/apigee.deploymentInvoker.json | 2 +- ...icompanion.codeRepositoryIndexesAdmin.json | 2 +- ...companion.codeRepositoryIndexesViewer.json | 2 +- ...cloudaicompanion.repositoryGroupsUser.json | 2 +- gcp/roles/cloudaicompanion.user.json | 4 +- gcp/roles/cloudkms.autokeyUser.json | 1 + gcp/roles/cloudtrace.admin.json | 1 + gcp/roles/cloudtrace.user.json | 1 + gcp/roles/datacatalog.glossaryOwner.json | 3 +- gcp/roles/datacatalog.glossaryUser.json | 3 +- gcp/roles/dialogflow.serviceAgent.json | 4 + gcp/roles/firebase.developViewer.json | 2 + gcp/roles/firebase.growthAdmin.json | 2 + gcp/roles/firebase.growthViewer.json | 2 + gcp/roles/firebase.qualityAdmin.json | 2 + gcp/roles/firebase.qualityViewer.json | 2 + gcp/roles/firebase.viewer.json | 2 + gcp/roles/managedkafka.serviceAgent.json | 1 + gcp/roles/metastore.serviceAgent.json | 1 + gcp/roles/run.serviceAgent.json | 2 - gcp/roles/seclm.serviceAgent.json | 7 +- gcp/roles/serverless.serviceAgent.json | 2 - gcp/tags.json | 202 +- util/aws_js/iam_definition.json | 108 +- 44 files changed, 14436 insertions(+), 14100 deletions(-) create mode 100644 aws/managedpolicies/AWSDirectoryServiceDataFullAccess.json create mode 100644 aws/managedpolicies/AWSDirectoryServiceDataReadOnlyAccess.json diff --git a/aws/historic_counts.json b/aws/historic_counts.json index 42d408de1..8da26e442 100644 --- a/aws/historic_counts.json +++ b/aws/historic_counts.json @@ -6279,6 +6279,10 @@ { "count": 15536, "date": "2024-09-18T13:54:00" + }, + { + "count": 15536, + "date": "2024-09-19T14:02:43" } ], "iam": [ @@ -11153,6 +11157,10 @@ { "count": 17172, "date": "2024-09-18T13:54:00" + }, + { + "count": 17177, + "date": "2024-09-19T14:02:43" } ] } \ No newline at end of file diff --git a/aws/iam_definition.json b/aws/iam_definition.json index 4db00ca76..a40e1df76 100644 --- a/aws/iam_definition.json +++ b/aws/iam_definition.json @@ -4202,7 +4202,9 @@ "resource_types": [ { "condition_keys": [], - "dependent_actions": [], + "dependent_actions": [ + "s3:ListAllMyBuckets" + ], "resource_type": "" } ] @@ -147413,6 +147415,20 @@ } ] }, + { + "access_level": "Write", + "description": "Grants permission to associate SBOM files to a package version", + "privilege": "AssociateSbomWithPackageVersion", + "resource_types": [ + { + "condition_keys": [], + "dependent_actions": [ + "iot:GetIndexingConfiguration" + ], + "resource_type": "packageversion*" + } + ] + }, { "access_level": "Write", "description": "Grants permission to associate a group with a continuous job", @@ -147987,7 +148003,8 @@ { "condition_keys": [], "dependent_actions": [ - "iot:GetIndexingConfiguration" + "iot:GetIndexingConfiguration", + "s3:GetObjectVersion" ], "resource_type": "package*" }, @@ -149222,6 +149239,18 @@ } ] }, + { + "access_level": "Write", + "description": "Grants permission to disassociate SBOM files from a package version", + "privilege": "DisassociateSbomFromPackageVersion", + "resource_types": [ + { + "condition_keys": [], + "dependent_actions": [], + "resource_type": "packageversion*" + } + ] + }, { "access_level": "Write", "description": "Grants permission to enable the specified rule", @@ -150000,6 +150029,18 @@ } ] }, + { + "access_level": "List", + "description": "Grants permission to list SBOM validation results of a package version", + "privilege": "ListSbomValidationResults", + "resource_types": [ + { + "condition_keys": [], + "dependent_actions": [], + "resource_type": "packageversion*" + } + ] + }, { "access_level": "List", "description": "Grants permission to list all of your scheduled audits", @@ -151248,7 +151289,8 @@ { "condition_keys": [], "dependent_actions": [ - "iot:GetIndexingConfiguration" + "iot:GetIndexingConfiguration", + "s3:GetObjectVersion" ], "resource_type": "package*" }, @@ -240465,6 +240507,16 @@ "condition": "s3express:x-amz-content-sha256", "description": "Filters access by unsigned content in your bucket", "type": "String" + }, + { + "condition": "s3express:x-amz-server-side-encryption", + "description": "Filters access by server-side encryption", + "type": "String" + }, + { + "condition": "s3express:x-amz-server-side-encryption-aws-kms-key-id", + "description": "Filters access by AWS KMS customer managed key for server-side encryption", + "type": "ARN" } ], "prefix": "s3express", @@ -240486,7 +240538,9 @@ "s3express:ResourceAccount", "s3express:signatureversion", "s3express:TlsVersion", - "s3express:x-amz-content-sha256" + "s3express:x-amz-content-sha256", + "s3express:x-amz-server-side-encryption", + "s3express:x-amz-server-side-encryption-aws-kms-key-id" ], "dependent_actions": [], "resource_type": "" @@ -240587,6 +240641,29 @@ } ] }, + { + "access_level": "Read", + "description": "Grants permission to return the default encryption configuration for a directory bucket", + "privilege": "GetEncryptionConfiguration", + "resource_types": [ + { + "condition_keys": [], + "dependent_actions": [], + "resource_type": "bucket*" + }, + { + "condition_keys": [ + "s3express:authType", + "s3express:ResourceAccount", + "s3express:signatureversion", + "s3express:TlsVersion", + "s3express:x-amz-content-sha256" + ], + "dependent_actions": [], + "resource_type": "" + } + ] + }, { "access_level": "List", "description": "Grants permission to list all directory buckets owned by the authenticated sender of the request", @@ -240627,6 +240704,29 @@ "resource_type": "" } ] + }, + { + "access_level": "Write", + "description": "Grants permission to set the encryption configuration for a directory bucket", + "privilege": "PutEncryptionConfiguration", + "resource_types": [ + { + "condition_keys": [], + "dependent_actions": [], + "resource_type": "bucket*" + }, + { + "condition_keys": [ + "s3express:authType", + "s3express:ResourceAccount", + "s3express:signatureversion", + "s3express:TlsVersion", + "s3express:x-amz-content-sha256" + ], + "dependent_actions": [], + "resource_type": "" + } + ] } ], "resources": [ diff --git a/aws/managed_policies.json b/aws/managed_policies.json index c2e5c7068..c5d0ab84d 100644 --- a/aws/managed_policies.json +++ b/aws/managed_policies.json @@ -9469,6 +9469,7 @@ "iot:AcceptCertificateTransfer", "iot:AddThingToBillingGroup", "iot:AddThingToThingGroup", + "iot:AssociateSbomWithPackageVersion", "iot:AssociateTargetsWithJob", "iot:AttachPolicy", "iot:AttachPrincipalPolicy", @@ -9591,6 +9592,7 @@ "iot:DetachSecurityProfile", "iot:DetachThingPrincipal", "iot:DisableTopicRule", + "iot:DisassociateSbomFromPackageVersion", "iot:EnableTopicRule", "iot:GetBehaviorModelTrainingSummaries", "iot:GetBucketsAggregation", @@ -9655,6 +9657,7 @@ "iot:ListRelatedResourcesForAuditFinding", "iot:ListRetainedMessages", "iot:ListRoleAliases", + "iot:ListSbomValidationResults", "iot:ListScheduledAudits", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", @@ -15021,8 +15024,10 @@ "s3express:DeleteBucket", "s3express:DeleteBucketPolicy", "s3express:GetBucketPolicy", + "s3express:GetEncryptionConfiguration", "s3express:ListAllMyDirectoryBuckets", "s3express:PutBucketPolicy", + "s3express:PutEncryptionConfiguration", "sagemaker:AddAssociation", "sagemaker:AddTags", "sagemaker:AssociateTrialComponent", @@ -22653,6 +22658,7 @@ "iot:ListRelatedResourcesForAuditFinding", "iot:ListRetainedMessages", "iot:ListRoleAliases", + "iot:ListSbomValidationResults", "iot:ListScheduledAudits", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", @@ -31295,6 +31301,7 @@ "iot:ListRelatedResourcesForAuditFinding", "iot:ListRetainedMessages", "iot:ListRoleAliases", + "iot:ListSbomValidationResults", "iot:ListScheduledAudits", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", @@ -70023,6 +70030,7 @@ "iot:AcceptCertificateTransfer", "iot:AddThingToBillingGroup", "iot:AddThingToThingGroup", + "iot:AssociateSbomWithPackageVersion", "iot:AssociateTargetsWithJob", "iot:AttachPolicy", "iot:AttachPrincipalPolicy", @@ -70145,6 +70153,7 @@ "iot:DetachSecurityProfile", "iot:DetachThingPrincipal", "iot:DisableTopicRule", + "iot:DisassociateSbomFromPackageVersion", "iot:EnableTopicRule", "iot:GetBehaviorModelTrainingSummaries", "iot:GetBucketsAggregation", @@ -70209,6 +70218,7 @@ "iot:ListRelatedResourcesForAuditFinding", "iot:ListRetainedMessages", "iot:ListRoleAliases", + "iot:ListSbomValidationResults", "iot:ListScheduledAudits", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", @@ -75520,8 +75530,10 @@ "s3express:DeleteBucket", "s3express:DeleteBucketPolicy", "s3express:GetBucketPolicy", + "s3express:GetEncryptionConfiguration", "s3express:ListAllMyDirectoryBuckets", "s3express:PutBucketPolicy", + "s3express:PutEncryptionConfiguration", "sagemaker:AddAssociation", "sagemaker:AddTags", "sagemaker:AssociateTrialComponent", @@ -84732,6 +84744,7 @@ "iot:AcceptCertificateTransfer", "iot:AddThingToBillingGroup", "iot:AddThingToThingGroup", + "iot:AssociateSbomWithPackageVersion", "iot:AssociateTargetsWithJob", "iot:AttachPolicy", "iot:AttachPrincipalPolicy", @@ -84854,6 +84867,7 @@ "iot:DetachSecurityProfile", "iot:DetachThingPrincipal", "iot:DisableTopicRule", + "iot:DisassociateSbomFromPackageVersion", "iot:EnableTopicRule", "iot:GetBehaviorModelTrainingSummaries", "iot:GetBucketsAggregation", @@ -84918,6 +84932,7 @@ "iot:ListRelatedResourcesForAuditFinding", "iot:ListRetainedMessages", "iot:ListRoleAliases", + "iot:ListSbomValidationResults", "iot:ListScheduledAudits", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", @@ -90146,6 +90161,7 @@ "iot:ListRelatedResourcesForAuditFinding", "iot:ListRetainedMessages", "iot:ListRoleAliases", + "iot:ListSbomValidationResults", "iot:ListScheduledAudits", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", @@ -104537,6 +104553,27 @@ "updatedate": "2021-09-29T14:43:09+00:00", "version": "v1" }, + { + "access_levels": [ + "Permissions management" + ], + "arn": "arn:aws:iam::aws:policy/AWSDirectoryServiceDataFullAccess", + "createdate": "2024-09-18T21:45:17Z", + "credentials_exposure": false, + "data_access": false, + "deprecated": false, + "effective_action_names": [ + "ds:AccessDSData" + ], + "malformed": false, + "name": "AWSDirectoryServiceDataFullAccess", + "privesc": false, + "resource_exposure": false, + "undocumented_actions": false, + "unknown_actions": true, + "updatedate": "2024-09-18T21:45:17+00:00", + "version": "v1" + }, { "access_levels": [ "List", @@ -122167,6 +122204,27 @@ "updatedate": "2015-02-06T18:40:43+00:00", "version": "v1" }, + { + "access_levels": [ + "Permissions management" + ], + "arn": "arn:aws:iam::aws:policy/AWSDirectoryServiceDataReadOnlyAccess", + "createdate": "2024-09-18T22:00:34Z", + "credentials_exposure": false, + "data_access": false, + "deprecated": false, + "effective_action_names": [ + "ds:AccessDSData" + ], + "malformed": false, + "name": "AWSDirectoryServiceDataReadOnlyAccess", + "privesc": false, + "resource_exposure": false, + "undocumented_actions": false, + "unknown_actions": true, + "updatedate": "2024-09-18T22:00:34+00:00", + "version": "v1" + }, { "access_levels": [ "List", @@ -133961,6 +134019,7 @@ "iot:ListRelatedResourcesForAuditFinding", "iot:ListRetainedMessages", "iot:ListRoleAliases", + "iot:ListSbomValidationResults", "iot:ListScheduledAudits", "iot:ListSecurityProfiles", "iot:ListSecurityProfilesForTarget", diff --git a/aws/managedpolicies/AWSDirectoryServiceDataFullAccess.json b/aws/managedpolicies/AWSDirectoryServiceDataFullAccess.json new file mode 100644 index 000000000..55833ba5d --- /dev/null +++ b/aws/managedpolicies/AWSDirectoryServiceDataFullAccess.json @@ -0,0 +1,131 @@ +{ + "access_levels": [ + "Permissions management" + ], + "arn": "arn:aws:iam::aws:policy/AWSDirectoryServiceDataFullAccess", + "createdate": "2024-09-18T21:45:17Z", + "credentials_exposure": false, + "data_access": false, + "deprecated": false, + "document": { + "Statement": [ + { + "Action": [ + "ds:AccessDSData", + "ds-data:AddGroupMember", + "ds-data:CreateGroup", + "ds-data:CreateUser", + "ds-data:DeleteGroup", + "ds-data:DeleteUser", + "ds-data:DescribeGroup", + "ds-data:DescribeUser", + "ds-data:DisableUser", + "ds-data:ListGroupMembers", + "ds-data:ListGroups", + "ds-data:ListGroupsForMember", + "ds-data:ListUsers", + "ds-data:RemoveGroupMember", + "ds-data:SearchGroups", + "ds-data:SearchUsers", + "ds-data:UpdateGroup", + "ds-data:UpdateUser" + ], + "Effect": "Allow", + "Resource": [ + "arn:aws:ds:*:*:directory/*" + ], + "Sid": "DSDataFullAccess" + } + ], + "Version": "2012-10-17" + }, + "effective_actions": [ + { + "access_level": "Permissions management", + "action": "ds:AccessDSData", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "ds:AccessDSData", + "privesc": false, + "resource_exposure": false + } + ], + "malformed": false, + "name": "AWSDirectoryServiceDataFullAccess", + "privesc": false, + "resource_exposure": false, + "undocumented_actions": false, + "unknown_actions": [ + { + "action": "ds-data:AddGroupMember", + "condition": null + }, + { + "action": "ds-data:CreateGroup", + "condition": null + }, + { + "action": "ds-data:CreateUser", + "condition": null + }, + { + "action": "ds-data:DeleteGroup", + "condition": null + }, + { + "action": "ds-data:DeleteUser", + "condition": null + }, + { + "action": "ds-data:DescribeGroup", + "condition": null + }, + { + "action": "ds-data:DescribeUser", + "condition": null + }, + { + "action": "ds-data:DisableUser", + "condition": null + }, + { + "action": "ds-data:ListGroupMembers", + "condition": null + }, + { + "action": "ds-data:ListGroups", + "condition": null + }, + { + "action": "ds-data:ListGroupsForMember", + "condition": null + }, + { + "action": "ds-data:ListUsers", + "condition": null + }, + { + "action": "ds-data:RemoveGroupMember", + "condition": null + }, + { + "action": "ds-data:SearchGroups", + "condition": null + }, + { + "action": "ds-data:SearchUsers", + "condition": null + }, + { + "action": "ds-data:UpdateGroup", + "condition": null + }, + { + "action": "ds-data:UpdateUser", + "condition": null + } + ], + "updatedate": "2024-09-18T21:45:17+00:00", + "version": "v1" +} \ No newline at end of file diff --git a/aws/managedpolicies/AWSDirectoryServiceDataReadOnlyAccess.json b/aws/managedpolicies/AWSDirectoryServiceDataReadOnlyAccess.json new file mode 100644 index 000000000..9f58ff68d --- /dev/null +++ b/aws/managedpolicies/AWSDirectoryServiceDataReadOnlyAccess.json @@ -0,0 +1,86 @@ +{ + "access_levels": [ + "Permissions management" + ], + "arn": "arn:aws:iam::aws:policy/AWSDirectoryServiceDataReadOnlyAccess", + "createdate": "2024-09-18T22:00:34Z", + "credentials_exposure": false, + "data_access": false, + "deprecated": false, + "document": { + "Statement": [ + { + "Action": [ + "ds:AccessDSData", + "ds-data:DescribeGroup", + "ds-data:DescribeUser", + "ds-data:ListGroupMembers", + "ds-data:ListGroups", + "ds-data:ListGroupsForMember", + "ds-data:ListUsers", + "ds-data:SearchGroups", + "ds-data:SearchUsers" + ], + "Effect": "Allow", + "Resource": [ + "arn:aws:ds:*:*:directory/*" + ], + "Sid": "DSDataReadOnlyAccess" + } + ], + "Version": "2012-10-17" + }, + "effective_actions": [ + { + "access_level": "Permissions management", + "action": "ds:AccessDSData", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "ds:AccessDSData", + "privesc": false, + "resource_exposure": false + } + ], + "malformed": false, + "name": "AWSDirectoryServiceDataReadOnlyAccess", + "privesc": false, + "resource_exposure": false, + "undocumented_actions": false, + "unknown_actions": [ + { + "action": "ds-data:DescribeGroup", + "condition": null + }, + { + "action": "ds-data:DescribeUser", + "condition": null + }, + { + "action": "ds-data:ListGroupMembers", + "condition": null + }, + { + "action": "ds-data:ListGroups", + "condition": null + }, + { + "action": "ds-data:ListGroupsForMember", + "condition": null + }, + { + "action": "ds-data:ListUsers", + "condition": null + }, + { + "action": "ds-data:SearchGroups", + "condition": null + }, + { + "action": "ds-data:SearchUsers", + "condition": null + } + ], + "updatedate": "2024-09-18T22:00:34+00:00", + "version": "v1" +} \ No newline at end of file diff --git a/aws/managedpolicies/AWSIoTFullAccess.json b/aws/managedpolicies/AWSIoTFullAccess.json index a9e78f948..2e6ff7210 100644 --- a/aws/managedpolicies/AWSIoTFullAccess.json +++ b/aws/managedpolicies/AWSIoTFullAccess.json @@ -55,6 +55,16 @@ "privesc": false, "resource_exposure": false }, + { + "access_level": "Write", + "action": "iot:*", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "iot:AssociateSbomWithPackageVersion", + "privesc": false, + "resource_exposure": false + }, { "access_level": "Write", "action": "iot:*", @@ -1275,6 +1285,16 @@ "privesc": false, "resource_exposure": false }, + { + "access_level": "Write", + "action": "iot:*", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "iot:DisassociateSbomFromPackageVersion", + "privesc": false, + "resource_exposure": false + }, { "access_level": "Write", "action": "iot:*", @@ -1915,6 +1935,16 @@ "privesc": false, "resource_exposure": false }, + { + "access_level": "List", + "action": "iot:*", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "iot:ListSbomValidationResults", + "privesc": false, + "resource_exposure": false + }, { "access_level": "List", "action": "iot:*", diff --git a/aws/managedpolicies/AdministratorAccess.json b/aws/managedpolicies/AdministratorAccess.json index 383f87eca..9cdf65a38 100644 --- a/aws/managedpolicies/AdministratorAccess.json +++ b/aws/managedpolicies/AdministratorAccess.json @@ -82825,6 +82825,16 @@ "privesc": false, "resource_exposure": false }, + { + "access_level": "Write", + "action": "*", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "iot:AssociateSbomWithPackageVersion", + "privesc": false, + "resource_exposure": false + }, { "access_level": "Write", "action": "*", @@ -84045,6 +84055,16 @@ "privesc": false, "resource_exposure": false }, + { + "access_level": "Write", + "action": "*", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "iot:DisassociateSbomFromPackageVersion", + "privesc": false, + "resource_exposure": false + }, { "access_level": "Write", "action": "*", @@ -84685,6 +84705,16 @@ "privesc": false, "resource_exposure": false }, + { + "access_level": "List", + "action": "*", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "iot:ListSbomValidationResults", + "privesc": false, + "resource_exposure": false + }, { "access_level": "List", "action": "*", @@ -138345,6 +138375,16 @@ "privesc": false, "resource_exposure": false }, + { + "access_level": "Read", + "action": "*", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "s3express:GetEncryptionConfiguration", + "privesc": false, + "resource_exposure": false + }, { "access_level": "List", "action": "*", @@ -138365,6 +138405,16 @@ "privesc": false, "resource_exposure": false }, + { + "access_level": "Write", + "action": "*", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "s3express:PutEncryptionConfiguration", + "privesc": false, + "resource_exposure": false + }, { "access_level": "Write", "action": "*", diff --git a/aws/managedpolicies/PowerUserAccess.json b/aws/managedpolicies/PowerUserAccess.json index 503a2890a..59d14e13a 100644 --- a/aws/managedpolicies/PowerUserAccess.json +++ b/aws/managedpolicies/PowerUserAccess.json @@ -80970,6 +80970,16 @@ "privesc": false, "resource_exposure": false }, + { + "access_level": "Write", + "action": "NotAction", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "iot:AssociateSbomWithPackageVersion", + "privesc": false, + "resource_exposure": false + }, { "access_level": "Write", "action": "NotAction", @@ -82190,6 +82200,16 @@ "privesc": false, "resource_exposure": false }, + { + "access_level": "Write", + "action": "NotAction", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "iot:DisassociateSbomFromPackageVersion", + "privesc": false, + "resource_exposure": false + }, { "access_level": "Write", "action": "NotAction", @@ -82830,6 +82850,16 @@ "privesc": false, "resource_exposure": false }, + { + "access_level": "List", + "action": "NotAction", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "iot:ListSbomValidationResults", + "privesc": false, + "resource_exposure": false + }, { "access_level": "List", "action": "NotAction", @@ -135940,6 +135970,16 @@ "privesc": false, "resource_exposure": false }, + { + "access_level": "Read", + "action": "NotAction", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "s3express:GetEncryptionConfiguration", + "privesc": false, + "resource_exposure": false + }, { "access_level": "List", "action": "NotAction", @@ -135960,6 +136000,16 @@ "privesc": false, "resource_exposure": false }, + { + "access_level": "Write", + "action": "NotAction", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "s3express:PutEncryptionConfiguration", + "privesc": false, + "resource_exposure": false + }, { "access_level": "Write", "action": "NotAction", diff --git a/aws/managedpolicies/ReadOnlyAccess.json b/aws/managedpolicies/ReadOnlyAccess.json index ffece32d4..16ebb93e7 100644 --- a/aws/managedpolicies/ReadOnlyAccess.json +++ b/aws/managedpolicies/ReadOnlyAccess.json @@ -30958,6 +30958,16 @@ "privesc": false, "resource_exposure": false }, + { + "access_level": "List", + "action": "iot:List*", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "iot:ListSbomValidationResults", + "privesc": false, + "resource_exposure": false + }, { "access_level": "List", "action": "iot:List*", diff --git a/aws/managedpolicies/SecurityAudit.json b/aws/managedpolicies/SecurityAudit.json index f817ef267..81ddd191b 100644 --- a/aws/managedpolicies/SecurityAudit.json +++ b/aws/managedpolicies/SecurityAudit.json @@ -13452,6 +13452,16 @@ "privesc": false, "resource_exposure": false }, + { + "access_level": "List", + "action": "iot:List*", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "iot:ListSbomValidationResults", + "privesc": false, + "resource_exposure": false + }, { "access_level": "List", "action": "iot:List*", diff --git a/aws/managedpolicies/SupportUser.json b/aws/managedpolicies/SupportUser.json index b2eaae8d9..c001b58d4 100644 --- a/aws/managedpolicies/SupportUser.json +++ b/aws/managedpolicies/SupportUser.json @@ -10401,6 +10401,16 @@ "privesc": false, "resource_exposure": false }, + { + "access_level": "List", + "action": "iot:List*", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "iot:ListSbomValidationResults", + "privesc": false, + "resource_exposure": false + }, { "access_level": "List", "action": "iot:List*", diff --git a/aws/managedpolicies/ViewOnlyAccess.json b/aws/managedpolicies/ViewOnlyAccess.json index cce1a91c1..4612b47ad 100644 --- a/aws/managedpolicies/ViewOnlyAccess.json +++ b/aws/managedpolicies/ViewOnlyAccess.json @@ -7448,6 +7448,16 @@ "privesc": false, "resource_exposure": false }, + { + "access_level": "List", + "action": "iot:List*", + "condition": null, + "credentials_exposure": false, + "data_access": false, + "effective_action": "iot:ListSbomValidationResults", + "privesc": false, + "resource_exposure": false + }, { "access_level": "List", "action": "iot:List*", diff --git a/azure/api.json b/azure/api.json index 24a4c243f..65ac24b8a 100644 --- a/azure/api.json +++ b/azure/api.json @@ -63603,7 +63603,8 @@ "2023-10-01-preview", "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/flexibleServers/{serverName}/administrators/{administratorName}": { @@ -63776,7 +63777,8 @@ "2023-10-01-preview", "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/providers/Microsoft.DBforMySQL/locations/{locationName}/capabilities": { @@ -63968,7 +63970,8 @@ "2023-10-01-preview", "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/flexibleServers/{serverName}": { @@ -63985,7 +63988,8 @@ "2023-10-01-preview", "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/flexibleServers/{serverName}/administrators": { @@ -64017,7 +64021,8 @@ "2023-10-01-preview", "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/flexibleServers/{serverName}/advancedThreatProtectionSettings/{advancedThreatProtectionName}": { @@ -64027,7 +64032,8 @@ "2023-10-01-preview", "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/flexibleServers/{serverName}/backups": { @@ -64227,7 +64233,8 @@ "2023-10-01-preview", "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/servers": { @@ -64555,7 +64562,8 @@ "2023-10-01-preview", "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/flexibleServers/{serverName}/advancedThreatProtectionSettings/{advancedThreatProtectionName}": { @@ -64565,7 +64573,8 @@ "2023-10-01-preview", "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/flexibleServers/{serverName}/configurations/{configurationName}": { @@ -64738,14 +64747,16 @@ "2023-10-01-preview", "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/flexibleServers/{serverName}/detachVNet": { "description": "Detach VNet on a server.", "operationId": "Servers_DetachVNet", "versions": [ - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/flexibleServers/{serverName}/failover": { @@ -64762,7 +64773,8 @@ "2023-10-01-preview", "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/flexibleServers/{serverName}/resetGtid": { @@ -64775,7 +64787,8 @@ "2023-10-01-preview", "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/flexibleServers/{serverName}/restart": { @@ -64792,7 +64805,8 @@ "2023-10-01-preview", "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/flexibleServers/{serverName}/start": { @@ -64809,7 +64823,8 @@ "2023-10-01-preview", "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/flexibleServers/{serverName}/stop": { @@ -64826,7 +64841,8 @@ "2023-10-01-preview", "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/flexibleServers/{serverName}/updateConfigurations": { @@ -64859,7 +64875,8 @@ "versions": [ "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/servers/{serverName}/advisors/{advisorName}/createRecommendedActionSession": { @@ -64963,7 +64980,8 @@ "2023-10-01-preview", "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/flexibleServers/{serverName}/administrators/{administratorName}": { @@ -64983,7 +65001,8 @@ "versions": [ "2023-12-01-preview", "2023-12-30", - "2024-02-01-preview" + "2024-02-01-preview", + "2024-06-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/flexibleServers/{serverName}/backups/{backupName}": { @@ -133354,7 +133373,8 @@ "description": "Delete a pipeline group instance.", "operationId": "PipelineGroups_Delete", "versions": [ - "2023-10-01-preview" + "2023-10-01-preview", + "2024-10-01-preview" ] } }, @@ -133365,7 +133385,8 @@ "versions": [ "2021-06-03-preview", "2023-04-03", - "2023-10-01-preview" + "2023-10-01-preview", + "2024-10-01-preview" ] }, "/subscriptions/{subscriptionId}/providers/Microsoft.Monitor/accounts": { @@ -133381,7 +133402,8 @@ "description": "Lists all workspaces in the specified subscription", "operationId": "PipelineGroups_ListBySubscription", "versions": [ - "2023-10-01-preview" + "2023-10-01-preview", + "2024-10-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Monitor/accounts": { @@ -133406,14 +133428,16 @@ "description": "Lists all workspaces in the specified resource group", "operationId": "PipelineGroups_ListByResourceGroup", "versions": [ - "2023-10-01-preview" + "2023-10-01-preview", + "2024-10-01-preview" ] }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Monitor/pipelineGroups/{pipelineGroupName}": { "description": "Returns the specific pipeline group instance.", "operationId": "PipelineGroups_Get", "versions": [ - "2023-10-01-preview" + "2023-10-01-preview", + "2024-10-01-preview" ] } }, @@ -133431,7 +133455,8 @@ "description": "Updates a pipeline group instance", "operationId": "PipelineGroups_Update", "versions": [ - "2023-10-01-preview" + "2023-10-01-preview", + "2024-10-01-preview" ] } }, @@ -133449,7 +133474,8 @@ "description": "Create or update a pipeline group instance.", "operationId": "PipelineGroups_CreateOrUpdate", "versions": [ - "2023-10-01-preview" + "2023-10-01-preview", + "2024-10-01-preview" ] } } @@ -200713,7 +200739,7 @@ "2024-05-01-preview" ] }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ServiceNetworking/trafficControllers/{trafficControllerName}/securityPolicy/{securityPolicyName}": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ServiceNetworking/trafficControllers/{trafficControllerName}/securityPolicies/{securityPolicyName}": { "description": "Delete a SecurityPolicy", "operationId": "SecurityPoliciesInterface_Delete", "versions": [ @@ -200802,14 +200828,14 @@ "2024-05-01-preview" ] }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ServiceNetworking/trafficControllers/{trafficControllerName}/securityPolicy": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ServiceNetworking/trafficControllers/{trafficControllerName}/securityPolicies": { "description": "List SecurityPolicy resources by TrafficController", "operationId": "SecurityPoliciesInterface_ListByTrafficController", "versions": [ "2024-05-01-preview" ] }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ServiceNetworking/trafficControllers/{trafficControllerName}/securityPolicy/{securityPolicyName}": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ServiceNetworking/trafficControllers/{trafficControllerName}/securityPolicies/{securityPolicyName}": { "description": "Get a SecurityPolicy", "operationId": "SecurityPoliciesInterface_Get", "versions": [ @@ -200848,7 +200874,7 @@ "2024-05-01-preview" ] }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ServiceNetworking/trafficControllers/{trafficControllerName}/securityPolicy/{securityPolicyName}": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ServiceNetworking/trafficControllers/{trafficControllerName}/securityPolicies/{securityPolicyName}": { "description": "Update a SecurityPolicy", "operationId": "SecurityPoliciesInterface_Update", "versions": [ @@ -200887,7 +200913,7 @@ "2024-05-01-preview" ] }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ServiceNetworking/trafficControllers/{trafficControllerName}/securityPolicy/{securityPolicyName}": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ServiceNetworking/trafficControllers/{trafficControllerName}/securityPolicies/{securityPolicyName}": { "description": "Create a SecurityPolicy", "operationId": "SecurityPoliciesInterface_CreateOrUpdate", "versions": [ diff --git a/azure/built-in-roles-raw.json b/azure/built-in-roles-raw.json index 255b71537..2184f4156 100644 --- a/azure/built-in-roles-raw.json +++ b/azure/built-in-roles-raw.json @@ -10496,13 +10496,14 @@ "assignableScopes": [ "/" ], - "description": "Arc ScVmm VM Contributor has permissions to perform all VM actions.", - "name": "e582369a-e17b-42a5-b10c-874c387c530b", + "description": "Azure Arc ScVmm Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vmm server instances to Azure.", + "name": "6aac74c4-6311-40d2-bbdd-7d01e7c6e3a9", "permissions": [ { "actions": [ - "microsoft.scvmm/virtualmachines/*", - "microsoft.scvmm/virtualMachineInstances/*", + "microsoft.scvmm/vmmservers/Read", + "microsoft.scvmm/vmmservers/Write", + "microsoft.scvmm/vmmservers/Delete", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -10529,36 +10530,7 @@ "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/operationresults/read", "Microsoft.ExtendedLocation/customLocations/Read", - "Microsoft.ExtendedLocation/customLocations/deploy/action", - "Microsoft.HybridCompute/machines/read", - "Microsoft.HybridCompute/machines/write", - "Microsoft.HybridCompute/machines/delete", - "Microsoft.HybridCompute/machines/UpgradeExtensions/action", - "Microsoft.HybridCompute/machines/assessPatches/action", - "Microsoft.HybridCompute/machines/installPatches/action", - "Microsoft.HybridCompute/machines/extensions/read", - "Microsoft.HybridCompute/machines/extensions/write", - "Microsoft.HybridCompute/machines/extensions/delete", - "Microsoft.HybridCompute/operations/read", - "Microsoft.HybridCompute/locations/operationresults/read", - "Microsoft.HybridCompute/locations/operationstatus/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", - "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", - "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", - "Microsoft.HybridCompute/osType/agentVersions/read", - "Microsoft.HybridCompute/osType/agentVersions/latest/read", - "Microsoft.HybridCompute/machines/runcommands/read", - "Microsoft.HybridCompute/machines/runcommands/write", - "Microsoft.HybridCompute/machines/runcommands/delete", - "Microsoft.HybridCompute/machines/licenseProfiles/read", - "Microsoft.HybridCompute/machines/licenseProfiles/write", - "Microsoft.HybridCompute/machines/licenseProfiles/delete", - "Microsoft.HybridCompute/licenses/read", - "Microsoft.HybridCompute/licenses/write", - "Microsoft.HybridCompute/licenses/delete" + "Microsoft.ExtendedLocation/customLocations/deploy/action" ], "condition": null, "conditionVersion": null, @@ -10567,7 +10539,7 @@ "notDataActions": [] } ], - "roleName": "Azure Arc ScVmm VM Contributor", + "roleName": "Azure Arc ScVmm Private Clouds Onboarding", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -10575,12 +10547,13 @@ "assignableScopes": [ "/" ], - "description": "Arc ScVmm VM Administrator has permissions to perform all ScVmm actions.", - "name": "a92dfd61-77f9-4aec-a531-19858b406c87", + "description": "Arc ScVmm VM Contributor has permissions to perform all VM actions.", + "name": "e582369a-e17b-42a5-b10c-874c387c530b", "permissions": [ { "actions": [ - "Microsoft.ScVmm/*", + "microsoft.scvmm/virtualmachines/*", + "microsoft.scvmm/virtualMachineInstances/*", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -10645,7 +10618,7 @@ "notDataActions": [] } ], - "roleName": "Azure Arc ScVmm Administrator role", + "roleName": "Azure Arc ScVmm VM Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -10653,14 +10626,11 @@ "assignableScopes": [ "/" ], - "description": "Azure Arc ScVmm Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vmm server instances to Azure.", - "name": "6aac74c4-6311-40d2-bbdd-7d01e7c6e3a9", + "description": "Azure Arc ScVmm Private Cloud User has permissions to use the ScVmm resources to deploy VMs.", + "name": "c0781e91-8102-4553-8951-97c6d4243cda", "permissions": [ { "actions": [ - "microsoft.scvmm/vmmservers/Read", - "microsoft.scvmm/vmmservers/Write", - "microsoft.scvmm/vmmservers/Delete", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -10686,8 +10656,15 @@ "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/operationresults/read", + "microsoft.scvmm/virtualnetworks/join/action", + "microsoft.scvmm/virtualnetworks/Read", + "microsoft.scvmm/virtualmachinetemplates/clone/action", + "microsoft.scvmm/virtualmachinetemplates/Read", + "microsoft.scvmm/clouds/deploy/action", + "microsoft.scvmm/clouds/Read", "Microsoft.ExtendedLocation/customLocations/Read", - "Microsoft.ExtendedLocation/customLocations/deploy/action" + "Microsoft.ExtendedLocation/customLocations/deploy/action", + "Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read" ], "condition": null, "conditionVersion": null, @@ -10696,7 +10673,7 @@ "notDataActions": [] } ], - "roleName": "Azure Arc ScVmm Private Clouds Onboarding", + "roleName": "Azure Arc ScVmm Private Cloud User", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -10704,11 +10681,12 @@ "assignableScopes": [ "/" ], - "description": "Azure Arc ScVmm Private Cloud User has permissions to use the ScVmm resources to deploy VMs.", - "name": "c0781e91-8102-4553-8951-97c6d4243cda", + "description": "Arc ScVmm VM Administrator has permissions to perform all ScVmm actions.", + "name": "a92dfd61-77f9-4aec-a531-19858b406c87", "permissions": [ { "actions": [ + "Microsoft.ScVmm/*", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -10734,15 +10712,37 @@ "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/operationresults/read", - "microsoft.scvmm/virtualnetworks/join/action", - "microsoft.scvmm/virtualnetworks/Read", - "microsoft.scvmm/virtualmachinetemplates/clone/action", - "microsoft.scvmm/virtualmachinetemplates/Read", - "microsoft.scvmm/clouds/deploy/action", - "microsoft.scvmm/clouds/Read", "Microsoft.ExtendedLocation/customLocations/Read", "Microsoft.ExtendedLocation/customLocations/deploy/action", - "Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read" + "Microsoft.HybridCompute/machines/read", + "Microsoft.HybridCompute/machines/write", + "Microsoft.HybridCompute/machines/delete", + "Microsoft.HybridCompute/machines/UpgradeExtensions/action", + "Microsoft.HybridCompute/machines/assessPatches/action", + "Microsoft.HybridCompute/machines/installPatches/action", + "Microsoft.HybridCompute/machines/extensions/read", + "Microsoft.HybridCompute/machines/extensions/write", + "Microsoft.HybridCompute/machines/extensions/delete", + "Microsoft.HybridCompute/operations/read", + "Microsoft.HybridCompute/locations/operationresults/read", + "Microsoft.HybridCompute/locations/operationstatus/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", + "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", + "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", + "Microsoft.HybridCompute/osType/agentVersions/read", + "Microsoft.HybridCompute/osType/agentVersions/latest/read", + "Microsoft.HybridCompute/machines/runcommands/read", + "Microsoft.HybridCompute/machines/runcommands/write", + "Microsoft.HybridCompute/machines/runcommands/delete", + "Microsoft.HybridCompute/machines/licenseProfiles/read", + "Microsoft.HybridCompute/machines/licenseProfiles/write", + "Microsoft.HybridCompute/machines/licenseProfiles/delete", + "Microsoft.HybridCompute/licenses/read", + "Microsoft.HybridCompute/licenses/write", + "Microsoft.HybridCompute/licenses/delete" ], "condition": null, "conditionVersion": null, @@ -10751,7 +10751,7 @@ "notDataActions": [] } ], - "roleName": "Azure Arc ScVmm Private Cloud User", + "roleName": "Azure Arc ScVmm Administrator role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -10759,28 +10759,33 @@ "assignableScopes": [ "/" ], - "description": "Can read, create, modify and delete HDInsight on AKS cluster pools and create clusters", - "name": "7656b436-37d4-490a-a4ab-d39f838f0042", + "description": "Grants a user/group the ability to create, delete and manage clusters within a given cluster pool. Cluster Admin can also run workloads, monitor, and manage all user activity on these clusters.", + "name": "fd036e6b-1266-47a0-b0bb-a05d04831731", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.HDInsight/clusterPools/clusters/read", "Microsoft.HDInsight/clusterPools/clusters/write", - "Microsoft.HDInsight/clusterPools/delete", - "Microsoft.HDInsight/clusterPools/read", - "Microsoft.HDInsight/clusterPools/write", - "Microsoft.HDInsight/clusterpools/availableupgrades/read", - "Microsoft.HDInsight/clusterpools/upgrade/action", - "Microsoft.HDInsight/clusterPools/upgradehistories/read", + "Microsoft.HDInsight/clusterPools/clusters/delete", + "Microsoft.HDInsight/clusterPools/clusters/resize/action", + "Microsoft.HDInsight/clusterpools/clusters/instanceviews/read", + "Microsoft.HDInsight/clusterPools/clusters/jobs/read", + "Microsoft.HDInsight/clusterPools/clusters/runjob/action", + "Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read", + "Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read", + "Microsoft.HDInsight/clusterPools/clusters/upgrade/action", + "Microsoft.HDInsight/clusterPools/clusters/rollback/action", + "Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read", + "Microsoft.HDInsight/clusterPools/clusters/libraries/read", + "Microsoft.HDInsight/clusterPools/clusters/managelibraries/action", "Microsoft.ResourceHealth/availabilityStatuses/read", "Microsoft.Resources/deployments/operations/read", - "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/deployments/*/read", "Microsoft.Resources/deployments/read", + "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/deployments/write", "Microsoft.Resources/deployments/exportTemplate/action", - "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", "Microsoft.Resources/subscriptions/resourceGroups/read", @@ -10802,7 +10807,7 @@ "notDataActions": [] } ], - "roleName": "HDInsight on AKS Cluster Pool Admin", + "roleName": "HDInsight on AKS Cluster Admin", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -10810,33 +10815,28 @@ "assignableScopes": [ "/" ], - "description": "Grants a user/group the ability to create, delete and manage clusters within a given cluster pool. Cluster Admin can also run workloads, monitor, and manage all user activity on these clusters.", - "name": "fd036e6b-1266-47a0-b0bb-a05d04831731", + "description": "Can read, create, modify and delete HDInsight on AKS cluster pools and create clusters", + "name": "7656b436-37d4-490a-a4ab-d39f838f0042", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.HDInsight/clusterPools/clusters/read", "Microsoft.HDInsight/clusterPools/clusters/write", - "Microsoft.HDInsight/clusterPools/clusters/delete", - "Microsoft.HDInsight/clusterPools/clusters/resize/action", - "Microsoft.HDInsight/clusterpools/clusters/instanceviews/read", - "Microsoft.HDInsight/clusterPools/clusters/jobs/read", - "Microsoft.HDInsight/clusterPools/clusters/runjob/action", - "Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read", - "Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read", - "Microsoft.HDInsight/clusterPools/clusters/upgrade/action", - "Microsoft.HDInsight/clusterPools/clusters/rollback/action", - "Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read", - "Microsoft.HDInsight/clusterPools/clusters/libraries/read", - "Microsoft.HDInsight/clusterPools/clusters/managelibraries/action", + "Microsoft.HDInsight/clusterPools/delete", + "Microsoft.HDInsight/clusterPools/read", + "Microsoft.HDInsight/clusterPools/write", + "Microsoft.HDInsight/clusterpools/availableupgrades/read", + "Microsoft.HDInsight/clusterpools/upgrade/action", + "Microsoft.HDInsight/clusterPools/upgradehistories/read", "Microsoft.ResourceHealth/availabilityStatuses/read", "Microsoft.Resources/deployments/operations/read", + "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/deployments/*/read", "Microsoft.Resources/deployments/read", - "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/deployments/write", "Microsoft.Resources/deployments/exportTemplate/action", + "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", "Microsoft.Resources/subscriptions/resourceGroups/read", @@ -10858,7 +10858,7 @@ "notDataActions": [] } ], - "roleName": "HDInsight on AKS Cluster Admin", + "roleName": "HDInsight on AKS Cluster Pool Admin", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -11347,8 +11347,37 @@ "assignableScopes": [ "/" ], - "description": "Grants read/write access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace.  Applying this role at cluster scope will give access across all namespaces.", - "name": "5af6afb3-c06c-4fa4-8848-71a8aee05683", + "description": "Grants read/write access to all Kubernetes resources in the fleet-managed hub cluster.", + "name": "18ab4d3d-a1bf-4477-8ad9-8359bc988f69", + "permissions": [ + { + "actions": [ + "Microsoft.Authorization/*/read", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.ContainerService/fleets/read", + "Microsoft.ContainerService/fleets/listCredentials/action" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.ContainerService/fleets/*" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Kubernetes Fleet Manager RBAC Cluster Admin", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "assignableScopes": [ + "/" + ], + "description": "Grants read-only access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.", + "name": "30b27cfc-9c84-438e-b0ce-70e35255df80", "permissions": [ { "actions": [ @@ -11363,38 +11392,37 @@ "conditionVersion": null, "dataActions": [ "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", - "Microsoft.ContainerService/fleets/apps/daemonsets/*", - "Microsoft.ContainerService/fleets/apps/deployments/*", - "Microsoft.ContainerService/fleets/apps/statefulsets/*", - "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*", - "Microsoft.ContainerService/fleets/batch/cronjobs/*", - "Microsoft.ContainerService/fleets/batch/jobs/*", - "Microsoft.ContainerService/fleets/configmaps/*", - "Microsoft.ContainerService/fleets/endpoints/*", + "Microsoft.ContainerService/fleets/apps/daemonsets/read", + "Microsoft.ContainerService/fleets/apps/deployments/read", + "Microsoft.ContainerService/fleets/apps/statefulsets/read", + "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read", + "Microsoft.ContainerService/fleets/batch/cronjobs/read", + "Microsoft.ContainerService/fleets/batch/jobs/read", + "Microsoft.ContainerService/fleets/configmaps/read", + "Microsoft.ContainerService/fleets/endpoints/read", "Microsoft.ContainerService/fleets/events.k8s.io/events/read", "Microsoft.ContainerService/fleets/events/read", - "Microsoft.ContainerService/fleets/extensions/daemonsets/*", - "Microsoft.ContainerService/fleets/extensions/deployments/*", - "Microsoft.ContainerService/fleets/extensions/ingresses/*", - "Microsoft.ContainerService/fleets/extensions/networkpolicies/*", + "Microsoft.ContainerService/fleets/extensions/daemonsets/read", + "Microsoft.ContainerService/fleets/extensions/deployments/read", + "Microsoft.ContainerService/fleets/extensions/ingresses/read", + "Microsoft.ContainerService/fleets/extensions/networkpolicies/read", "Microsoft.ContainerService/fleets/limitranges/read", "Microsoft.ContainerService/fleets/namespaces/read", - "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*", - "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*", - "Microsoft.ContainerService/fleets/persistentvolumeclaims/*", - "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*", - "Microsoft.ContainerService/fleets/replicationcontrollers/*", - "Microsoft.ContainerService/fleets/replicationcontrollers/*", + "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read", + "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read", + "Microsoft.ContainerService/fleets/persistentvolumeclaims/read", + "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read", + "Microsoft.ContainerService/fleets/replicationcontrollers/read", + "Microsoft.ContainerService/fleets/replicationcontrollers/read", "Microsoft.ContainerService/fleets/resourcequotas/read", - "Microsoft.ContainerService/fleets/secrets/*", - "Microsoft.ContainerService/fleets/serviceaccounts/*", - "Microsoft.ContainerService/fleets/services/*" + "Microsoft.ContainerService/fleets/serviceaccounts/read", + "Microsoft.ContainerService/fleets/services/read" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Kubernetes Fleet Manager RBAC Writer", + "roleName": "Azure Kubernetes Fleet Manager RBAC Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -11460,76 +11488,54 @@ "assignableScopes": [ "/" ], - "description": "Grants read/write access to Azure resources provided by Azure Kubernetes Fleet Manager, including fleets, fleet members, fleet update strategies, fleet update runs, etc.", - "name": "63bb64ad-9799-4770-b5c3-24ed299a07bf", + "description": "Grants read/write access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace.  Applying this role at cluster scope will give access across all namespaces.", + "name": "5af6afb3-c06c-4fa4-8848-71a8aee05683", "permissions": [ { "actions": [ - "Microsoft.ContainerService/fleets/*", - "Microsoft.Resources/deployments/*" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "Azure Kubernetes Fleet Manager Contributor Role", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, - { - "assignableScopes": [ - "/" - ], - "description": "Grants read-only access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.", - "name": "30b27cfc-9c84-438e-b0ce-70e35255df80", - "permissions": [ - { - "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ContainerService/fleets/read", - "Microsoft.ContainerService/fleets/listCredentials/action" + "Microsoft.Authorization/*/read", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.ContainerService/fleets/read", + "Microsoft.ContainerService/fleets/listCredentials/action" ], "condition": null, "conditionVersion": null, "dataActions": [ "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", - "Microsoft.ContainerService/fleets/apps/daemonsets/read", - "Microsoft.ContainerService/fleets/apps/deployments/read", - "Microsoft.ContainerService/fleets/apps/statefulsets/read", - "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read", - "Microsoft.ContainerService/fleets/batch/cronjobs/read", - "Microsoft.ContainerService/fleets/batch/jobs/read", - "Microsoft.ContainerService/fleets/configmaps/read", - "Microsoft.ContainerService/fleets/endpoints/read", + "Microsoft.ContainerService/fleets/apps/daemonsets/*", + "Microsoft.ContainerService/fleets/apps/deployments/*", + "Microsoft.ContainerService/fleets/apps/statefulsets/*", + "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*", + "Microsoft.ContainerService/fleets/batch/cronjobs/*", + "Microsoft.ContainerService/fleets/batch/jobs/*", + "Microsoft.ContainerService/fleets/configmaps/*", + "Microsoft.ContainerService/fleets/endpoints/*", "Microsoft.ContainerService/fleets/events.k8s.io/events/read", "Microsoft.ContainerService/fleets/events/read", - "Microsoft.ContainerService/fleets/extensions/daemonsets/read", - "Microsoft.ContainerService/fleets/extensions/deployments/read", - "Microsoft.ContainerService/fleets/extensions/ingresses/read", - "Microsoft.ContainerService/fleets/extensions/networkpolicies/read", + "Microsoft.ContainerService/fleets/extensions/daemonsets/*", + "Microsoft.ContainerService/fleets/extensions/deployments/*", + "Microsoft.ContainerService/fleets/extensions/ingresses/*", + "Microsoft.ContainerService/fleets/extensions/networkpolicies/*", "Microsoft.ContainerService/fleets/limitranges/read", "Microsoft.ContainerService/fleets/namespaces/read", - "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read", - "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read", - "Microsoft.ContainerService/fleets/persistentvolumeclaims/read", - "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read", - "Microsoft.ContainerService/fleets/replicationcontrollers/read", - "Microsoft.ContainerService/fleets/replicationcontrollers/read", + "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*", + "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*", + "Microsoft.ContainerService/fleets/persistentvolumeclaims/*", + "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*", + "Microsoft.ContainerService/fleets/replicationcontrollers/*", + "Microsoft.ContainerService/fleets/replicationcontrollers/*", "Microsoft.ContainerService/fleets/resourcequotas/read", - "Microsoft.ContainerService/fleets/serviceaccounts/read", - "Microsoft.ContainerService/fleets/services/read" + "Microsoft.ContainerService/fleets/secrets/*", + "Microsoft.ContainerService/fleets/serviceaccounts/*", + "Microsoft.ContainerService/fleets/services/*" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Kubernetes Fleet Manager RBAC Reader", + "roleName": "Azure Kubernetes Fleet Manager RBAC Writer", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -11537,28 +11543,22 @@ "assignableScopes": [ "/" ], - "description": "Grants read/write access to all Kubernetes resources in the fleet-managed hub cluster.", - "name": "18ab4d3d-a1bf-4477-8ad9-8359bc988f69", + "description": "Grants read/write access to Azure resources provided by Azure Kubernetes Fleet Manager, including fleets, fleet members, fleet update strategies, fleet update runs, etc.", + "name": "63bb64ad-9799-4770-b5c3-24ed299a07bf", "permissions": [ { "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ContainerService/fleets/read", - "Microsoft.ContainerService/fleets/listCredentials/action" + "Microsoft.ContainerService/fleets/*", + "Microsoft.Resources/deployments/*" ], "condition": null, "conditionVersion": null, - "dataActions": [ - "Microsoft.ContainerService/fleets/*" - ], + "dataActions": [], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Kubernetes Fleet Manager RBAC Cluster Admin", + "roleName": "Azure Kubernetes Fleet Manager Contributor Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -11791,13 +11791,13 @@ "assignableScopes": [ "/" ], - "description": "Can perform all actions on Machine Learning Services Registry assets as well as get Registry resources.", - "name": "1823dd4f-9b8c-4ab6-ab4e-7397a3684615", + "description": "Can access and perform CRUD operations on Machine Learning Services managed compute resources (including Notebook VMs).", + "name": "e503ece1-11d0-4e8e-8e2c-7a6c3bf38815", "permissions": [ { "actions": [ - "Microsoft.MachineLearningServices/registries/read", - "Microsoft.MachineLearningServices/registries/assets/*" + "Microsoft.MachineLearningServices/workspaces/computes/*", + "Microsoft.MachineLearningServices/workspaces/notebooks/vm/*" ], "condition": null, "conditionVersion": null, @@ -11806,7 +11806,7 @@ "notDataActions": [] } ], - "roleName": "AzureML Registry User", + "roleName": "AzureML Compute Operator", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -11814,13 +11814,13 @@ "assignableScopes": [ "/" ], - "description": "Can access and perform CRUD operations on Machine Learning Services managed compute resources (including Notebook VMs).", - "name": "e503ece1-11d0-4e8e-8e2c-7a6c3bf38815", + "description": "Can perform all actions on Machine Learning Services Registry assets as well as get Registry resources.", + "name": "1823dd4f-9b8c-4ab6-ab4e-7397a3684615", "permissions": [ { "actions": [ - "Microsoft.MachineLearningServices/workspaces/computes/*", - "Microsoft.MachineLearningServices/workspaces/notebooks/vm/*" + "Microsoft.MachineLearningServices/registries/read", + "Microsoft.MachineLearningServices/registries/assets/*" ], "condition": null, "conditionVersion": null, @@ -11829,7 +11829,7 @@ "notDataActions": [] } ], - "roleName": "AzureML Compute Operator", + "roleName": "AzureML Registry User", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -12691,6 +12691,32 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, + { + "assignableScopes": [ + "/" + ], + "description": "For internal use within Azure. Can manage Azure Front Door secrets, but can't grant access to other users.", + "name": "3f2eb865-5811-4578-b90a-6fc6fa0df8e5", + "permissions": [ + { + "actions": [ + "Microsoft.Cdn/operationresults/profileresults/secretresults/read", + "Microsoft.Cdn/profiles/secrets/read", + "Microsoft.Cdn/profiles/secrets/write", + "Microsoft.Cdn/profiles/secrets/delete", + "Microsoft.Resources/subscriptions/resourceGroups/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Front Door Secret Contributor", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, { "assignableScopes": [ "/" @@ -12717,6 +12743,30 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, + { + "assignableScopes": [ + "/" + ], + "description": "For internal use within Azure. Can view Azure Front Door domains, but can't make changes.", + "name": "0f99d363-226e-4dca-9920-b807cf8e1a5f", + "permissions": [ + { + "actions": [ + "Microsoft.Cdn/operationresults/profileresults/customdomainresults/read", + "Microsoft.Cdn/profiles/customdomains/read", + "Microsoft.Resources/subscriptions/resourceGroups/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Front Door Domain Reader", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, { "assignableScopes": [ "/" @@ -12745,16 +12795,18 @@ "assignableScopes": [ "/" ], - "description": "For internal use within Azure. Can manage Azure Front Door secrets, but can't grant access to other users.", - "name": "3f2eb865-5811-4578-b90a-6fc6fa0df8e5", + "description": "Allows users to create, modify, describe, or delete Rulestacks.", + "name": "bfc3b73d-c6ff-45eb-9a5f-40298295bf20", "permissions": [ { "actions": [ - "Microsoft.Cdn/operationresults/profileresults/secretresults/read", - "Microsoft.Cdn/profiles/secrets/read", - "Microsoft.Cdn/profiles/secrets/write", - "Microsoft.Cdn/profiles/secrets/delete", - "Microsoft.Resources/subscriptions/resourceGroups/read" + "PaloAltoNetworks.Cloudngfw/localRulestacks/*", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Authorization/*/read", + "Microsoft.ResourceHealth/availabilityStatuses/read", + "Microsoft.Resources/deployments/*", + "Microsoft.Insights/alertRules/*", + "Microsoft.Support/*" ], "condition": null, "conditionVersion": null, @@ -12763,7 +12815,7 @@ "notDataActions": [] } ], - "roleName": "Azure Front Door Secret Contributor", + "roleName": "LocalRulestacksAdministrator role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -12771,13 +12823,16 @@ "assignableScopes": [ "/" ], - "description": "For internal use within Azure. Can view Azure Front Door domains, but can't make changes.", - "name": "0f99d363-226e-4dca-9920-b807cf8e1a5f", + "description": "Grants full access to manage backup and export resources", + "name": "d18ad5f3-1baf-4119-b49b-d944edb1f9d0", "permissions": [ { "actions": [ - "Microsoft.Cdn/operationresults/profileresults/customdomainresults/read", - "Microsoft.Cdn/profiles/customdomains/read", + "Microsoft.DBforMySQL/flexibleServers/validateBackup/action", + "Microsoft.DBforMySQL/flexibleServers/backupAndExport/action", + "Microsoft.DBforMySQL/locations/operationResults/read", + "Microsoft.DBforMySQL/locations/azureAsyncOperation/read", + "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, @@ -12787,7 +12842,7 @@ "notDataActions": [] } ], - "roleName": "Azure Front Door Domain Reader", + "roleName": "MySQL Backup And Export Operator", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -12908,33 +12963,6 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, - { - "assignableScopes": [ - "/" - ], - "description": "Grants full access to manage backup and export resources", - "name": "d18ad5f3-1baf-4119-b49b-d944edb1f9d0", - "permissions": [ - { - "actions": [ - "Microsoft.DBforMySQL/flexibleServers/validateBackup/action", - "Microsoft.DBforMySQL/flexibleServers/backupAndExport/action", - "Microsoft.DBforMySQL/locations/operationResults/read", - "Microsoft.DBforMySQL/locations/azureAsyncOperation/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "MySQL Backup And Export Operator", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, { "assignableScopes": [ "/" @@ -12984,34 +13012,6 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, - { - "assignableScopes": [ - "/" - ], - "description": "Allows users to create, modify, describe, or delete Rulestacks.", - "name": "bfc3b73d-c6ff-45eb-9a5f-40298295bf20", - "permissions": [ - { - "actions": [ - "PaloAltoNetworks.Cloudngfw/localRulestacks/*", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Authorization/*/read", - "Microsoft.ResourceHealth/availabilityStatuses/read", - "Microsoft.Resources/deployments/*", - "Microsoft.Insights/alertRules/*", - "Microsoft.Support/*" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "LocalRulestacksAdministrator role", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, { "assignableScopes": [ "/" @@ -13062,22 +13062,24 @@ "assignableScopes": [ "/" ], - "description": "Has the same access as API Management Service Workspace API Developer as well as read access to users and write access to allow assigning users to groups. This role should be assigned on the service scope.", - "name": "d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da", + "description": "Has read access to entities in the workspace and read and write access to entities for editing APIs. This role should be assigned on the workspace scope.", + "name": "56328988-075d-4c6a-8766-d93edd6725b6", "permissions": [ { "actions": [ - "Microsoft.ApiManagement/service/users/read", - "Microsoft.ApiManagement/service/tags/read", - "Microsoft.ApiManagement/service/tags/apiLinks/*", - "Microsoft.ApiManagement/service/tags/operationLinks/*", - "Microsoft.ApiManagement/service/tags/productLinks/*", - "Microsoft.ApiManagement/service/products/read", - "Microsoft.ApiManagement/service/products/apiLinks/*", - "Microsoft.ApiManagement/service/groups/read", - "Microsoft.ApiManagement/service/groups/users/*", - "Microsoft.ApiManagement/service/read", - "Microsoft.ApiManagement/service/authorizationServers/read", + "Microsoft.ApiManagement/service/workspaces/*/read", + "Microsoft.ApiManagement/service/workspaces/apis/*", + "Microsoft.ApiManagement/service/workspaces/apiVersionSets/*", + "Microsoft.ApiManagement/service/workspaces/policies/*", + "Microsoft.ApiManagement/service/workspaces/schemas/*", + "Microsoft.ApiManagement/service/workspaces/products/*", + "Microsoft.ApiManagement/service/workspaces/policyFragments/*", + "Microsoft.ApiManagement/service/workspaces/namedValues/*", + "Microsoft.ApiManagement/service/workspaces/tags/*", + "Microsoft.ApiManagement/service/workspaces/backends/*", + "Microsoft.ApiManagement/service/workspaces/certificates/*", + "Microsoft.ApiManagement/service/workspaces/diagnostics/*", + "Microsoft.ApiManagement/service/workspaces/loggers/*", "Microsoft.Authorization/*/read" ], "condition": null, @@ -13087,7 +13089,7 @@ "notDataActions": [] } ], - "roleName": "API Management Service Workspace API Product Manager", + "roleName": "API Management Workspace API Developer", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -13095,24 +13097,12 @@ "assignableScopes": [ "/" ], - "description": "Has read access to entities in the workspace and read and write access to entities for editing APIs. This role should be assigned on the workspace scope.", - "name": "56328988-075d-4c6a-8766-d93edd6725b6", + "description": "Can manage the workspace and view, but not modify its members. This role should be assigned on the workspace scope.", + "name": "0c34c906-8d99-4cb7-8bb7-33f5b0a1a799", "permissions": [ { "actions": [ - "Microsoft.ApiManagement/service/workspaces/*/read", - "Microsoft.ApiManagement/service/workspaces/apis/*", - "Microsoft.ApiManagement/service/workspaces/apiVersionSets/*", - "Microsoft.ApiManagement/service/workspaces/policies/*", - "Microsoft.ApiManagement/service/workspaces/schemas/*", - "Microsoft.ApiManagement/service/workspaces/products/*", - "Microsoft.ApiManagement/service/workspaces/policyFragments/*", - "Microsoft.ApiManagement/service/workspaces/namedValues/*", - "Microsoft.ApiManagement/service/workspaces/tags/*", - "Microsoft.ApiManagement/service/workspaces/backends/*", - "Microsoft.ApiManagement/service/workspaces/certificates/*", - "Microsoft.ApiManagement/service/workspaces/diagnostics/*", - "Microsoft.ApiManagement/service/workspaces/loggers/*", + "Microsoft.ApiManagement/service/workspaces/*", "Microsoft.Authorization/*/read" ], "condition": null, @@ -13122,7 +13112,7 @@ "notDataActions": [] } ], - "roleName": "API Management Workspace API Developer", + "roleName": "API Management Workspace Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -13211,12 +13201,22 @@ "assignableScopes": [ "/" ], - "description": "Can manage the workspace and view, but not modify its members. This role should be assigned on the workspace scope.", - "name": "0c34c906-8d99-4cb7-8bb7-33f5b0a1a799", + "description": "Has the same access as API Management Service Workspace API Developer as well as read access to users and write access to allow assigning users to groups. This role should be assigned on the service scope.", + "name": "d59a3e9c-6d52-4a5a-aeed-6bf3cf0e31da", "permissions": [ { "actions": [ - "Microsoft.ApiManagement/service/workspaces/*", + "Microsoft.ApiManagement/service/users/read", + "Microsoft.ApiManagement/service/tags/read", + "Microsoft.ApiManagement/service/tags/apiLinks/*", + "Microsoft.ApiManagement/service/tags/operationLinks/*", + "Microsoft.ApiManagement/service/tags/productLinks/*", + "Microsoft.ApiManagement/service/products/read", + "Microsoft.ApiManagement/service/products/apiLinks/*", + "Microsoft.ApiManagement/service/groups/read", + "Microsoft.ApiManagement/service/groups/users/*", + "Microsoft.ApiManagement/service/read", + "Microsoft.ApiManagement/service/authorizationServers/read", "Microsoft.Authorization/*/read" ], "condition": null, @@ -13226,7 +13226,7 @@ "notDataActions": [] } ], - "roleName": "API Management Workspace Contributor", + "roleName": "API Management Service Workspace API Product Manager", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -13234,8 +13234,8 @@ "assignableScopes": [ "/" ], - "description": "Customer has read access on Azure Storage file shares.", - "name": "b8eda974-7b85-4f76-af95-65846b26df6d", + "description": "Customer has read, write, delete and modify NTFS permission access on Azure Storage file shares.", + "name": "69566ab7-960f-475b-8e7c-b3118f30c6bd", "permissions": [ { "actions": [], @@ -13243,13 +13243,17 @@ "conditionVersion": null, "dataActions": [ "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read", - "Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action" + "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write", + "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete", + "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action", + "Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action", + "Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Storage File Data Privileged Reader", + "roleName": "Storage File Data Privileged Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -13257,8 +13261,8 @@ "assignableScopes": [ "/" ], - "description": "Customer has read, write, delete and modify NTFS permission access on Azure Storage file shares.", - "name": "69566ab7-960f-475b-8e7c-b3118f30c6bd", + "description": "Customer has read access on Azure Storage file shares.", + "name": "b8eda974-7b85-4f76-af95-65846b26df6d", "permissions": [ { "actions": [], @@ -13266,17 +13270,13 @@ "conditionVersion": null, "dataActions": [ "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read", - "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/write", - "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/delete", - "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/modifypermissions/action", - "Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action", - "Microsoft.Storage/storageAccounts/fileServices/writeFileBackupSemantics/action" + "Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Storage File Data Privileged Contributor", + "roleName": "Storage File Data Privileged Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -13493,8 +13493,8 @@ "assignableScopes": [ "/" ], - "description": "Allows user to read Azure Sphere resources.", - "name": "c8ae6279-5a0b-4cb2-b3f0-d4d62845742c", + "description": "Allows user to read and download Azure Sphere resources and upload images.", + "name": "6d994134-994b-4a59-9974-f479f0b227fb", "permissions": [ { "actions": [ @@ -13503,10 +13503,12 @@ "Microsoft.AzureSphere/catalogs/listDeviceGroups/action", "Microsoft.AzureSphere/catalogs/listDeviceInsights/action", "Microsoft.AzureSphere/catalogs/listDevices/action", - "Microsoft.AzureSphere/catalogs/listDeployments/action", "Microsoft.AzureSphere/catalogs/products/countDevices/action", "Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action", + "Microsoft.AzureSphere/catalogs/certificates/retrieveProofOfPossessionNonce/action", "Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action", + "Microsoft.AzureSphere/catalogs/images/write", + "Microsoft.AzureSphere/catalogs/uploadImage/action", "Microsoft.Authorization/*/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Insights/DiagnosticSettings/Read" @@ -13518,7 +13520,7 @@ "notDataActions": [] } ], - "roleName": "Azure Sphere Reader", + "roleName": "Azure Sphere Publisher", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -13526,8 +13528,8 @@ "assignableScopes": [ "/" ], - "description": "Allows user to read and download Azure Sphere resources and upload images.", - "name": "6d994134-994b-4a59-9974-f479f0b227fb", + "description": "Allows user to read Azure Sphere resources.", + "name": "c8ae6279-5a0b-4cb2-b3f0-d4d62845742c", "permissions": [ { "actions": [ @@ -13536,12 +13538,10 @@ "Microsoft.AzureSphere/catalogs/listDeviceGroups/action", "Microsoft.AzureSphere/catalogs/listDeviceInsights/action", "Microsoft.AzureSphere/catalogs/listDevices/action", + "Microsoft.AzureSphere/catalogs/listDeployments/action", "Microsoft.AzureSphere/catalogs/products/countDevices/action", "Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action", - "Microsoft.AzureSphere/catalogs/certificates/retrieveProofOfPossessionNonce/action", "Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action", - "Microsoft.AzureSphere/catalogs/images/write", - "Microsoft.AzureSphere/catalogs/uploadImage/action", "Microsoft.Authorization/*/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Insights/DiagnosticSettings/Read" @@ -13553,7 +13553,7 @@ "notDataActions": [] } ], - "roleName": "Azure Sphere Publisher", + "roleName": "Azure Sphere Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -13636,21 +13636,21 @@ "/" ], "description": "This role has been deprecated", - "name": "7ac06ca7-21ca-47e3-a67b-cbd6e6223baf", + "name": "79b01272-bf9f-4f4c-9517-5506269cf524", "permissions": [ { "actions": [], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.CognitiveSearch/indexes/schema/*", - "Microsoft.CognitiveSearch/indexes/documents/*" + "Microsoft.CognitiveSearch/indexes/schema/read", + "Microsoft.CognitiveSearch/indexes/documents/read" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Cognitive Search Serverless Data Contributor (Deprecated)", + "roleName": "Cognitive Search Serverless Data Reader (Deprecated)", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -13659,21 +13659,21 @@ "/" ], "description": "This role has been deprecated", - "name": "79b01272-bf9f-4f4c-9517-5506269cf524", + "name": "7ac06ca7-21ca-47e3-a67b-cbd6e6223baf", "permissions": [ { "actions": [], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.CognitiveSearch/indexes/schema/read", - "Microsoft.CognitiveSearch/indexes/documents/read" + "Microsoft.CognitiveSearch/indexes/schema/*", + "Microsoft.CognitiveSearch/indexes/documents/*" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Cognitive Search Serverless Data Reader (Deprecated)", + "roleName": "Cognitive Search Serverless Data Contributor (Deprecated)", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -13982,52 +13982,6 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, - { - "assignableScopes": [ - "/" - ], - "description": "You can create and edit workflows, connections, and settings for a Standard logic app. You can't make changes outside the workflow scope.", - "name": "523776ba-4eb2-4600-a3c8-f2dc93da4bdb", - "permissions": [ - { - "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/operations/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Support/*", - "Microsoft.Web/*/read", - "Microsoft.Web/connections/*", - "Microsoft.Web/customApis/*", - "Microsoft.Web/sites/config/list/Action", - "microsoft.web/sites/config/Write", - "microsoft.web/sites/config/web/appsettings/delete", - "microsoft.web/sites/config/web/appsettings/write", - "microsoft.web/sites/deployWorkflowArtifacts/action", - "microsoft.web/sites/hostruntime/*", - "microsoft.web/sites/listworkflowsconnections/action", - "Microsoft.Web/sites/publish/Action", - "microsoft.web/sites/slots/config/appsettings/write", - "Microsoft.Web/sites/slots/config/list/Action", - "microsoft.web/sites/slots/config/web/appsettings/delete", - "microsoft.web/sites/slots/deployWorkflowArtifacts/action", - "microsoft.web/sites/slots/listworkflowsconnections/action", - "Microsoft.Web/sites/slots/publish/Action", - "microsoft.web/sites/workflows/*", - "microsoft.web/sites/workflowsconfiguration/*" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "Logic Apps Standard Developer (Preview)", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, { "assignableScopes": [ "/" @@ -14130,6 +14084,52 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, + { + "assignableScopes": [ + "/" + ], + "description": "You can create and edit workflows, connections, and settings for a Standard logic app. You can't make changes outside the workflow scope.", + "name": "523776ba-4eb2-4600-a3c8-f2dc93da4bdb", + "permissions": [ + { + "actions": [ + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/operations/read", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Support/*", + "Microsoft.Web/*/read", + "Microsoft.Web/connections/*", + "Microsoft.Web/customApis/*", + "Microsoft.Web/sites/config/list/Action", + "microsoft.web/sites/config/Write", + "microsoft.web/sites/config/web/appsettings/delete", + "microsoft.web/sites/config/web/appsettings/write", + "microsoft.web/sites/deployWorkflowArtifacts/action", + "microsoft.web/sites/hostruntime/*", + "microsoft.web/sites/listworkflowsconnections/action", + "Microsoft.Web/sites/publish/Action", + "microsoft.web/sites/slots/config/appsettings/write", + "Microsoft.Web/sites/slots/config/list/Action", + "microsoft.web/sites/slots/config/web/appsettings/delete", + "microsoft.web/sites/slots/deployWorkflowArtifacts/action", + "microsoft.web/sites/slots/listworkflowsconnections/action", + "Microsoft.Web/sites/slots/publish/Action", + "microsoft.web/sites/workflows/*", + "microsoft.web/sites/workflowsconfiguration/*" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Logic Apps Standard Developer (Preview)", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, { "assignableScopes": [ "/" @@ -14336,8 +14336,8 @@ "assignableScopes": [ "/" ], - "description": "Lets you subscribe messages on topicspaces.", - "name": "4b0f2fd7-60b4-4eca-896f-4435034f8bf5", + "description": "Lets you publish messages on topicspaces.", + "name": "a12b0b94-b317-4dcd-84a8-502ce99884c6", "permissions": [ { "actions": [ @@ -14350,13 +14350,13 @@ "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.EventGrid/topicSpaces/subscribe/action" + "Microsoft.EventGrid/topicSpaces/publish/action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "EventGrid TopicSpaces Subscriber", + "roleName": "EventGrid TopicSpaces Publisher", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14364,8 +14364,8 @@ "assignableScopes": [ "/" ], - "description": "Lets you publish messages on topicspaces.", - "name": "a12b0b94-b317-4dcd-84a8-502ce99884c6", + "description": "Lets you subscribe messages on topicspaces.", + "name": "4b0f2fd7-60b4-4eca-896f-4435034f8bf5", "permissions": [ { "actions": [ @@ -14378,13 +14378,13 @@ "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.EventGrid/topicSpaces/publish/action" + "Microsoft.EventGrid/topicSpaces/subscribe/action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "EventGrid TopicSpaces Publisher", + "roleName": "EventGrid TopicSpaces Subscriber", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14439,24 +14439,23 @@ "assignableScopes": [ "/" ], - "description": "Read DeID batch jobs. This role is in preview and subject to change.", - "name": "b73a14ee-91f5-41b7-bd81-920e12466be9", + "description": "Create and manage DeID batch jobs. This role is in preview and subject to change.", + "name": "8a90fa6b-6997-4a07-8a95-30633a7c97b9", "permissions": [ { "actions": [], "condition": null, "conditionVersion": null, "dataActions": [ + "Microsoft.HealthDataAIServices/DeidServices/Batch/write", + "Microsoft.HealthDataAIServices/DeidServices/Batch/delete", "Microsoft.HealthDataAIServices/DeidServices/Batch/read" ], "notActions": [], - "notDataActions": [ - "Microsoft.HealthDataAIServices/DeidServices/Batch/write", - "Microsoft.HealthDataAIServices/DeidServices/Batch/delete" - ] + "notDataActions": [] } ], - "roleName": "DeID Batch Data Reader", + "roleName": "DeID Batch Data Owner", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14464,23 +14463,24 @@ "assignableScopes": [ "/" ], - "description": "Create and manage DeID batch jobs. This role is in preview and subject to change.", - "name": "8a90fa6b-6997-4a07-8a95-30633a7c97b9", + "description": "Read DeID batch jobs. This role is in preview and subject to change.", + "name": "b73a14ee-91f5-41b7-bd81-920e12466be9", "permissions": [ { "actions": [], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.HealthDataAIServices/DeidServices/Batch/write", - "Microsoft.HealthDataAIServices/DeidServices/Batch/delete", "Microsoft.HealthDataAIServices/DeidServices/Batch/read" ], "notActions": [], - "notDataActions": [] + "notDataActions": [ + "Microsoft.HealthDataAIServices/DeidServices/Batch/write", + "Microsoft.HealthDataAIServices/DeidServices/Batch/delete" + ] } ], - "roleName": "DeID Batch Data Owner", + "roleName": "DeID Batch Data Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14666,34 +14666,29 @@ "assignableScopes": [ "/" ], - "description": "Grants permissions to view VMs", - "name": "4b3fe76c-f777-4d24-a2d7-b027b0f7b273", + "description": "Grants permissions to perform all VM actions", + "name": "874d1c73-6003-4e60-a13a-cb31ea190a85", "permissions": [ { "actions": [ - "Microsoft.AzureStackHCI/VirtualMachines/Read", - "Microsoft.AzureStackHCI/virtualMachineInstances/Read", - "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Read", - "Microsoft.AzureStackHCI/VirtualNetworks/Read", + "Microsoft.AzureStackHCI/VirtualMachines/*", + "Microsoft.AzureStackHCI/virtualMachineInstances/*", + "Microsoft.AzureStackHCI/NetworkInterfaces/*", + "Microsoft.AzureStackHCI/VirtualHardDisks/*", + "Microsoft.AzureStackHCI/VirtualNetworks/Read", + "Microsoft.AzureStackHCI/VirtualNetworks/join/action", "Microsoft.AzureStackHCI/LogicalNetworks/Read", - "Microsoft.AzureStackHCI/NetworkInterfaces/Read", - "Microsoft.AzureStackHCI/VirtualHardDisks/Read", - "Microsoft.AzureStackHCI/StorageContainers/Read", + "Microsoft.AzureStackHCI/LogicalNetworks/join/action", "Microsoft.AzureStackHCI/GalleryImages/Read", + "Microsoft.AzureStackHCI/GalleryImages/deploy/action", + "Microsoft.AzureStackHCI/StorageContainers/Read", + "Microsoft.AzureStackHCI/StorageContainers/deploy/action", "Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read", + "Microsoft.AzureStackHCI/MarketPlaceGalleryImages/deploy/action", + "Microsoft.AzureStackHCI/Clusters/Read", + "Microsoft.AzureStackHCI/Clusters/ArcSettings/Read", "Microsoft.AzureStackHCI/NetworkSecurityGroups/Read", "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read", - "Microsoft.HybridCompute/licenses/read", - "Microsoft.HybridCompute/machines/extensions/read", - "Microsoft.HybridCompute/machines/licenseProfiles/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", - "Microsoft.HybridCompute/machines/read", - "Microsoft.HybridCompute/privateLinkScopes/networkSecurityPerimeterConfigurations/read", - "Microsoft.HybridCompute/privateLinkScopes/privateEndpointConnections/read", - "Microsoft.HybridCompute/privateLinkScopes/read", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -14702,17 +14697,55 @@ "Microsoft.Insights/AlertRules/Throttled/Action", "Microsoft.Insights/AlertRules/Incidents/Read", "Microsoft.Resources/deployments/read", + "Microsoft.Resources/deployments/write", + "Microsoft.Resources/deployments/delete", + "Microsoft.Resources/deployments/cancel/action", + "Microsoft.Resources/deployments/validate/action", + "Microsoft.Resources/deployments/whatIf/action", "Microsoft.Resources/deployments/exportTemplate/action", "Microsoft.Resources/deployments/operations/read", "Microsoft.Resources/deployments/operationstatuses/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", + "Microsoft.Resources/subscriptions/resourcegroups/deployments/write", "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read", "Microsoft.ResourceHealth/availabilityStatuses/read", "Microsoft.Authorization/*/read", "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/subscriptions/operationresults/read" + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.HybridCompute/machines/read", + "Microsoft.HybridCompute/machines/write", + "Microsoft.HybridCompute/machines/delete", + "Microsoft.HybridCompute/machines/UpgradeExtensions/action", + "Microsoft.HybridCompute/machines/assessPatches/action", + "Microsoft.HybridCompute/machines/installPatches/action", + "Microsoft.HybridCompute/machines/extensions/read", + "Microsoft.HybridCompute/machines/extensions/write", + "Microsoft.HybridCompute/machines/extensions/delete", + "Microsoft.HybridCompute/operations/read", + "Microsoft.HybridCompute/locations/operationresults/read", + "Microsoft.HybridCompute/locations/operationstatus/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", + "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", + "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", + "Microsoft.HybridCompute/osType/agentVersions/read", + "Microsoft.HybridCompute/osType/agentVersions/latest/read", + "Microsoft.HybridCompute/machines/runcommands/read", + "Microsoft.HybridCompute/machines/runcommands/write", + "Microsoft.HybridCompute/machines/runcommands/delete", + "Microsoft.HybridCompute/machines/licenseProfiles/read", + "Microsoft.HybridCompute/machines/licenseProfiles/write", + "Microsoft.HybridCompute/machines/licenseProfiles/delete", + "Microsoft.HybridCompute/licenses/read", + "Microsoft.HybridCompute/licenses/write", + "Microsoft.HybridCompute/licenses/delete", + "Microsoft.ExtendedLocation/customLocations/Read", + "Microsoft.ExtendedLocation/customLocations/deploy/action", + "Microsoft.KubernetesConfiguration/extensions/read" ], "condition": null, "conditionVersion": null, @@ -14721,7 +14754,7 @@ "notDataActions": [] } ], - "roleName": "Azure Stack HCI VM Reader", + "roleName": "Azure Stack HCI VM Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14769,29 +14802,34 @@ "assignableScopes": [ "/" ], - "description": "Grants permissions to perform all VM actions", - "name": "874d1c73-6003-4e60-a13a-cb31ea190a85", + "description": "Grants permissions to view VMs", + "name": "4b3fe76c-f777-4d24-a2d7-b027b0f7b273", "permissions": [ { "actions": [ - "Microsoft.AzureStackHCI/VirtualMachines/*", - "Microsoft.AzureStackHCI/virtualMachineInstances/*", - "Microsoft.AzureStackHCI/NetworkInterfaces/*", - "Microsoft.AzureStackHCI/VirtualHardDisks/*", + "Microsoft.AzureStackHCI/VirtualMachines/Read", + "Microsoft.AzureStackHCI/virtualMachineInstances/Read", + "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Read", "Microsoft.AzureStackHCI/VirtualNetworks/Read", - "Microsoft.AzureStackHCI/VirtualNetworks/join/action", "Microsoft.AzureStackHCI/LogicalNetworks/Read", - "Microsoft.AzureStackHCI/LogicalNetworks/join/action", - "Microsoft.AzureStackHCI/GalleryImages/Read", - "Microsoft.AzureStackHCI/GalleryImages/deploy/action", + "Microsoft.AzureStackHCI/NetworkInterfaces/Read", + "Microsoft.AzureStackHCI/VirtualHardDisks/Read", "Microsoft.AzureStackHCI/StorageContainers/Read", - "Microsoft.AzureStackHCI/StorageContainers/deploy/action", + "Microsoft.AzureStackHCI/GalleryImages/Read", "Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read", - "Microsoft.AzureStackHCI/MarketPlaceGalleryImages/deploy/action", - "Microsoft.AzureStackHCI/Clusters/Read", - "Microsoft.AzureStackHCI/Clusters/ArcSettings/Read", "Microsoft.AzureStackHCI/NetworkSecurityGroups/Read", "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read", + "Microsoft.HybridCompute/licenses/read", + "Microsoft.HybridCompute/machines/extensions/read", + "Microsoft.HybridCompute/machines/licenseProfiles/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", + "Microsoft.HybridCompute/machines/read", + "Microsoft.HybridCompute/privateLinkScopes/networkSecurityPerimeterConfigurations/read", + "Microsoft.HybridCompute/privateLinkScopes/privateEndpointConnections/read", + "Microsoft.HybridCompute/privateLinkScopes/read", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -14800,55 +14838,17 @@ "Microsoft.Insights/AlertRules/Throttled/Action", "Microsoft.Insights/AlertRules/Incidents/Read", "Microsoft.Resources/deployments/read", - "Microsoft.Resources/deployments/write", - "Microsoft.Resources/deployments/delete", - "Microsoft.Resources/deployments/cancel/action", - "Microsoft.Resources/deployments/validate/action", - "Microsoft.Resources/deployments/whatIf/action", "Microsoft.Resources/deployments/exportTemplate/action", "Microsoft.Resources/deployments/operations/read", "Microsoft.Resources/deployments/operationstatuses/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", - "Microsoft.Resources/subscriptions/resourcegroups/deployments/write", "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read", "Microsoft.ResourceHealth/availabilityStatuses/read", "Microsoft.Authorization/*/read", "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.HybridCompute/machines/read", - "Microsoft.HybridCompute/machines/write", - "Microsoft.HybridCompute/machines/delete", - "Microsoft.HybridCompute/machines/UpgradeExtensions/action", - "Microsoft.HybridCompute/machines/assessPatches/action", - "Microsoft.HybridCompute/machines/installPatches/action", - "Microsoft.HybridCompute/machines/extensions/read", - "Microsoft.HybridCompute/machines/extensions/write", - "Microsoft.HybridCompute/machines/extensions/delete", - "Microsoft.HybridCompute/operations/read", - "Microsoft.HybridCompute/locations/operationresults/read", - "Microsoft.HybridCompute/locations/operationstatus/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", - "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", - "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", - "Microsoft.HybridCompute/osType/agentVersions/read", - "Microsoft.HybridCompute/osType/agentVersions/latest/read", - "Microsoft.HybridCompute/machines/runcommands/read", - "Microsoft.HybridCompute/machines/runcommands/write", - "Microsoft.HybridCompute/machines/runcommands/delete", - "Microsoft.HybridCompute/machines/licenseProfiles/read", - "Microsoft.HybridCompute/machines/licenseProfiles/write", - "Microsoft.HybridCompute/machines/licenseProfiles/delete", - "Microsoft.HybridCompute/licenses/read", - "Microsoft.HybridCompute/licenses/write", - "Microsoft.HybridCompute/licenses/delete", - "Microsoft.ExtendedLocation/customLocations/Read", - "Microsoft.ExtendedLocation/customLocations/deploy/action", - "Microsoft.KubernetesConfiguration/extensions/read" + "Microsoft.Resources/subscriptions/operationresults/read" ], "condition": null, "conditionVersion": null, @@ -14857,7 +14857,7 @@ "notDataActions": [] } ], - "roleName": "Azure Stack HCI VM Contributor", + "roleName": "Azure Stack HCI VM Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14897,29 +14897,23 @@ "assignableScopes": [ "/" ], - "description": "Allows receive access to event grid events.", - "name": "78cbd9e7-9798-4e2e-9b5a-547d9ebb31fb", + "description": "Can perform all actions required to create a resource deployment within a resource group.", + "name": "3afb7f49-54cb-416e-8c09-6dc049efa503", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", - "Microsoft.EventGrid/eventSubscriptions/read", - "Microsoft.EventGrid/topicTypes/eventSubscriptions/read", - "Microsoft.EventGrid/locations/eventSubscriptions/read", - "Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.EventGrid/namespaces/read" + "Microsoft.Resources/deployments/*", + "Microsoft.Insights/AutoscaleSettings/write" ], "condition": null, "conditionVersion": null, - "dataActions": [ - "Microsoft.EventGrid/events/receive/action" - ], + "dataActions": [], "notActions": [], "notDataActions": [] } ], - "roleName": "EventGrid Data Receiver", + "roleName": "Azure AI Inference Deployment Operator", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14961,29 +14955,29 @@ "assignableScopes": [ "/" ], - "description": "View reviews for a workload and triage recommendations linked to them.", - "name": "8aac15f0-d885-4138-8afa-bfb5872f7d13", + "description": "Allows receive access to event grid events.", + "name": "78cbd9e7-9798-4e2e-9b5a-547d9ebb31fb", "permissions": [ { "actions": [ - "Microsoft.Advisor/resiliencyReviews/read", - "Microsoft.Advisor/triageRecommendations/read", - "Microsoft.Advisor/triageRecommendations/approve/action", - "Microsoft.Advisor/triageRecommendations/reject/action", - "Microsoft.Advisor/triageRecommendations/reset/action", "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read" + "Microsoft.EventGrid/eventSubscriptions/read", + "Microsoft.EventGrid/topicTypes/eventSubscriptions/read", + "Microsoft.EventGrid/locations/eventSubscriptions/read", + "Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.EventGrid/namespaces/read" ], "condition": null, "conditionVersion": null, - "dataActions": [], + "dataActions": [ + "Microsoft.EventGrid/events/receive/action" + ], "notActions": [], "notDataActions": [] } ], - "roleName": "Advisor Reviews Contributor", + "roleName": "EventGrid Data Receiver", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14991,13 +14985,12 @@ "assignableScopes": [ "/" ], - "description": "View reviews for a workload and recommendations linked to them.", - "name": "c64499e0-74c3-47ad-921c-13865957895c", + "description": "Built-in role that allows a Connected Cluster managed identity to call the checkAccess API", + "name": "65a14201-8f6c-4c28-bec4-12619c5a9aaa", "permissions": [ { "actions": [ - "Microsoft.Advisor/resiliencyReviews/read", - "Microsoft.Advisor/triageRecommendations/read" + "Microsoft.Authorization/*/read" ], "condition": null, "conditionVersion": null, @@ -15006,7 +14999,7 @@ "notDataActions": [] } ], - "roleName": "Advisor Reviews Reader", + "roleName": "Connected Cluster Managed Identity CheckAccess Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15014,14 +15007,13 @@ "assignableScopes": [ "/" ], - "description": "Can perform all actions required to create a resource deployment within a resource group.", - "name": "3afb7f49-54cb-416e-8c09-6dc049efa503", + "description": "View reviews for a workload and recommendations linked to them.", + "name": "c64499e0-74c3-47ad-921c-13865957895c", "permissions": [ { "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Resources/deployments/*", - "Microsoft.Insights/AutoscaleSettings/write" + "Microsoft.Advisor/resiliencyReviews/read", + "Microsoft.Advisor/triageRecommendations/read" ], "condition": null, "conditionVersion": null, @@ -15030,7 +15022,7 @@ "notDataActions": [] } ], - "roleName": "Azure AI Inference Deployment Operator", + "roleName": "Advisor Reviews Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15038,12 +15030,20 @@ "assignableScopes": [ "/" ], - "description": "Built-in role that allows a Connected Cluster managed identity to call the checkAccess API", - "name": "65a14201-8f6c-4c28-bec4-12619c5a9aaa", + "description": "View reviews for a workload and triage recommendations linked to them.", + "name": "8aac15f0-d885-4138-8afa-bfb5872f7d13", "permissions": [ { "actions": [ - "Microsoft.Authorization/*/read" + "Microsoft.Advisor/resiliencyReviews/read", + "Microsoft.Advisor/triageRecommendations/read", + "Microsoft.Advisor/triageRecommendations/approve/action", + "Microsoft.Advisor/triageRecommendations/reject/action", + "Microsoft.Advisor/triageRecommendations/reset/action", + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, "conditionVersion": null, @@ -15052,7 +15052,7 @@ "notDataActions": [] } ], - "roleName": "Connected Cluster Managed Identity CheckAccess Reader", + "roleName": "Advisor Reviews Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15205,30 +15205,6 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, - { - "assignableScopes": [ - "/" - ], - "description": "List cluster user credential action.", - "name": "fc3f91a1-40bf-4439-8c46-45edbd83563a", - "permissions": [ - { - "actions": [ - "Microsoft.HybridContainerService/provisionedClusterInstances/read", - "Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action", - "Microsoft.Kubernetes/connectedClusters/Read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "Azure Kubernetes Service Hybrid Cluster User Role", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, { "assignableScopes": [ "/" @@ -15298,6 +15274,30 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, + { + "assignableScopes": [ + "/" + ], + "description": "List cluster user credential action.", + "name": "fc3f91a1-40bf-4439-8c46-45edbd83563a", + "permissions": [ + { + "actions": [ + "Microsoft.HybridContainerService/provisionedClusterInstances/read", + "Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action", + "Microsoft.Kubernetes/connectedClusters/Read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Kubernetes Service Hybrid Cluster User Role", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, { "assignableScopes": [ "/" @@ -15361,31 +15361,23 @@ "assignableScopes": [ "/" ], - "description": "Enclave Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.", - "name": "19feefae-eacc-4106-81fd-ac34c0671f14", + "description": "Community Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.", + "name": "e6aadb6b-e64f-41c0-9392-d2bba3bc3ebc", "permissions": [ { "actions": [ - "Microsoft.Mission/register/action", - "Microsoft.Mission/unregister/action", "Microsoft.Mission/Locations/OperationStatuses/read", - "Microsoft.Mission/Locations/OperationStatuses/write", "Microsoft.Mission/Operations/read", "Microsoft.Mission/catalogs/read", - "Microsoft.Mission/catalogs/write", "Microsoft.Mission/communities/read", "Microsoft.Mission/internalConnections/read", - "Microsoft.Mission/internalConnections/write", + "Microsoft.Mission/externalConnections/read", "Microsoft.Mission/virtualEnclaves/read", - "Microsoft.Mission/virtualEnclaves/write", "Microsoft.Mission/virtualEnclaves/endpoints/read", - "Microsoft.Mission/virtualEnclaves/endpoints/write", "Microsoft.Mission/virtualEnclaves/workloads/read", - "Microsoft.Mission/virtualEnclaves/workloads/write", "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/read", - "Microsoft.Resources/deployments/read", - "Microsoft.Resources/deployments/write", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/*", "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", @@ -15396,11 +15388,8 @@ "Microsoft.Mission/communities/communityEndpoints/read", "Microsoft.Mission/communities/transitHubs/read", "Microsoft.Mission/enclaveConnections/read", - "Microsoft.Mission/enclaveConnections/write", "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read", - "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write", - "Microsoft.Mission/approvals/read", - "Microsoft.Mission/approvals/write" + "Microsoft.Mission/approvals/read" ], "condition": null, "conditionVersion": null, @@ -15409,7 +15398,7 @@ "notDataActions": [] } ], - "roleName": "Enclave Contributor Role", + "roleName": "Community Reader Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15417,23 +15406,31 @@ "assignableScopes": [ "/" ], - "description": "Community Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.", - "name": "e6aadb6b-e64f-41c0-9392-d2bba3bc3ebc", + "description": "Enclave Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.", + "name": "19feefae-eacc-4106-81fd-ac34c0671f14", "permissions": [ { "actions": [ + "Microsoft.Mission/register/action", + "Microsoft.Mission/unregister/action", "Microsoft.Mission/Locations/OperationStatuses/read", + "Microsoft.Mission/Locations/OperationStatuses/write", "Microsoft.Mission/Operations/read", "Microsoft.Mission/catalogs/read", + "Microsoft.Mission/catalogs/write", "Microsoft.Mission/communities/read", "Microsoft.Mission/internalConnections/read", - "Microsoft.Mission/externalConnections/read", + "Microsoft.Mission/internalConnections/write", "Microsoft.Mission/virtualEnclaves/read", + "Microsoft.Mission/virtualEnclaves/write", "Microsoft.Mission/virtualEnclaves/endpoints/read", + "Microsoft.Mission/virtualEnclaves/endpoints/write", "Microsoft.Mission/virtualEnclaves/workloads/read", + "Microsoft.Mission/virtualEnclaves/workloads/write", "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/*", + "Microsoft.Insights/alertRules/read", + "Microsoft.Resources/deployments/read", + "Microsoft.Resources/deployments/write", "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", @@ -15444,8 +15441,11 @@ "Microsoft.Mission/communities/communityEndpoints/read", "Microsoft.Mission/communities/transitHubs/read", "Microsoft.Mission/enclaveConnections/read", + "Microsoft.Mission/enclaveConnections/write", "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read", - "Microsoft.Mission/approvals/read" + "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write", + "Microsoft.Mission/approvals/read", + "Microsoft.Mission/approvals/write" ], "condition": null, "conditionVersion": null, @@ -15454,7 +15454,7 @@ "notDataActions": [] } ], - "roleName": "Community Reader Role", + "roleName": "Enclave Contributor Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15462,22 +15462,23 @@ "assignableScopes": [ "/" ], - "description": "Allows management of Encryption Scopes on a Storage Account", - "name": "a316ed6d-1efe-48ac-ac08-f7995a9c26fb", + "description": "(Preview) Provides Azure Operator Nexus services the ability to write to a Key Vault. This role is in preview and subject to change.", + "name": "44f0a1a8-6fea-4b35-980a-8ff50c487c97", "permissions": [ { "actions": [ - "Microsoft.Storage/storageAccounts/encryptionScopes/read", - "Microsoft.Storage/storageAccounts/encryptionScopes/write" + "Microsoft.KeyVault/vaults/read" ], "condition": null, "conditionVersion": null, - "dataActions": [], + "dataActions": [ + "Microsoft.KeyVault/vaults/secrets/setSecret/action" + ], "notActions": [], "notDataActions": [] } ], - "roleName": "Storage Account Encryption Scope Contributor Role", + "roleName": "Operator Nexus Key Vault Writer Service Role (Preview)", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15485,23 +15486,22 @@ "assignableScopes": [ "/" ], - "description": "(Preview) Provides Azure Operator Nexus services the ability to write to a Key Vault. This role is in preview and subject to change.", - "name": "44f0a1a8-6fea-4b35-980a-8ff50c487c97", + "description": "Allows management of Encryption Scopes on a Storage Account", + "name": "a316ed6d-1efe-48ac-ac08-f7995a9c26fb", "permissions": [ { "actions": [ - "Microsoft.KeyVault/vaults/read" + "Microsoft.Storage/storageAccounts/encryptionScopes/read", + "Microsoft.Storage/storageAccounts/encryptionScopes/write" ], "condition": null, "conditionVersion": null, - "dataActions": [ - "Microsoft.KeyVault/vaults/secrets/setSecret/action" - ], + "dataActions": [], "notActions": [], "notDataActions": [] } ], - "roleName": "Operator Nexus Key Vault Writer Service Role (Preview)", + "roleName": "Storage Account Encryption Scope Contributor Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15632,24 +15632,24 @@ "assignableScopes": [ "/" ], - "description": "Read real-time logs for Application Configuration Service in Azure Spring Apps", - "name": "6593e776-2a30-40f9-8a32-4fe28b77655d", + "description": "Read real-time logs for Spring Cloud Gateway in Azure Spring Apps", + "name": "4301dc2a-25a9-44b0-ae63-3636cf7f2bd2", "permissions": [ { "actions": [ "Microsoft.AppPlatform/Spring/read", - "Microsoft.AppPlatform/Spring/configurationServices/read" + "Microsoft.AppPlatform/Spring/gateways/read" ], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action" + "Microsoft.AppPlatform/Spring/SpringCloudGateway/logstream/action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Spring Apps Application Configuration Service Log Reader Role", + "roleName": "Azure Spring Apps Spring Cloud Gateway Log Reader Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15657,24 +15657,22 @@ "assignableScopes": [ "/" ], - "description": "Read real-time logs for Spring Cloud Gateway in Azure Spring Apps", - "name": "4301dc2a-25a9-44b0-ae63-3636cf7f2bd2", + "description": "Allows for access to Azure API Center data plane read operations.", + "name": "c7244dfb-f447-457d-b2ba-3999044d1706", "permissions": [ { - "actions": [ - "Microsoft.AppPlatform/Spring/read", - "Microsoft.AppPlatform/Spring/gateways/read" - ], + "actions": [], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.AppPlatform/Spring/SpringCloudGateway/logstream/action" + "Microsoft.ApiCenter/services/*/read", + "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Spring Apps Spring Cloud Gateway Log Reader Role", + "roleName": "Azure API Center Data Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15682,21 +15680,24 @@ "assignableScopes": [ "/" ], - "description": "Grants you access to take actions as an on-site person to assist in the provisioning of an edge device", - "name": "207bcc4b-86a6-4487-9141-d6c1f4c238aa", + "description": "Read real-time logs for Application Configuration Service in Azure Spring Apps", + "name": "6593e776-2a30-40f9-8a32-4fe28b77655d", "permissions": [ { "actions": [ - "Microsoft.EdgeOrder/orderItems/read" + "Microsoft.AppPlatform/Spring/read", + "Microsoft.AppPlatform/Spring/configurationServices/read" ], "condition": null, "conditionVersion": null, - "dataActions": [], + "dataActions": [ + "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action" + ], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Edge On-Site Deployment Engineer", + "roleName": "Azure Spring Apps Application Configuration Service Log Reader Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15704,22 +15705,21 @@ "assignableScopes": [ "/" ], - "description": "Allows for access to Azure API Center data plane read operations.", - "name": "c7244dfb-f447-457d-b2ba-3999044d1706", + "description": "Grants you access to take actions as an on-site person to assist in the provisioning of an edge device", + "name": "207bcc4b-86a6-4487-9141-d6c1f4c238aa", "permissions": [ { - "actions": [], + "actions": [ + "Microsoft.EdgeOrder/orderItems/read" + ], "condition": null, "conditionVersion": null, - "dataActions": [ - "Microsoft.ApiCenter/services/*/read", - "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action" - ], + "dataActions": [], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure API Center Data Reader", + "roleName": "Azure Edge On-Site Deployment Engineer", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15789,33 +15789,35 @@ "assignableScopes": [ "/" ], - "description": "Enables permissions for the operator to manage and update the cloud controller managers deployed on top of OpenShift.", - "name": "a1f96423-95ce-4224-ab27-4e3dc72facd4", + "description": "Enables permissions for the operator to manage a singleton instance of the OpenShift image registry. It manages all configuration of the registry, including creating storage.", + "name": "8b32b316-c2f5-4ddf-b05b-83dacd2d08b5", "permissions": [ { "actions": [ - "Microsoft.Compute/virtualMachines/read", - "Microsoft.Network/loadBalancers/read", - "Microsoft.Network/loadBalancers/write", - "Microsoft.Network/networkInterfaces/read", - "Microsoft.Network/networkSecurityGroups/read", - "Microsoft.Network/networkSecurityGroups/write", - "Microsoft.Network/publicIPAddresses/join/action", - "Microsoft.Network/publicIPAddresses/read", - "Microsoft.Network/publicIPAddresses/write", - "Microsoft.Network/virtualNetworks/subnets/join/action", - "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/loadBalancers/backendAddressPools/join/action", - "Microsoft.Network/networkInterfaces/write" + "Microsoft.Storage/storageAccounts/blobServices/read", + "Microsoft.Storage/storageAccounts/blobServices/containers/read", + "Microsoft.Storage/storageAccounts/blobServices/containers/write", + "Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action", + "Microsoft.Storage/storageAccounts/read", + "Microsoft.Storage/storageAccounts/write", + "Microsoft.Storage/storageAccounts/delete", + "Microsoft.Storage/storageAccounts/listKeys/action", + "Microsoft.Resources/tags/write" ], "condition": null, "conditionVersion": null, - "dataActions": [], + "dataActions": [ + "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete", + "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write", + "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read", + "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action", + "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action" + ], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Red Hat OpenShift Cloud Controller Manager Role", + "roleName": "Azure Red Hat OpenShift Image Registry Operator Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15823,25 +15825,18 @@ "assignableScopes": [ "/" ], - "description": "Enables permissions to set OpenShift cluster-wide storage defaults. It ensures a default storageclass exists for clusters. It also installs Container Storage Interface (CSI) drivers which enable your cluster to use various storage backends.", - "name": "5b7237c5-45e1-49d6-bc18-a1f62f400748", + "description": "The ARO Operator is responsible for maintaining features, checks, and resources that are specific to an Azure Red Hat OpenShift cluster's continued functionality as a managed service. This includes, but is not limited to, machine management and health, network configuration, and monitoring.", + "name": "4436bae4-7702-4c84-919b-c4069ff25ee2", "permissions": [ { "actions": [ - "Microsoft.Compute/virtualMachines/write", - "Microsoft.Compute/virtualMachines/read", - "Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write", - "Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read", - "Microsoft.Compute/virtualMachineScaleSets/read", - "Microsoft.Compute/snapshots/write", - "Microsoft.Compute/snapshots/read", - "Microsoft.Compute/snapshots/delete", - "Microsoft.Compute/locations/operations/read", - "Microsoft.Compute/locations/DiskOperations/read", - "Microsoft.Compute/disks/write", - "Microsoft.Compute/disks/read", - "Microsoft.Compute/disks/delete", - "Microsoft.Resources/subscriptions/resourceGroups/read" + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Network/virtualNetworks/subnets/write", + "Microsoft.Network/natGateways/join/action", + "Microsoft.Network/routeTables/join/action", + "Microsoft.Network/networkSecurityGroups/join/action", + "Microsoft.Storage/storageAccounts/listKeys/action", + "Microsoft.Storage/storageAccounts/read" ], "condition": null, "conditionVersion": null, @@ -15850,7 +15845,7 @@ "notDataActions": [] } ], - "roleName": "Azure Red Hat OpenShift Storage Operator Role", + "roleName": "Azure Red Hat OpenShift Service Operator Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15885,35 +15880,59 @@ "assignableScopes": [ "/" ], - "description": "Enables permissions for the operator to manage a singleton instance of the OpenShift image registry. It manages all configuration of the registry, including creating storage.", - "name": "8b32b316-c2f5-4ddf-b05b-83dacd2d08b5", + "description": "Enables permissions to set OpenShift cluster-wide storage defaults. It ensures a default storageclass exists for clusters. It also installs Container Storage Interface (CSI) drivers which enable your cluster to use various storage backends.", + "name": "5b7237c5-45e1-49d6-bc18-a1f62f400748", "permissions": [ { "actions": [ - "Microsoft.Storage/storageAccounts/blobServices/read", - "Microsoft.Storage/storageAccounts/blobServices/containers/read", - "Microsoft.Storage/storageAccounts/blobServices/containers/write", - "Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action", - "Microsoft.Storage/storageAccounts/read", - "Microsoft.Storage/storageAccounts/write", - "Microsoft.Storage/storageAccounts/delete", - "Microsoft.Storage/storageAccounts/listKeys/action", - "Microsoft.Resources/tags/write" + "Microsoft.Compute/virtualMachines/write", + "Microsoft.Compute/virtualMachines/read", + "Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write", + "Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read", + "Microsoft.Compute/virtualMachineScaleSets/read", + "Microsoft.Compute/snapshots/write", + "Microsoft.Compute/snapshots/read", + "Microsoft.Compute/snapshots/delete", + "Microsoft.Compute/locations/operations/read", + "Microsoft.Compute/locations/DiskOperations/read", + "Microsoft.Compute/disks/write", + "Microsoft.Compute/disks/read", + "Microsoft.Compute/disks/delete", + "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, "conditionVersion": null, - "dataActions": [ - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete", - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write", - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read", - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action", - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action" + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Red Hat OpenShift Storage Operator Role", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "assignableScopes": [ + "/" + ], + "description": "Enables permissions for the operator to configure and manage the OpenShift router.", + "name": "0336e1d3-7a87-462b-b6db-342b63f7802c", + "permissions": [ + { + "actions": [ + "Microsoft.Network/dnsZones/A/delete", + "Microsoft.Network/dnsZones/A/write", + "Microsoft.Network/privateDnsZones/A/delete", + "Microsoft.Network/privateDnsZones/A/write" ], + "condition": null, + "conditionVersion": null, + "dataActions": [], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Red Hat OpenShift Image Registry Operator Role", + "roleName": "Azure Red Hat OpenShift Cluster Ingress Operator Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15953,18 +15972,24 @@ "assignableScopes": [ "/" ], - "description": "The ARO Operator is responsible for maintaining features, checks, and resources that are specific to an Azure Red Hat OpenShift cluster's continued functionality as a managed service. This includes, but is not limited to, machine management and health, network configuration, and monitoring.", - "name": "4436bae4-7702-4c84-919b-c4069ff25ee2", + "description": "Enables permissions for the operator to manage and update the cloud controller managers deployed on top of OpenShift.", + "name": "a1f96423-95ce-4224-ab27-4e3dc72facd4", "permissions": [ { "actions": [ + "Microsoft.Compute/virtualMachines/read", + "Microsoft.Network/loadBalancers/read", + "Microsoft.Network/loadBalancers/write", + "Microsoft.Network/networkInterfaces/read", + "Microsoft.Network/networkSecurityGroups/read", + "Microsoft.Network/networkSecurityGroups/write", + "Microsoft.Network/publicIPAddresses/join/action", + "Microsoft.Network/publicIPAddresses/read", + "Microsoft.Network/publicIPAddresses/write", + "Microsoft.Network/virtualNetworks/subnets/join/action", "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/virtualNetworks/subnets/write", - "Microsoft.Network/natGateways/join/action", - "Microsoft.Network/routeTables/join/action", - "Microsoft.Network/networkSecurityGroups/join/action", - "Microsoft.Storage/storageAccounts/listKeys/action", - "Microsoft.Storage/storageAccounts/read" + "Microsoft.Network/loadBalancers/backendAddressPools/join/action", + "Microsoft.Network/networkInterfaces/write" ], "condition": null, "conditionVersion": null, @@ -15973,7 +15998,7 @@ "notDataActions": [] } ], - "roleName": "Azure Red Hat OpenShift Service Operator Role", + "roleName": "Azure Red Hat OpenShift Cloud Controller Manager Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16030,31 +16055,6 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, - { - "assignableScopes": [ - "/" - ], - "description": "Enables permissions for the operator to configure and manage the OpenShift router.", - "name": "0336e1d3-7a87-462b-b6db-342b63f7802c", - "permissions": [ - { - "actions": [ - "Microsoft.Network/dnsZones/A/delete", - "Microsoft.Network/dnsZones/A/write", - "Microsoft.Network/privateDnsZones/A/delete", - "Microsoft.Network/privateDnsZones/A/write" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "Azure Red Hat OpenShift Cluster Ingress Operator Role", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, { "assignableScopes": [ "/" @@ -16113,20 +16113,21 @@ "assignableScopes": [ "/" ], - "description": "Read and create GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.", - "name": "e2217c0e-04bb-4724-9580-91cf9871bc01", + "description": "Read GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.", + "name": "d0f495dc-44ef-4140-aeb0-b89110e6a7c1", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/read", - "MICROSOFT.QUOTA/QUOTAS/WRITE", "MICROSOFT.QUOTA/QUOTAS/READ", "MICROSOFT.QUOTA/USAGES/READ", "MICROSOFT.QUOTA/QUOTAREQUESTS/READ", "MICROSOFT.QUOTA/REGISTER/ACTION", - "Microsoft.Quota/GROUPQUOTAS/*/READ", - "Microsoft.Quota/GROUPQUOTAS/*/WRITE" + "Microsoft.Quota/GROUPQUOTAS/READ", + "Microsoft.Quota/GROUPQUOTAS/subscriptions/READ", + "Microsoft.Quota/GROUPQUOTAS/groupQuotaLimits/READ", + "Microsoft.Quota/GROUPQUOTAS/quotaAllocations/READ" ], "condition": null, "conditionVersion": null, @@ -16135,7 +16136,7 @@ "notDataActions": [] } ], - "roleName": "GroupQuota Request Operator", + "roleName": "GroupQuota Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16143,21 +16144,20 @@ "assignableScopes": [ "/" ], - "description": "Read GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.", - "name": "d0f495dc-44ef-4140-aeb0-b89110e6a7c1", + "description": "Read and create GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.", + "name": "e2217c0e-04bb-4724-9580-91cf9871bc01", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/read", + "MICROSOFT.QUOTA/QUOTAS/WRITE", "MICROSOFT.QUOTA/QUOTAS/READ", "MICROSOFT.QUOTA/USAGES/READ", "MICROSOFT.QUOTA/QUOTAREQUESTS/READ", "MICROSOFT.QUOTA/REGISTER/ACTION", - "Microsoft.Quota/GROUPQUOTAS/READ", - "Microsoft.Quota/GROUPQUOTAS/subscriptions/READ", - "Microsoft.Quota/GROUPQUOTAS/groupQuotaLimits/READ", - "Microsoft.Quota/GROUPQUOTAS/quotaAllocations/READ" + "Microsoft.Quota/GROUPQUOTAS/*/READ", + "Microsoft.Quota/GROUPQUOTAS/*/WRITE" ], "condition": null, "conditionVersion": null, @@ -16166,7 +16166,7 @@ "notDataActions": [] } ], - "roleName": "GroupQuota Reader", + "roleName": "GroupQuota Request Operator", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16329,21 +16329,43 @@ "assignableScopes": [ "/" ], - "description": "Users with editor access can sign in, view and edit all the bot resources, scenarios and configuration setting except for the bot instance keys & secrets and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs). A read-only access to the bot skills and channels.", - "name": "af854a69-80ce-4ff7-8447-f1118a2e0ca8", + "description": "Users with reader access can sign in, have read-only access to the bot resources, scenarios and configuration setting except for the bot instance keys & secrets (including Authentication, Data Connection and Channels keys) and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs).", + "name": "eb5a76d5-50e7-4c33-a449-070e7c9c4cf2", "permissions": [ { "actions": [], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.HealthBot/healthBots/Editor/Action" + "Microsoft.HealthBot/healthBots/Reader/Action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Health Bot Editor", + "roleName": "Health Bot Reader", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "assignableScopes": [ + "/" + ], + "description": "Users with admin access can sign in, view and edit all of the bot resources, scenarios and configuration setting including the bot instance keys & secrets.", + "name": "f1082fec-a70f-419f-9230-885d2550fb38", + "permissions": [ + { + "actions": [], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.HealthBot/healthBots/Admin/Action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Health Bot Admin", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16351,21 +16373,21 @@ "assignableScopes": [ "/" ], - "description": "Users with reader access can sign in, have read-only access to the bot resources, scenarios and configuration setting except for the bot instance keys & secrets (including Authentication, Data Connection and Channels keys) and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs).", - "name": "eb5a76d5-50e7-4c33-a449-070e7c9c4cf2", + "description": "Users with editor access can sign in, view and edit all the bot resources, scenarios and configuration setting except for the bot instance keys & secrets and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs). A read-only access to the bot skills and channels.", + "name": "af854a69-80ce-4ff7-8447-f1118a2e0ca8", "permissions": [ { "actions": [], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.HealthBot/healthBots/Reader/Action" + "Microsoft.HealthBot/healthBots/Editor/Action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Health Bot Reader", + "roleName": "Health Bot Editor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16397,28 +16419,6 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, - { - "assignableScopes": [ - "/" - ], - "description": "Users with admin access can sign in, view and edit all of the bot resources, scenarios and configuration setting including the bot instance keys & secrets.", - "name": "f1082fec-a70f-419f-9230-885d2550fb38", - "permissions": [ - { - "actions": [], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.HealthBot/healthBots/Admin/Action" - ], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "Health Bot Admin", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, { "assignableScopes": [ "/" @@ -16920,18 +16920,14 @@ "assignableScopes": [ "/" ], - "description": "Allows read-only access to Azure API Center service.", - "name": "6cba8790-29c5-48e5-bab1-c7541b01cb04", + "description": "Allows managing API compliance in Azure API Center service.", + "name": "ede9aaa3-4627-494e-be13-4aa7c256148d", "permissions": [ { "actions": [ "Microsoft.ApiCenter/services/*/read", - "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action", - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.ResourceHealth/availabilityStatuses/read", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read" + "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action", + "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action" ], "condition": null, "conditionVersion": null, @@ -16940,7 +16936,7 @@ "notDataActions": [] } ], - "roleName": "Azure API Center Service Reader", + "roleName": "Azure API Center Compliance Manager", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16948,14 +16944,18 @@ "assignableScopes": [ "/" ], - "description": "Allows managing API compliance in Azure API Center service.", - "name": "ede9aaa3-4627-494e-be13-4aa7c256148d", + "description": "Allows read-only access to Azure API Center service.", + "name": "6cba8790-29c5-48e5-bab1-c7541b01cb04", "permissions": [ { "actions": [ "Microsoft.ApiCenter/services/*/read", - "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action", - "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action" + "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action", + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.ResourceHealth/availabilityStatuses/read", + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, "conditionVersion": null, @@ -16964,7 +16964,7 @@ "notDataActions": [] } ], - "roleName": "Azure API Center Compliance Manager", + "roleName": "Azure API Center Service Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16972,27 +16972,38 @@ "assignableScopes": [ "/" ], - "description": "Provide access to Historical Weather Data Solution by Bayer Ag Powered Services", - "name": "b5b192c1-773c-4543-bfb0-6c59254b74a9", + "description": "Grants full access to manage all VmCluster resources", + "name": "e9ce8739-6fa2-4123-a0a2-0ef41a67806f", "permissions": [ { - "actions": [], + "actions": [ + "Oracle.Database/cloudVmClusters/*/read", + "Oracle.Database/cloudVmClusters/*/write", + "Oracle.Database/cloudVmClusters/*/delete", + "Oracle.Database/cloudExadataInfrastructures/write", + "Oracle.Database/cloudExadataInfrastructures/*/read", + "Oracle.Database/Locations/*/read", + "Oracle.Database/Locations/*/write", + "Oracle.Database/Operations/read", + "Oracle.Database/oracleSubscriptions/*/read", + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Network/virtualNetworks/read", + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Network/virtualNetworks/subnets/write", + "Microsoft.Network/locations/operations/read", + "Microsoft.Compute/sshPublicKeys/read", + "Microsoft.Compute/sshPublicKeys/write", + "Microsoft.Compute/sshPublicKeys/generateKeyPair/action" + ], "condition": null, "conditionVersion": null, - "dataActions": [ - "Microsoft.AgFoodPlatform/farmBeats/parties/read", - "Microsoft.AgFoodPlatform/farmBeats/parties/fields/read", - "Microsoft.AgFoodPlatform/farmBeats/parties/fields/write", - "Microsoft.AgFoodPlatform/farmBeats/parties/farms/read", - "Microsoft.AgFoodPlatform/farmBeats/parties/farms/write", - "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*", - "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*" - ], + "dataActions": [], "notActions": [], "notDataActions": [] } ], - "roleName": "Bayer Ag Powered Services Historical Weather Data Solution User Role", + "roleName": "Oracle.Database VmCluster Administrator Built-in Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17000,26 +17011,29 @@ "assignableScopes": [ "/" ], - "description": "Grants full access to manage all VmCluster resources", - "name": "e9ce8739-6fa2-4123-a0a2-0ef41a67806f", + "description": "Grants full access to manage all Exadata Infrastructure resources", + "name": "4cfdd23b-aece-4fd1-b614-ad3a06c53453", "permissions": [ { "actions": [ + "Oracle.Database/cloudExadataInfrastructures/*/read", + "Oracle.Database/cloudExadataInfrastructures/*/write", + "Oracle.Database/cloudExadataInfrastructures/*/delete", "Oracle.Database/cloudVmClusters/*/read", "Oracle.Database/cloudVmClusters/*/write", "Oracle.Database/cloudVmClusters/*/delete", - "Oracle.Database/cloudExadataInfrastructures/write", - "Oracle.Database/cloudExadataInfrastructures/*/read", + "Oracle.Database/cloudVmClusters/*/action", "Oracle.Database/Locations/*/read", "Oracle.Database/Locations/*/write", "Oracle.Database/Operations/read", "Oracle.Database/oracleSubscriptions/*/read", - "Microsoft.Resources/deployments/*", + "Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Network/virtualNetworks/read", "Microsoft.Network/virtualNetworks/subnets/read", "Microsoft.Network/virtualNetworks/subnets/write", + "Microsoft.Network/virtualNetworks/read", "Microsoft.Network/locations/operations/read", + "Microsoft.Resources/deployments/*", "Microsoft.Compute/sshPublicKeys/read", "Microsoft.Compute/sshPublicKeys/write", "Microsoft.Compute/sshPublicKeys/generateKeyPair/action" @@ -17031,7 +17045,7 @@ "notDataActions": [] } ], - "roleName": "Oracle.Database VmCluster Administrator Built-in Role", + "roleName": "Oracle.Database Exadata Infrastructure Administrator Built-in Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17039,24 +17053,20 @@ "assignableScopes": [ "/" ], - "description": "Grants read access to all Oracle.Database resources", - "name": "d623d097-b882-4e1e-a26f-ac60e31065a1", + "description": "Grants full access to manage all Oracle Subscriptions resources", + "name": "4caf51ec-f9f5-413f-8a94-b9f5fddba66b", "permissions": [ { "actions": [ + "Oracle.Database/oracleSubscriptions/*/read", + "Oracle.Database/oracleSubscriptions/*/write", + "Oracle.Database/oracleSubscriptions/*/delete", + "Oracle.Database/oracleSubscriptions/*/action", "Oracle.Database/Locations/*/read", + "Oracle.Database/Locations/*/write", "Oracle.Database/Operations/read", - "Oracle.Database/oracleSubscriptions/*/read", - "Oracle.Database/cloudExadataInfrastructures/*/read", - "Oracle.Database/cloudVmClusters/*/read", - "Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action", - "Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/deployments/*/read", - "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/virtualNetworks/read", - "Microsoft.Network/locations/operations/read", - "Microsoft.Resources/deployments/*" + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, "conditionVersion": null, @@ -17065,7 +17075,7 @@ "notDataActions": [] } ], - "roleName": "Oracle.Database Reader Built-in Role", + "roleName": "Oracle Subscriptions Manager Built-in Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17104,29 +17114,27 @@ "assignableScopes": [ "/" ], - "description": "Grants full access to manage all Oracle Subscriptions resources", - "name": "4caf51ec-f9f5-413f-8a94-b9f5fddba66b", + "description": "Provide access to Historical Weather Data Solution by Bayer Ag Powered Services", + "name": "b5b192c1-773c-4543-bfb0-6c59254b74a9", "permissions": [ { - "actions": [ - "Oracle.Database/oracleSubscriptions/*/read", - "Oracle.Database/oracleSubscriptions/*/write", - "Oracle.Database/oracleSubscriptions/*/delete", - "Oracle.Database/oracleSubscriptions/*/action", - "Oracle.Database/Locations/*/read", - "Oracle.Database/Locations/*/write", - "Oracle.Database/Operations/read", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read" - ], + "actions": [], "condition": null, "conditionVersion": null, - "dataActions": [], + "dataActions": [ + "Microsoft.AgFoodPlatform/farmBeats/parties/read", + "Microsoft.AgFoodPlatform/farmBeats/parties/fields/read", + "Microsoft.AgFoodPlatform/farmBeats/parties/fields/write", + "Microsoft.AgFoodPlatform/farmBeats/parties/farms/read", + "Microsoft.AgFoodPlatform/farmBeats/parties/farms/write", + "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*", + "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*" + ], "notActions": [], "notDataActions": [] } ], - "roleName": "Oracle Subscriptions Manager Built-in Role", + "roleName": "Bayer Ag Powered Services Historical Weather Data Solution User Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17134,32 +17142,24 @@ "assignableScopes": [ "/" ], - "description": "Grants full access to manage all Exadata Infrastructure resources", - "name": "4cfdd23b-aece-4fd1-b614-ad3a06c53453", + "description": "Grants read access to all Oracle.Database resources", + "name": "d623d097-b882-4e1e-a26f-ac60e31065a1", "permissions": [ { "actions": [ - "Oracle.Database/cloudExadataInfrastructures/*/read", - "Oracle.Database/cloudExadataInfrastructures/*/write", - "Oracle.Database/cloudExadataInfrastructures/*/delete", - "Oracle.Database/cloudVmClusters/*/read", - "Oracle.Database/cloudVmClusters/*/write", - "Oracle.Database/cloudVmClusters/*/delete", - "Oracle.Database/cloudVmClusters/*/action", "Oracle.Database/Locations/*/read", - "Oracle.Database/Locations/*/write", "Oracle.Database/Operations/read", "Oracle.Database/oracleSubscriptions/*/read", + "Oracle.Database/cloudExadataInfrastructures/*/read", + "Oracle.Database/cloudVmClusters/*/read", + "Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action", "Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action", "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Resources/deployments/*/read", "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/virtualNetworks/subnets/write", "Microsoft.Network/virtualNetworks/read", "Microsoft.Network/locations/operations/read", - "Microsoft.Resources/deployments/*", - "Microsoft.Compute/sshPublicKeys/read", - "Microsoft.Compute/sshPublicKeys/write", - "Microsoft.Compute/sshPublicKeys/generateKeyPair/action" + "Microsoft.Resources/deployments/*" ], "condition": null, "conditionVersion": null, @@ -17168,7 +17168,7 @@ "notDataActions": [] } ], - "roleName": "Oracle.Database Exadata Infrastructure Administrator Built-in Role", + "roleName": "Oracle.Database Reader Built-in Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17479,12 +17479,13 @@ "assignableScopes": [ "/" ], - "description": "Read-only access to Nexus Network Fabric Service", - "name": "05fdd44c-adc6-4aff-981c-61041f0c929a", + "description": "Read-write access to Nexus Network Fabric Service", + "name": "a5eb8433-97a5-4a06-80b2-a877e1622c31", "permissions": [ { "actions": [ "Microsoft.ManagedNetworkFabric/*/read", + "Microsoft.ManagedNetworkFabric/*/write", "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", "Microsoft.Resources/deployments/*", @@ -17497,7 +17498,7 @@ "notDataActions": [] } ], - "roleName": "Nexus Network Fabric Service Reader", + "roleName": "Nexus Network Fabric Service Writer", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17505,13 +17506,12 @@ "assignableScopes": [ "/" ], - "description": "Read-write access to Nexus Network Fabric Service", - "name": "a5eb8433-97a5-4a06-80b2-a877e1622c31", + "description": "Read-only access to Nexus Network Fabric Service", + "name": "05fdd44c-adc6-4aff-981c-61041f0c929a", "permissions": [ { "actions": [ "Microsoft.ManagedNetworkFabric/*/read", - "Microsoft.ManagedNetworkFabric/*/write", "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", "Microsoft.Resources/deployments/*", @@ -17524,7 +17524,7 @@ "notDataActions": [] } ], - "roleName": "Nexus Network Fabric Service Writer", + "roleName": "Nexus Network Fabric Service Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17532,8 +17532,8 @@ "assignableScopes": [ "/" ], - "description": "Allows a user to manage deployment stacks, but cannot create or delete deny assignments within the deployment stack.", - "name": "bf7f8882-3383-422a-806a-6526c631a88a", + "description": "Allows a user to manage deployment stacks, including those with deny assignments.", + "name": "adb29209-aa1d-457b-a786-c913953d2891", "permissions": [ { "actions": [ @@ -17541,8 +17541,7 @@ "Microsoft.Insights/alertRules/*", "Microsoft.Resources/deployments/*", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/deploymentStacks/write", - "Microsoft.Resources/deploymentStacks/read" + "Microsoft.Resources/deploymentStacks/*" ], "condition": null, "conditionVersion": null, @@ -17551,7 +17550,7 @@ "notDataActions": [] } ], - "roleName": "Azure Deployment Stack Contributor", + "roleName": "Azure Deployment Stack Owner", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17559,8 +17558,8 @@ "assignableScopes": [ "/" ], - "description": "Allows a user to manage deployment stacks, including those with deny assignments.", - "name": "adb29209-aa1d-457b-a786-c913953d2891", + "description": "Allows a user to manage deployment stacks, but cannot create or delete deny assignments within the deployment stack.", + "name": "bf7f8882-3383-422a-806a-6526c631a88a", "permissions": [ { "actions": [ @@ -17568,7 +17567,8 @@ "Microsoft.Insights/alertRules/*", "Microsoft.Resources/deployments/*", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/deploymentStacks/*" + "Microsoft.Resources/deploymentStacks/write", + "Microsoft.Resources/deploymentStacks/read" ], "condition": null, "conditionVersion": null, @@ -17577,7 +17577,7 @@ "notDataActions": [] } ], - "roleName": "Azure Deployment Stack Owner", + "roleName": "Azure Deployment Stack Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17632,8 +17632,8 @@ "assignableScopes": [ "/" ], - "description": "Allows for read, write, and delete access to Azure Container Registry repositories, but excluding catalog listing. This role is in preview and subject to change.", - "name": "2efddaa5-3f1f-4df3-97df-af3f13818f4c", + "description": "Allows for read access to Azure Container Registry repositories, but excluding catalog listing. This role is in preview and subject to change.", + "name": "b93aa761-3e63-49ed-ac28-beffa264f7ac", "permissions": [ { "actions": [], @@ -17641,17 +17641,13 @@ "conditionVersion": null, "dataActions": [ "Microsoft.ContainerRegistry/registries/repositories/metadata/read", - "Microsoft.ContainerRegistry/registries/repositories/content/read", - "Microsoft.ContainerRegistry/registries/repositories/metadata/write", - "Microsoft.ContainerRegistry/registries/repositories/content/write", - "Microsoft.ContainerRegistry/registries/repositories/metadata/delete", - "Microsoft.ContainerRegistry/registries/repositories/content/delete" + "Microsoft.ContainerRegistry/registries/repositories/content/read" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Container Registry Repository Contributor", + "roleName": "Container Registry Repository Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17684,8 +17680,8 @@ "assignableScopes": [ "/" ], - "description": "Allows for read access to Azure Container Registry repositories, but excluding catalog listing. This role is in preview and subject to change.", - "name": "b93aa761-3e63-49ed-ac28-beffa264f7ac", + "description": "Allows for read, write, and delete access to Azure Container Registry repositories, but excluding catalog listing. This role is in preview and subject to change.", + "name": "2efddaa5-3f1f-4df3-97df-af3f13818f4c", "permissions": [ { "actions": [], @@ -17693,13 +17689,17 @@ "conditionVersion": null, "dataActions": [ "Microsoft.ContainerRegistry/registries/repositories/metadata/read", - "Microsoft.ContainerRegistry/registries/repositories/content/read" + "Microsoft.ContainerRegistry/registries/repositories/content/read", + "Microsoft.ContainerRegistry/registries/repositories/metadata/write", + "Microsoft.ContainerRegistry/registries/repositories/content/write", + "Microsoft.ContainerRegistry/registries/repositories/metadata/delete", + "Microsoft.ContainerRegistry/registries/repositories/content/delete" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Container Registry Repository Reader", + "roleName": "Container Registry Repository Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17762,33 +17762,26 @@ "assignableScopes": [ "/" ], - "description": "This is the role for publishing gallery artifacts.", - "name": "85a2d0d9-2eba-4c9c-b355-11c2cc0788ab", + "description": "Grant full access to manage all Toolchain orchestrator resources.", + "name": "2ccf8795-8983-4912-8036-1c45212c95e8", "permissions": [ { "actions": [ - "Microsoft.Compute/galleries/*", - "Microsoft.Compute/locations/capsOperations/read", - "Microsoft.Compute/locations/communityGalleries/*", - "Microsoft.Compute/locations/sharedGalleries/*", - "Microsoft.Compute/images/*", - "Microsoft.Compute/virtualMachines/write", - "Microsoft.Compute/disks/write", - "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read" + "Microsoft.Resources/deployments/write", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.ToolchainOrchestrator/*" ], "condition": null, "conditionVersion": null, "dataActions": [], - "notActions": [ - "Microsoft.Compute/galleries/share/action" - ], + "notActions": [], "notDataActions": [] } ], - "roleName": "Compute Gallery Artifacts Publisher", + "roleName": "ToolchainOrchestrator Admin Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17823,26 +17816,33 @@ "assignableScopes": [ "/" ], - "description": "Grant full access to manage all Toolchain orchestrator resources.", - "name": "2ccf8795-8983-4912-8036-1c45212c95e8", + "description": "This is the role for publishing gallery artifacts.", + "name": "85a2d0d9-2eba-4c9c-b355-11c2cc0788ab", "permissions": [ { "actions": [ + "Microsoft.Compute/galleries/*", + "Microsoft.Compute/locations/capsOperations/read", + "Microsoft.Compute/locations/communityGalleries/*", + "Microsoft.Compute/locations/sharedGalleries/*", + "Microsoft.Compute/images/*", + "Microsoft.Compute/virtualMachines/write", + "Microsoft.Compute/disks/write", + "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/write", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ToolchainOrchestrator/*" + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, "conditionVersion": null, "dataActions": [], - "notActions": [], + "notActions": [ + "Microsoft.Compute/galleries/share/action" + ], "notDataActions": [] } ], - "roleName": "ToolchainOrchestrator Admin Role", + "roleName": "Compute Gallery Artifacts Publisher", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -18252,21 +18252,21 @@ "assignableScopes": [ "/" ], - "description": "View home page.", - "name": "41e04612-9dac-4699-a02b-c82ff2cc3fb5", + "description": "Provides permissions to read, write or delete disk encryption sets which are used for encrypting managed disks with customer managed keys", + "name": "136d308c-0937-4a49-9bd7-edfb42adbffc", "permissions": [ { - "actions": [], + "actions": [ + "Microsoft.Compute/diskEncryptionSets/*" + ], "condition": null, "conditionVersion": null, - "dataActions": [ - "Microsoft.Dashboard/grafana/ActAsGrafanaLimitedViewer/action" - ], + "dataActions": [], "notActions": [], "notDataActions": [] } ], - "roleName": "Grafana Limited Viewer", + "roleName": "Disk Encryption Set Operator for Managed Disks", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -18274,21 +18274,21 @@ "assignableScopes": [ "/" ], - "description": "Provides permissions to read, write or delete disk encryption sets which are used for encrypting managed disks with customer managed keys", - "name": "136d308c-0937-4a49-9bd7-edfb42adbffc", + "description": "View home page.", + "name": "41e04612-9dac-4699-a02b-c82ff2cc3fb5", "permissions": [ { - "actions": [ - "Microsoft.Compute/diskEncryptionSets/*" - ], + "actions": [], "condition": null, "conditionVersion": null, - "dataActions": [], + "dataActions": [ + "Microsoft.Dashboard/grafana/ActAsGrafanaLimitedViewer/action" + ], "notActions": [], "notDataActions": [] } ], - "roleName": "Disk Encryption Set Operator for Managed Disks", + "roleName": "Grafana Limited Viewer", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -18420,35 +18420,23 @@ "assignableScopes": [ "/" ], - "description": "Read, logstream and exec into Container Apps.", - "name": "f3bd1b5c-91fa-40e7-afe7-0c11d331232c", + "description": "Read access to ContainerApps sessionpools.", + "name": "af61e8fc-2633-4b95-bed3-421ad6826515", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "Microsoft.App/containerApps/*/read", - "Microsoft.App/containerApps/*/action", - "Microsoft.App/managedEnvironments/read", - "Microsoft.App/managedEnvironments/*/read", - "Microsoft.App/managedEnvironments/join/action", - "Microsoft.App/managedEnvironments/checknameavailability/action", - "Microsoft.App/connectedEnvironments/read", - "Microsoft.App/connectedEnvironments/*/read", - "Microsoft.App/connectedEnvironments/join/action", - "Microsoft.App/connectedEnvironments/checknameavailability/action" + "Microsoft.App/sessionPools/*/read" ], "condition": null, "conditionVersion": null, - "dataActions": [ - "Microsoft.App/containerApps/logstream/action", - "Microsoft.App/containerApps/exec/action" - ], + "dataActions": [], "notActions": [], "notDataActions": [] } ], - "roleName": "Container Apps Operator", + "roleName": "Container Apps SessionPools Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -18480,6 +18468,30 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, + { + "assignableScopes": [ + "/" + ], + "description": "Read access to ContainerApps managedenvironments.", + "name": "1b32c00b-7eff-4c22-93e6-93d11d72d2d8", + "permissions": [ + { + "actions": [ + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.App/managedEnvironments/*/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Container Apps ManagedEnvironments Reader", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, { "assignableScopes": [ "/" @@ -18519,14 +18531,26 @@ "assignableScopes": [ "/" ], - "description": "Read access to ContainerApps managedenvironments.", - "name": "1b32c00b-7eff-4c22-93e6-93d11d72d2d8", + "description": "Full management of Container Apps SessionPools, including creation, deletion, and updates.", + "name": "f7669afb-68b2-44b4-9c5f-6d2a47fddda0", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "Microsoft.App/managedEnvironments/*/read" + "Microsoft.App/sessionPools/*/read", + "Microsoft.App/sessionPools/*/write", + "Microsoft.App/sessionPools/*/delete", + "Microsoft.App/sessionPools/*/action", + "microsoft.App/managedEnvironments/read", + "Microsoft.App/managedEnvironments/*/read", + "Microsoft.App/managedEnvironments/join/action", + "Microsoft.App/managedEnvironments/checknameavailability/action", + "microsoft.App/connectedEnvironments/read", + "Microsoft.App/connectedEnvironments/*/read", + "Microsoft.App/connectedEnvironments/join/action", + "Microsoft.App/connectedEnvironments/checknameavailability/action", + "Microsoft.Resources/deployments/*" ], "condition": null, "conditionVersion": null, @@ -18535,7 +18559,7 @@ "notDataActions": [] } ], - "roleName": "Container Apps ManagedEnvironments Reader", + "roleName": "Container Apps SessionPools Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -18567,23 +18591,35 @@ "assignableScopes": [ "/" ], - "description": "Read access to ContainerApps sessionpools.", - "name": "af61e8fc-2633-4b95-bed3-421ad6826515", + "description": "Read, logstream and exec into Container Apps.", + "name": "f3bd1b5c-91fa-40e7-afe7-0c11d331232c", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "Microsoft.App/sessionPools/*/read" + "Microsoft.App/containerApps/*/read", + "Microsoft.App/containerApps/*/action", + "Microsoft.App/managedEnvironments/read", + "Microsoft.App/managedEnvironments/*/read", + "Microsoft.App/managedEnvironments/join/action", + "Microsoft.App/managedEnvironments/checknameavailability/action", + "Microsoft.App/connectedEnvironments/read", + "Microsoft.App/connectedEnvironments/*/read", + "Microsoft.App/connectedEnvironments/join/action", + "Microsoft.App/connectedEnvironments/checknameavailability/action" ], "condition": null, "conditionVersion": null, - "dataActions": [], + "dataActions": [ + "Microsoft.App/containerApps/logstream/action", + "Microsoft.App/containerApps/exec/action" + ], "notActions": [], "notDataActions": [] } ], - "roleName": "Container Apps SessionPools Reader", + "roleName": "Container Apps Operator", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -18624,42 +18660,6 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, - { - "assignableScopes": [ - "/" - ], - "description": "Full management of Container Apps SessionPools, including creation, deletion, and updates.", - "name": "f7669afb-68b2-44b4-9c5f-6d2a47fddda0", - "permissions": [ - { - "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.App/sessionPools/*/read", - "Microsoft.App/sessionPools/*/write", - "Microsoft.App/sessionPools/*/delete", - "Microsoft.App/sessionPools/*/action", - "microsoft.App/managedEnvironments/read", - "Microsoft.App/managedEnvironments/*/read", - "Microsoft.App/managedEnvironments/join/action", - "Microsoft.App/managedEnvironments/checknameavailability/action", - "microsoft.App/connectedEnvironments/read", - "Microsoft.App/connectedEnvironments/*/read", - "Microsoft.App/connectedEnvironments/join/action", - "Microsoft.App/connectedEnvironments/checknameavailability/action", - "Microsoft.Resources/deployments/*" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "Container Apps SessionPools Contributor", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, { "assignableScopes": [ "/" @@ -18739,6 +18739,28 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, + { + "assignableScopes": [ + "/" + ], + "description": "Provide full access to all Azure Device Update agent operations", + "name": "2a740172-0fc2-4039-972c-b31864cd47d6", + "permissions": [ + { + "actions": [], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.DeviceUpdate/updateAccounts/agents/requestUpdate/action" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Device Update Agent", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, { "assignableScopes": [ "/" @@ -18783,28 +18805,6 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, - { - "assignableScopes": [ - "/" - ], - "description": "Provide full access to all Azure Device Update agent operations", - "name": "2a740172-0fc2-4039-972c-b31864cd47d6", - "permissions": [ - { - "actions": [], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.DeviceUpdate/updateAccounts/agents/requestUpdate/action" - ], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "Azure Device Update Agent", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, { "assignableScopes": [ "/" @@ -19050,31 +19050,5 @@ "roleName": "App Configuration Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" - }, - { - "assignableScopes": [ - "/" - ], - "description": "Lets you managed your Service Fabric Managed Cluster resources", - "name": "83f80186-3729-438c-ad2d-39e94d718838", - "permissions": [ - { - "actions": [ - "Microsoft.ServiceFabric/managedclusters/*", - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "Service Fabric Managed Cluster Contributor", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" } ] diff --git a/azure/built-in-roles.json b/azure/built-in-roles.json index 45a65375e..35280145c 100644 --- a/azure/built-in-roles.json +++ b/azure/built-in-roles.json @@ -142521,6 +142521,13 @@ "providerDisplayName": "NewRelic.Observability", "providerName": "NewRelic.Observability" }, + { + "description": "Refreshes the ingestion key for all monitors linked to the same account associated to a monitor.", + "displayName": "Refresh Ingestion Key", + "name": "NewRelic.Observability/monitors/refreshIngestionKey/action", + "providerDisplayName": "NewRelic.Observability", + "providerName": "NewRelic.Observability" + }, { "description": "Get Metric rules for a NewRelic resource", "displayName": "Get Metric Rules", @@ -142542,6 +142549,13 @@ "providerDisplayName": "NewRelic.Observability", "providerName": "NewRelic.Observability" }, + { + "description": "Resubscribe the NewRelic monitor resource to Azure", + "displayName": "Resubscribe", + "name": "NewRelic.Observability/monitors/resubscribe/action", + "providerDisplayName": "NewRelic.Observability", + "providerName": "NewRelic.Observability" + }, { "description": "Get marketplace and organization info mapped to the given monitor", "displayName": "Get marketplace and organization info mapped to the given monitor", @@ -148002,6 +148016,13 @@ "providerDisplayName": "Microsoft Resource Notifications", "providerName": "Microsoft.ResourceNotifications" }, + { + "description": "Permission to perform creation and event subscription creation on a ContainerServiceEventResources system topic", + "displayName": "Permission subscribeToContainerServiceEventResources granted", + "name": "Microsoft.ResourceNotifications/systemTopics/subscribeToContainerServiceEventResources/action", + "providerDisplayName": "Microsoft Resource Notifications", + "providerName": "Microsoft.ResourceNotifications" + }, { "description": "Register the subscription for Microsoft.ConnectedCredentials", "displayName": "Register the Microsoft.ConnectedCredentials", @@ -538011,6 +538032,13 @@ "providerDisplayName": "NewRelic.Observability", "providerName": "NewRelic.Observability" }, + { + "description": "Refreshes the ingestion key for all monitors linked to the same account associated to a monitor.", + "displayName": "Refresh Ingestion Key", + "name": "NewRelic.Observability/monitors/refreshIngestionKey/action", + "providerDisplayName": "NewRelic.Observability", + "providerName": "NewRelic.Observability" + }, { "description": "Get Metric rules for a NewRelic resource", "displayName": "Get Metric Rules", @@ -538032,6 +538060,13 @@ "providerDisplayName": "NewRelic.Observability", "providerName": "NewRelic.Observability" }, + { + "description": "Resubscribe the NewRelic monitor resource to Azure", + "displayName": "Resubscribe", + "name": "NewRelic.Observability/monitors/resubscribe/action", + "providerDisplayName": "NewRelic.Observability", + "providerName": "NewRelic.Observability" + }, { "description": "Get marketplace and organization info mapped to the given monitor", "displayName": "Get marketplace and organization info mapped to the given monitor", @@ -543492,6 +543527,13 @@ "providerDisplayName": "Microsoft Resource Notifications", "providerName": "Microsoft.ResourceNotifications" }, + { + "description": "Permission to perform creation and event subscription creation on a ContainerServiceEventResources system topic", + "displayName": "Permission subscribeToContainerServiceEventResources granted", + "name": "Microsoft.ResourceNotifications/systemTopics/subscribeToContainerServiceEventResources/action", + "providerDisplayName": "Microsoft Resource Notifications", + "providerName": "Microsoft.ResourceNotifications" + }, { "description": "Register the subscription for Microsoft.ConnectedCredentials", "displayName": "Register the Microsoft.ConnectedCredentials", @@ -969052,106 +969094,29 @@ ] }, { - "description": "Arc ScVmm VM Contributor has permissions to perform all VM actions.", + "description": "Azure Arc ScVmm Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vmm server instances to Azure.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Arc ScVmm VM Contributor", + "name": "Azure Arc ScVmm Private Clouds Onboarding", "permittedActions": [ { - "description": "Deletes virtualmachines", - "displayName": "Deletes virtualmachines resource", - "name": "Microsoft.SCVMM/virtualmachines/Delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Retrieves information about a virtual machine instance.", - "displayName": "VirtualMachineInstances_Get", - "name": "Microsoft.SCVMM/virtualMachineInstances/read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "The operation to create or update a virtual machine instance. Please note some properties can be set only during virtual machine instance creation.", - "displayName": "VirtualMachineInstances_CreateOrUpdate", - "name": "Microsoft.SCVMM/virtualMachineInstances/write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "The operation to delete a virtual machine instance.", - "displayName": "VirtualMachineInstances_Delete", - "name": "Microsoft.SCVMM/virtualMachineInstances/delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "The operation to power off (stop) a virtual machine instance.", - "displayName": "VirtualMachineInstances_Stop", - "name": "Microsoft.SCVMM/virtualMachineInstances/stop/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "The operation to start a virtual machine instance.", - "displayName": "VirtualMachineInstances_Start", - "name": "Microsoft.SCVMM/virtualMachineInstances/start/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "The operation to restart a virtual machine instance.", - "displayName": "VirtualMachineInstances_Restart", - "name": "Microsoft.SCVMM/virtualMachineInstances/restart/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Creates a checkpoint in virtual machine instance.", - "displayName": "VirtualMachineInstances_CreateCheckpoint", - "name": "Microsoft.SCVMM/virtualMachineInstances/createCheckpoint/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Deletes a checkpoint in virtual machine instance.", - "displayName": "VirtualMachineInstances_DeleteCheckpoint", - "name": "Microsoft.SCVMM/virtualMachineInstances/deleteCheckpoint/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Restores to a checkpoint in virtual machine instance.", - "displayName": "VirtualMachineInstances_RestoreCheckpoint", - "name": "Microsoft.SCVMM/virtualMachineInstances/restoreCheckpoint/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Implements HybridIdentityMetadata GET method.", - "displayName": "VirtualMachineInstanceHybridIdentityMetadata_Get", - "name": "Microsoft.SCVMM/virtualMachineInstances/hybridIdentityMetadata/read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Implements GuestAgent GET method.", - "displayName": "VMInstanceGuestAgents_Get", - "name": "Microsoft.SCVMM/virtualMachineInstances/guestAgents/read", + "description": "Read vmmservers", + "displayName": "Gets/List vmmservers resources", + "name": "Microsoft.SCVMM/vmmservers/Read", "providerDisplayName": "Microsoft.SCVMM", "providerName": "Microsoft.SCVMM" }, { - "description": "Create Or Update GuestAgent.", - "displayName": "VMInstanceGuestAgents_Create", - "name": "Microsoft.SCVMM/virtualMachineInstances/guestAgents/write", + "description": "Writes vmmservers", + "displayName": "Create/update vmmservers resources", + "name": "Microsoft.SCVMM/vmmservers/Write", "providerDisplayName": "Microsoft.SCVMM", "providerName": "Microsoft.SCVMM" }, { - "description": "Implements GuestAgent DELETE method.", - "displayName": "VMInstanceGuestAgents_Delete", - "name": "Microsoft.SCVMM/virtualMachineInstances/guestAgents/delete", + "description": "Deletes vmmservers", + "displayName": "Deletes vmmservers resource", + "name": "Microsoft.SCVMM/vmmservers/Delete", "providerDisplayName": "Microsoft.SCVMM", "providerName": "Microsoft.SCVMM" }, @@ -969525,217 +969490,15 @@ "name": "Microsoft.ExtendedLocation/customLocations/deploy/action", "providerDisplayName": "Microsoft.ExtendedLocation", "providerName": "Microsoft.ExtendedLocation" - }, - { - "description": "Read any Azure Arc machines", - "displayName": "Read Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Writes an Azure Arc machines", - "displayName": "Write Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Deletes an Azure Arc machines", - "displayName": "Delete Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Upgrades Extensions on Azure Arc machines", - "displayName": "Upgrade Extensions on Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/UpgradeExtensions/action", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Assesses any Azure Arc machines to get missing software patches", - "displayName": "Assess Azure Arc machines to get missing software patches", - "name": "Microsoft.HybridCompute/machines/assessPatches/action", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Installs patches on any Azure Arc machines", - "displayName": "Install patches on Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/installPatches/action", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc extensions", - "displayName": "Read Azure Arc extensions", - "name": "Microsoft.HybridCompute/machines/extensions/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Installs or Updates an Azure Arc extensions", - "displayName": "Install or Update an Azure Arc extensions", - "name": "Microsoft.HybridCompute/machines/extensions/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Deletes an Azure Arc extensions", - "displayName": "Delete Azure Arc extensions", - "name": "Microsoft.HybridCompute/machines/extensions/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Read all Operations for Azure Arc for Servers", - "displayName": "Read all Operations", - "name": "Microsoft.HybridCompute/operations/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", - "displayName": "Read Operation Results", - "name": "Microsoft.HybridCompute/locations/operationresults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", - "displayName": "Read Operation Results", - "name": "Microsoft.HybridCompute/locations/operationstatus/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc patchAssessmentResults", - "displayName": "Read Azure Arc patchAssessmentResults", - "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc patchAssessmentResults/softwarePatches", - "displayName": "Read Azure Arc patchAssessmentResults/softwarePatches", - "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc patchInstallationResults", - "displayName": "Read Azure Arc patchInstallationResults", - "name": "Microsoft.HybridCompute/machines/patchInstallationResults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc patchInstallationResults/softwarePatches", - "displayName": "Read Azure Arc patchInstallationResults/softwarePatches", - "name": "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads the status of an update center operation on machines", - "displayName": "Read Update Center Operation Results", - "name": "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Read any Azure Arc machines's Hybrid Identity Metadata", - "displayName": "Read Azure Arc machines's Hybrid Identity Metadata", - "name": "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Read all Azure Connected Machine Agent versions available", - "displayName": "Read all Azure Connected Machine Agent versions available", - "name": "Microsoft.HybridCompute/osType/agentVersions/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Read the latest Azure Connected Machine Agent version", - "displayName": "Read the latest Azure Connected Machine Agent version", - "name": "Microsoft.HybridCompute/osType/agentVersions/latest/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc runcommands", - "displayName": "Read Azure Arc runcommands", - "name": "Microsoft.HybridCompute/machines/runcommands/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Installs or Updates an Azure Arc runcommands", - "displayName": "Install or Update an Azure Arc runcommands", - "name": "Microsoft.HybridCompute/machines/runcommands/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Deletes an Azure Arc runcommands", - "displayName": "Delete Azure Arc runcommands", - "name": "Microsoft.HybridCompute/machines/runcommands/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc licenseProfiles", - "displayName": "Read Azure Arc licenseProfiles", - "name": "Microsoft.HybridCompute/machines/licenseProfiles/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Installs or Updates an Azure Arc licenseProfiles", - "displayName": "Install or Update an Azure Arc licenseProfiles", - "name": "Microsoft.HybridCompute/machines/licenseProfiles/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Deletes an Azure Arc licenseProfiles", - "displayName": "Delete Azure Arc licenseProfiles", - "name": "Microsoft.HybridCompute/machines/licenseProfiles/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc licenses", - "displayName": "Read Azure Arc licenses", - "name": "Microsoft.HybridCompute/licenses/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Installs or Updates an Azure Arc licenses", - "displayName": "Install or Update an Azure Arc licenses", - "name": "Microsoft.HybridCompute/licenses/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Deletes an Azure Arc licenses", - "displayName": "Delete Azure Arc licenses", - "name": "Microsoft.HybridCompute/licenses/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "microsoft.scvmm/virtualmachines/*", - "microsoft.scvmm/virtualMachineInstances/*", + "microsoft.scvmm/vmmservers/Read", + "microsoft.scvmm/vmmservers/Write", + "microsoft.scvmm/vmmservers/Delete", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -969762,36 +969525,7 @@ "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/operationresults/read", "Microsoft.ExtendedLocation/customLocations/Read", - "Microsoft.ExtendedLocation/customLocations/deploy/action", - "Microsoft.HybridCompute/machines/read", - "Microsoft.HybridCompute/machines/write", - "Microsoft.HybridCompute/machines/delete", - "Microsoft.HybridCompute/machines/UpgradeExtensions/action", - "Microsoft.HybridCompute/machines/assessPatches/action", - "Microsoft.HybridCompute/machines/installPatches/action", - "Microsoft.HybridCompute/machines/extensions/read", - "Microsoft.HybridCompute/machines/extensions/write", - "Microsoft.HybridCompute/machines/extensions/delete", - "Microsoft.HybridCompute/operations/read", - "Microsoft.HybridCompute/locations/operationresults/read", - "Microsoft.HybridCompute/locations/operationstatus/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", - "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", - "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", - "Microsoft.HybridCompute/osType/agentVersions/read", - "Microsoft.HybridCompute/osType/agentVersions/latest/read", - "Microsoft.HybridCompute/machines/runcommands/read", - "Microsoft.HybridCompute/machines/runcommands/write", - "Microsoft.HybridCompute/machines/runcommands/delete", - "Microsoft.HybridCompute/machines/licenseProfiles/read", - "Microsoft.HybridCompute/machines/licenseProfiles/write", - "Microsoft.HybridCompute/machines/licenseProfiles/delete", - "Microsoft.HybridCompute/licenses/read", - "Microsoft.HybridCompute/licenses/write", - "Microsoft.HybridCompute/licenses/delete" + "Microsoft.ExtendedLocation/customLocations/deploy/action" ], "condition": null, "conditionVersion": null, @@ -969802,74 +969536,11 @@ ] }, { - "description": "Arc ScVmm VM Administrator has permissions to perform all ScVmm actions.", + "description": "Arc ScVmm VM Contributor has permissions to perform all VM actions.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Arc ScVmm Administrator role", + "name": "Azure Arc ScVmm VM Contributor", "permittedActions": [ - { - "description": "unregister RP.", - "displayName": "unregister RP.", - "name": "Microsoft.SCVMM/unregister/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "register RP.", - "displayName": "register RP.", - "name": "Microsoft.SCVMM/register/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Read vmmservers", - "displayName": "Gets/List vmmservers resources", - "name": "Microsoft.SCVMM/vmmservers/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Writes vmmservers", - "displayName": "Create/update vmmservers resources", - "name": "Microsoft.SCVMM/vmmservers/Write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Deletes vmmservers", - "displayName": "Deletes vmmservers resource", - "name": "Microsoft.SCVMM/vmmservers/Delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Read clouds", - "displayName": "Gets/List clouds resources", - "name": "Microsoft.SCVMM/clouds/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Writes clouds", - "displayName": "Create/update clouds resources", - "name": "Microsoft.SCVMM/clouds/Write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Deletes clouds", - "displayName": "Deletes clouds resource", - "name": "Microsoft.SCVMM/clouds/Delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Deploy on resource pool.", - "displayName": "Deploy on resource pool.", - "name": "Microsoft.SCVMM/clouds/deploy/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, { "description": "Deletes virtualmachines", "displayName": "Deletes virtualmachines resource", @@ -969877,139 +969548,6 @@ "providerDisplayName": "Microsoft.SCVMM", "providerName": "Microsoft.SCVMM" }, - { - "description": "Read virtualmachinetemplates", - "displayName": "Gets/List virtualmachinetemplates resources", - "name": "Microsoft.SCVMM/virtualmachinetemplates/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Writes virtualmachinetemplates", - "displayName": "Create/update virtualmachinetemplates resources", - "name": "Microsoft.SCVMM/virtualmachinetemplates/Write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Deletes virtualmachinetemplates", - "displayName": "Deletes virtualmachinetemplates resource", - "name": "Microsoft.SCVMM/virtualmachinetemplates/Delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Clones virtualmachinetemplates", - "displayName": "Clones virtualmachinetemplates resource", - "name": "Microsoft.SCVMM/virtualmachinetemplates/clone/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Read virtualnetworks", - "displayName": "Gets/List virtualnetworks resources", - "name": "Microsoft.SCVMM/virtualnetworks/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Writes virtualnetworks", - "displayName": "Create/update virtualnetworks resources", - "name": "Microsoft.SCVMM/virtualnetworks/Write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Deletes virtualnetworks", - "displayName": "Deletes virtualnetworks resource", - "name": "Microsoft.SCVMM/virtualnetworks/Delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Join virtual network.", - "displayName": "Join virtual network.", - "name": "Microsoft.SCVMM/virtualnetworks/join/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Read availabilitySets", - "displayName": "Gets/List availabilitySets resources", - "name": "Microsoft.SCVMM/availabilitySets/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Writes availabilitySets", - "displayName": "Create/update availabilitySets resources", - "name": "Microsoft.SCVMM/availabilitySets/Write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Deletes availabilitySets", - "displayName": "Deletes availabilitySets resource", - "name": "Microsoft.SCVMM/availabilitySets/Delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Deletes vmmserver inventoryitems", - "displayName": "Deletes vmmservers inventoryitems resource", - "name": "Microsoft.SCVMM/vmmservers/inventoryitems/Delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Read vmmserver inventoryitems", - "displayName": "Gets/List vmmservers inventoryitems resources", - "name": "Microsoft.SCVMM/vmmservers/inventoryitems/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Writes vmmservers inventoryitems", - "displayName": "Create/update vmmservers inventoryitems resources", - "name": "Microsoft.SCVMM/vmmservers/inventoryitems/Write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Onboards vmmservers inventoryitems", - "displayName": "Onboards vmmservers inventoryitems resources", - "name": "Microsoft.SCVMM/vmmservers/inventoryitems/onboard/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Read operationstatus.", - "displayName": "Read operationstatus.", - "name": "Microsoft.SCVMM/locations/operationstatuses/read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Write operationstatus.", - "displayName": "Write operationstatus.", - "name": "Microsoft.SCVMM/locations/operationstatuses/write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Read operations.", - "displayName": "Read operations.", - "name": "Microsoft.SCVMM/operations/read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Get skus.", - "displayName": "Get skus.", - "name": "Microsoft.SCVMM/skus/read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, { "description": "Retrieves information about a virtual machine instance.", "displayName": "VirtualMachineInstances_Get", @@ -970680,7 +970218,8 @@ "rawPermissions": [ { "actions": [ - "Microsoft.ScVmm/*", + "microsoft.scvmm/virtualmachines/*", + "microsoft.scvmm/virtualMachineInstances/*", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -970747,32 +970286,11 @@ ] }, { - "description": "Azure Arc ScVmm Private Clouds Onboarding role has permissions to provision all the required resources for onboard and deboard vmm server instances to Azure.", + "description": "Azure Arc ScVmm Private Cloud User has permissions to use the ScVmm resources to deploy VMs.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Arc ScVmm Private Clouds Onboarding", + "name": "Azure Arc ScVmm Private Cloud User", "permittedActions": [ - { - "description": "Read vmmservers", - "displayName": "Gets/List vmmservers resources", - "name": "Microsoft.SCVMM/vmmservers/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Writes vmmservers", - "displayName": "Create/update vmmservers resources", - "name": "Microsoft.SCVMM/vmmservers/Write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Deletes vmmservers", - "displayName": "Deletes vmmservers resource", - "name": "Microsoft.SCVMM/vmmservers/Delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, { "description": "Create or update a classic metric alert", "displayName": "Create or update classic metric alert", @@ -971130,6 +970648,48 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, + { + "description": "Join virtual network.", + "displayName": "Join virtual network.", + "name": "Microsoft.SCVMM/virtualnetworks/join/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read virtualnetworks", + "displayName": "Gets/List virtualnetworks resources", + "name": "Microsoft.SCVMM/virtualnetworks/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Clones virtualmachinetemplates", + "displayName": "Clones virtualmachinetemplates resource", + "name": "Microsoft.SCVMM/virtualmachinetemplates/clone/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read virtualmachinetemplates", + "displayName": "Gets/List virtualmachinetemplates resources", + "name": "Microsoft.SCVMM/virtualmachinetemplates/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deploy on resource pool.", + "displayName": "Deploy on resource pool.", + "name": "Microsoft.SCVMM/clouds/deploy/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read clouds", + "displayName": "Gets/List clouds resources", + "name": "Microsoft.SCVMM/clouds/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, { "description": "Gets an Custom Location resource", "displayName": "Get Custom Location", @@ -971143,15 +970703,19 @@ "name": "Microsoft.ExtendedLocation/customLocations/deploy/action", "providerDisplayName": "Microsoft.ExtendedLocation", "providerName": "Microsoft.ExtendedLocation" + }, + { + "description": "Gets EnabledResourceTypes for a Custom Location resource", + "displayName": "Get EnabledResourceTypes for Custom Location", + "name": "Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read", + "providerDisplayName": "Microsoft.ExtendedLocation", + "providerName": "Microsoft.ExtendedLocation" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "microsoft.scvmm/vmmservers/Read", - "microsoft.scvmm/vmmservers/Write", - "microsoft.scvmm/vmmservers/Delete", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -971177,8 +970741,15 @@ "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/operationresults/read", + "microsoft.scvmm/virtualnetworks/join/action", + "microsoft.scvmm/virtualnetworks/Read", + "microsoft.scvmm/virtualmachinetemplates/clone/action", + "microsoft.scvmm/virtualmachinetemplates/Read", + "microsoft.scvmm/clouds/deploy/action", + "microsoft.scvmm/clouds/Read", "Microsoft.ExtendedLocation/customLocations/Read", - "Microsoft.ExtendedLocation/customLocations/deploy/action" + "Microsoft.ExtendedLocation/customLocations/deploy/action", + "Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read" ], "condition": null, "conditionVersion": null, @@ -971189,11 +970760,305 @@ ] }, { - "description": "Azure Arc ScVmm Private Cloud User has permissions to use the ScVmm resources to deploy VMs.", + "description": "Arc ScVmm VM Administrator has permissions to perform all ScVmm actions.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Arc ScVmm Private Cloud User", + "name": "Azure Arc ScVmm Administrator role", "permittedActions": [ + { + "description": "unregister RP.", + "displayName": "unregister RP.", + "name": "Microsoft.SCVMM/unregister/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "register RP.", + "displayName": "register RP.", + "name": "Microsoft.SCVMM/register/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read vmmservers", + "displayName": "Gets/List vmmservers resources", + "name": "Microsoft.SCVMM/vmmservers/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Writes vmmservers", + "displayName": "Create/update vmmservers resources", + "name": "Microsoft.SCVMM/vmmservers/Write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deletes vmmservers", + "displayName": "Deletes vmmservers resource", + "name": "Microsoft.SCVMM/vmmservers/Delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read clouds", + "displayName": "Gets/List clouds resources", + "name": "Microsoft.SCVMM/clouds/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Writes clouds", + "displayName": "Create/update clouds resources", + "name": "Microsoft.SCVMM/clouds/Write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deletes clouds", + "displayName": "Deletes clouds resource", + "name": "Microsoft.SCVMM/clouds/Delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deploy on resource pool.", + "displayName": "Deploy on resource pool.", + "name": "Microsoft.SCVMM/clouds/deploy/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deletes virtualmachines", + "displayName": "Deletes virtualmachines resource", + "name": "Microsoft.SCVMM/virtualmachines/Delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read virtualmachinetemplates", + "displayName": "Gets/List virtualmachinetemplates resources", + "name": "Microsoft.SCVMM/virtualmachinetemplates/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Writes virtualmachinetemplates", + "displayName": "Create/update virtualmachinetemplates resources", + "name": "Microsoft.SCVMM/virtualmachinetemplates/Write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deletes virtualmachinetemplates", + "displayName": "Deletes virtualmachinetemplates resource", + "name": "Microsoft.SCVMM/virtualmachinetemplates/Delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Clones virtualmachinetemplates", + "displayName": "Clones virtualmachinetemplates resource", + "name": "Microsoft.SCVMM/virtualmachinetemplates/clone/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read virtualnetworks", + "displayName": "Gets/List virtualnetworks resources", + "name": "Microsoft.SCVMM/virtualnetworks/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Writes virtualnetworks", + "displayName": "Create/update virtualnetworks resources", + "name": "Microsoft.SCVMM/virtualnetworks/Write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deletes virtualnetworks", + "displayName": "Deletes virtualnetworks resource", + "name": "Microsoft.SCVMM/virtualnetworks/Delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Join virtual network.", + "displayName": "Join virtual network.", + "name": "Microsoft.SCVMM/virtualnetworks/join/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read availabilitySets", + "displayName": "Gets/List availabilitySets resources", + "name": "Microsoft.SCVMM/availabilitySets/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Writes availabilitySets", + "displayName": "Create/update availabilitySets resources", + "name": "Microsoft.SCVMM/availabilitySets/Write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deletes availabilitySets", + "displayName": "Deletes availabilitySets resource", + "name": "Microsoft.SCVMM/availabilitySets/Delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deletes vmmserver inventoryitems", + "displayName": "Deletes vmmservers inventoryitems resource", + "name": "Microsoft.SCVMM/vmmservers/inventoryitems/Delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read vmmserver inventoryitems", + "displayName": "Gets/List vmmservers inventoryitems resources", + "name": "Microsoft.SCVMM/vmmservers/inventoryitems/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Writes vmmservers inventoryitems", + "displayName": "Create/update vmmservers inventoryitems resources", + "name": "Microsoft.SCVMM/vmmservers/inventoryitems/Write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Onboards vmmservers inventoryitems", + "displayName": "Onboards vmmservers inventoryitems resources", + "name": "Microsoft.SCVMM/vmmservers/inventoryitems/onboard/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read operationstatus.", + "displayName": "Read operationstatus.", + "name": "Microsoft.SCVMM/locations/operationstatuses/read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Write operationstatus.", + "displayName": "Write operationstatus.", + "name": "Microsoft.SCVMM/locations/operationstatuses/write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read operations.", + "displayName": "Read operations.", + "name": "Microsoft.SCVMM/operations/read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Get skus.", + "displayName": "Get skus.", + "name": "Microsoft.SCVMM/skus/read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Retrieves information about a virtual machine instance.", + "displayName": "VirtualMachineInstances_Get", + "name": "Microsoft.SCVMM/virtualMachineInstances/read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "The operation to create or update a virtual machine instance. Please note some properties can be set only during virtual machine instance creation.", + "displayName": "VirtualMachineInstances_CreateOrUpdate", + "name": "Microsoft.SCVMM/virtualMachineInstances/write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "The operation to delete a virtual machine instance.", + "displayName": "VirtualMachineInstances_Delete", + "name": "Microsoft.SCVMM/virtualMachineInstances/delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "The operation to power off (stop) a virtual machine instance.", + "displayName": "VirtualMachineInstances_Stop", + "name": "Microsoft.SCVMM/virtualMachineInstances/stop/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "The operation to start a virtual machine instance.", + "displayName": "VirtualMachineInstances_Start", + "name": "Microsoft.SCVMM/virtualMachineInstances/start/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "The operation to restart a virtual machine instance.", + "displayName": "VirtualMachineInstances_Restart", + "name": "Microsoft.SCVMM/virtualMachineInstances/restart/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Creates a checkpoint in virtual machine instance.", + "displayName": "VirtualMachineInstances_CreateCheckpoint", + "name": "Microsoft.SCVMM/virtualMachineInstances/createCheckpoint/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deletes a checkpoint in virtual machine instance.", + "displayName": "VirtualMachineInstances_DeleteCheckpoint", + "name": "Microsoft.SCVMM/virtualMachineInstances/deleteCheckpoint/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Restores to a checkpoint in virtual machine instance.", + "displayName": "VirtualMachineInstances_RestoreCheckpoint", + "name": "Microsoft.SCVMM/virtualMachineInstances/restoreCheckpoint/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Implements HybridIdentityMetadata GET method.", + "displayName": "VirtualMachineInstanceHybridIdentityMetadata_Get", + "name": "Microsoft.SCVMM/virtualMachineInstances/hybridIdentityMetadata/read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Implements GuestAgent GET method.", + "displayName": "VMInstanceGuestAgents_Get", + "name": "Microsoft.SCVMM/virtualMachineInstances/guestAgents/read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Create Or Update GuestAgent.", + "displayName": "VMInstanceGuestAgents_Create", + "name": "Microsoft.SCVMM/virtualMachineInstances/guestAgents/write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Implements GuestAgent DELETE method.", + "displayName": "VMInstanceGuestAgents_Delete", + "name": "Microsoft.SCVMM/virtualMachineInstances/guestAgents/delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, { "description": "Create or update a classic metric alert", "displayName": "Create or update classic metric alert", @@ -971552,73 +971417,228 @@ "providerName": "Microsoft.Resources" }, { - "description": "Join virtual network.", - "displayName": "Join virtual network.", - "name": "Microsoft.SCVMM/virtualnetworks/join/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" + "description": "Gets an Custom Location resource", + "displayName": "Get Custom Location", + "name": "Microsoft.ExtendedLocation/customLocations/read", + "providerDisplayName": "Microsoft.ExtendedLocation", + "providerName": "Microsoft.ExtendedLocation" }, { - "description": "Read virtualnetworks", - "displayName": "Gets/List virtualnetworks resources", - "name": "Microsoft.SCVMM/virtualnetworks/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" + "description": "Deploy permissions to a Custom Location resource", + "displayName": "Deploy permissions to Custom Location", + "name": "Microsoft.ExtendedLocation/customLocations/deploy/action", + "providerDisplayName": "Microsoft.ExtendedLocation", + "providerName": "Microsoft.ExtendedLocation" }, { - "description": "Clones virtualmachinetemplates", - "displayName": "Clones virtualmachinetemplates resource", - "name": "Microsoft.SCVMM/virtualmachinetemplates/clone/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" + "description": "Read any Azure Arc machines", + "displayName": "Read Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Read virtualmachinetemplates", - "displayName": "Gets/List virtualmachinetemplates resources", - "name": "Microsoft.SCVMM/virtualmachinetemplates/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" + "description": "Writes an Azure Arc machines", + "displayName": "Write Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Deploy on resource pool.", - "displayName": "Deploy on resource pool.", - "name": "Microsoft.SCVMM/clouds/deploy/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" + "description": "Deletes an Azure Arc machines", + "displayName": "Delete Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Read clouds", - "displayName": "Gets/List clouds resources", - "name": "Microsoft.SCVMM/clouds/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" + "description": "Upgrades Extensions on Azure Arc machines", + "displayName": "Upgrade Extensions on Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/UpgradeExtensions/action", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Gets an Custom Location resource", - "displayName": "Get Custom Location", - "name": "Microsoft.ExtendedLocation/customLocations/read", - "providerDisplayName": "Microsoft.ExtendedLocation", - "providerName": "Microsoft.ExtendedLocation" + "description": "Assesses any Azure Arc machines to get missing software patches", + "displayName": "Assess Azure Arc machines to get missing software patches", + "name": "Microsoft.HybridCompute/machines/assessPatches/action", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Deploy permissions to a Custom Location resource", - "displayName": "Deploy permissions to Custom Location", - "name": "Microsoft.ExtendedLocation/customLocations/deploy/action", - "providerDisplayName": "Microsoft.ExtendedLocation", - "providerName": "Microsoft.ExtendedLocation" + "description": "Installs patches on any Azure Arc machines", + "displayName": "Install patches on Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/installPatches/action", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Gets EnabledResourceTypes for a Custom Location resource", - "displayName": "Get EnabledResourceTypes for Custom Location", - "name": "Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read", - "providerDisplayName": "Microsoft.ExtendedLocation", - "providerName": "Microsoft.ExtendedLocation" + "description": "Reads any Azure Arc extensions", + "displayName": "Read Azure Arc extensions", + "name": "Microsoft.HybridCompute/machines/extensions/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs or Updates an Azure Arc extensions", + "displayName": "Install or Update an Azure Arc extensions", + "name": "Microsoft.HybridCompute/machines/extensions/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc extensions", + "displayName": "Delete Azure Arc extensions", + "name": "Microsoft.HybridCompute/machines/extensions/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Read all Operations for Azure Arc for Servers", + "displayName": "Read all Operations", + "name": "Microsoft.HybridCompute/operations/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", + "displayName": "Read Operation Results", + "name": "Microsoft.HybridCompute/locations/operationresults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", + "displayName": "Read Operation Results", + "name": "Microsoft.HybridCompute/locations/operationstatus/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc patchAssessmentResults", + "displayName": "Read Azure Arc patchAssessmentResults", + "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc patchAssessmentResults/softwarePatches", + "displayName": "Read Azure Arc patchAssessmentResults/softwarePatches", + "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc patchInstallationResults", + "displayName": "Read Azure Arc patchInstallationResults", + "name": "Microsoft.HybridCompute/machines/patchInstallationResults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc patchInstallationResults/softwarePatches", + "displayName": "Read Azure Arc patchInstallationResults/softwarePatches", + "name": "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads the status of an update center operation on machines", + "displayName": "Read Update Center Operation Results", + "name": "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Read any Azure Arc machines's Hybrid Identity Metadata", + "displayName": "Read Azure Arc machines's Hybrid Identity Metadata", + "name": "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Read all Azure Connected Machine Agent versions available", + "displayName": "Read all Azure Connected Machine Agent versions available", + "name": "Microsoft.HybridCompute/osType/agentVersions/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Read the latest Azure Connected Machine Agent version", + "displayName": "Read the latest Azure Connected Machine Agent version", + "name": "Microsoft.HybridCompute/osType/agentVersions/latest/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc runcommands", + "displayName": "Read Azure Arc runcommands", + "name": "Microsoft.HybridCompute/machines/runcommands/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs or Updates an Azure Arc runcommands", + "displayName": "Install or Update an Azure Arc runcommands", + "name": "Microsoft.HybridCompute/machines/runcommands/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc runcommands", + "displayName": "Delete Azure Arc runcommands", + "name": "Microsoft.HybridCompute/machines/runcommands/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc licenseProfiles", + "displayName": "Read Azure Arc licenseProfiles", + "name": "Microsoft.HybridCompute/machines/licenseProfiles/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs or Updates an Azure Arc licenseProfiles", + "displayName": "Install or Update an Azure Arc licenseProfiles", + "name": "Microsoft.HybridCompute/machines/licenseProfiles/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc licenseProfiles", + "displayName": "Delete Azure Arc licenseProfiles", + "name": "Microsoft.HybridCompute/machines/licenseProfiles/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc licenses", + "displayName": "Read Azure Arc licenses", + "name": "Microsoft.HybridCompute/licenses/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs or Updates an Azure Arc licenses", + "displayName": "Install or Update an Azure Arc licenses", + "name": "Microsoft.HybridCompute/licenses/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc licenses", + "displayName": "Delete Azure Arc licenses", + "name": "Microsoft.HybridCompute/licenses/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ + "Microsoft.ScVmm/*", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -971644,15 +971664,37 @@ "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/operationresults/read", - "microsoft.scvmm/virtualnetworks/join/action", - "microsoft.scvmm/virtualnetworks/Read", - "microsoft.scvmm/virtualmachinetemplates/clone/action", - "microsoft.scvmm/virtualmachinetemplates/Read", - "microsoft.scvmm/clouds/deploy/action", - "microsoft.scvmm/clouds/Read", "Microsoft.ExtendedLocation/customLocations/Read", "Microsoft.ExtendedLocation/customLocations/deploy/action", - "Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read" + "Microsoft.HybridCompute/machines/read", + "Microsoft.HybridCompute/machines/write", + "Microsoft.HybridCompute/machines/delete", + "Microsoft.HybridCompute/machines/UpgradeExtensions/action", + "Microsoft.HybridCompute/machines/assessPatches/action", + "Microsoft.HybridCompute/machines/installPatches/action", + "Microsoft.HybridCompute/machines/extensions/read", + "Microsoft.HybridCompute/machines/extensions/write", + "Microsoft.HybridCompute/machines/extensions/delete", + "Microsoft.HybridCompute/operations/read", + "Microsoft.HybridCompute/locations/operationresults/read", + "Microsoft.HybridCompute/locations/operationstatus/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", + "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", + "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", + "Microsoft.HybridCompute/osType/agentVersions/read", + "Microsoft.HybridCompute/osType/agentVersions/latest/read", + "Microsoft.HybridCompute/machines/runcommands/read", + "Microsoft.HybridCompute/machines/runcommands/write", + "Microsoft.HybridCompute/machines/runcommands/delete", + "Microsoft.HybridCompute/machines/licenseProfiles/read", + "Microsoft.HybridCompute/machines/licenseProfiles/write", + "Microsoft.HybridCompute/machines/licenseProfiles/delete", + "Microsoft.HybridCompute/licenses/read", + "Microsoft.HybridCompute/licenses/write", + "Microsoft.HybridCompute/licenses/delete" ], "condition": null, "conditionVersion": null, @@ -971663,10 +971705,10 @@ ] }, { - "description": "Can read, create, modify and delete HDInsight on AKS cluster pools and create clusters", + "description": "Grants a user/group the ability to create, delete and manage clusters within a given cluster pool. Cluster Admin can also run workloads, monitor, and manage all user activity on these clusters.", "hasExternal": false, "hasUnknown": false, - "name": "HDInsight on AKS Cluster Pool Admin", + "name": "HDInsight on AKS Cluster Admin", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -971872,44 +971914,86 @@ "providerName": "Microsoft.HDInsight" }, { - "description": "Delete a HDInsight on AKS Cluster Pool", - "displayName": "Delete Cluster Pool", - "name": "Microsoft.HDInsight/clusterPools/delete", + "description": "Delete a HDInsight on AKS cluster", + "displayName": "Delete HDInsight on AKS Cluster", + "name": "Microsoft.HDInsight/clusterPools/clusters/delete", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Get details about HDInsight on AKS Cluster Pool", - "displayName": "Read Cluster Pool Details", - "name": "Microsoft.HDInsight/clusterPools/read", + "description": "Resize a HDInsight on AKS Cluster", + "displayName": "Resize HDInsight on AKS Cluster", + "name": "Microsoft.HDInsight/clusterPools/clusters/resize/action", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Create or Update HDInsight on AKS Cluster Pool", - "displayName": "Create or Update Cluster Pool", - "name": "Microsoft.HDInsight/clusterPools/write", + "description": "Get details about HDInsight on AKS Cluster Instance View", + "displayName": "Read Instance View Details", + "name": "Microsoft.HDInsight/clusterPools/clusters/instanceviews/read", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Get Avaliable Upgrades for HDInsight on AKS Cluster Pool", - "displayName": "Get Avaliable Upgrades for HDInsight on AKS Cluster Pool", - "name": "Microsoft.HDInsight/clusterPools/availableupgrades/read", + "description": "List HDInsight on AKS Cluster Jobs", + "displayName": "List HDInsight on AKS Cluster Jobs", + "name": "Microsoft.HDInsight/clusterPools/clusters/jobs/read", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Upgrade HDInsight on AKS Cluster Pool", - "displayName": "Upgrade HDInsight on AKS Cluster Pool", - "name": "Microsoft.HDInsight/clusterPools/upgrade/action", + "description": "Run HDInsight on AKS Cluster Job", + "displayName": "Run HDInsight on AKS Cluster Job", + "name": "Microsoft.HDInsight/clusterPools/clusters/runjob/action", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Read HDInsight on AKS Cluster Pool Upgrade Histories", - "displayName": "Read HDInsight on AKS Cluster Pool Upgrade Histories", - "name": "Microsoft.HDInsight/clusterPools/upgradehistories/read", + "description": "Get details about HDInsight on AKS Cluster Service Configurations", + "displayName": "Read Service Configurations Details", + "name": "Microsoft.HDInsight/clusterPools/clusters/serviceconfigs/read", + "providerDisplayName": "Microsoft.HDInsight", + "providerName": "Microsoft.HDInsight" + }, + { + "description": "Get Avaliable Upgrades for HDInsight on AKS Cluster", + "displayName": "Get Avaliable Upgrades for HDInsight on AKS Cluster", + "name": "Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read", + "providerDisplayName": "Microsoft.HDInsight", + "providerName": "Microsoft.HDInsight" + }, + { + "description": "Upgrade HDInsight on AKS Cluster", + "displayName": "Upgrade HDInsight on AKS Cluster", + "name": "Microsoft.HDInsight/clusterPools/clusters/upgrade/action", + "providerDisplayName": "Microsoft.HDInsight", + "providerName": "Microsoft.HDInsight" + }, + { + "description": "Rollback HDInsight on AKS Cluster Upgrade", + "displayName": "Rollback HDInsight on AKS Cluster Upgrade", + "name": "Microsoft.HDInsight/clusterPools/clusters/rollback/action", + "providerDisplayName": "Microsoft.HDInsight", + "providerName": "Microsoft.HDInsight" + }, + { + "description": "Read HDInsight on AKS Cluster Upgrade Histories", + "displayName": "Read HDInsight on AKS Cluster Upgrade Histories", + "name": "Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read", + "providerDisplayName": "Microsoft.HDInsight", + "providerName": "Microsoft.HDInsight" + }, + { + "description": "Read HDInsight on AKS Cluster Libaries", + "displayName": "Read HDInsight on AKS Cluster Libraries", + "name": "Microsoft.HDInsight/clusterPools/clusters/libraries/read", + "providerDisplayName": "Microsoft.HDInsight", + "providerName": "Microsoft.HDInsight" + }, + { + "description": "Manage HDInsight on AKS Cluster Libaries", + "displayName": "Manage HDInsight on AKS Cluster Libraries", + "name": "Microsoft.HDInsight/clusterPools/clusters/managelibraries/action", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, @@ -971927,13 +972011,6 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, { "description": "Gets or lists deployment operations.", "displayName": "Get Deployment Operation", @@ -971955,6 +972032,13 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, { "description": "Creates or updates an deployment.", "displayName": "Create Deployment", @@ -971969,13 +972053,6 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, { "description": "Gets or lists deployment operations.", "displayName": "Get Deployment Operation", @@ -972075,20 +972152,25 @@ "Microsoft.Authorization/*/read", "Microsoft.HDInsight/clusterPools/clusters/read", "Microsoft.HDInsight/clusterPools/clusters/write", - "Microsoft.HDInsight/clusterPools/delete", - "Microsoft.HDInsight/clusterPools/read", - "Microsoft.HDInsight/clusterPools/write", - "Microsoft.HDInsight/clusterpools/availableupgrades/read", - "Microsoft.HDInsight/clusterpools/upgrade/action", - "Microsoft.HDInsight/clusterPools/upgradehistories/read", + "Microsoft.HDInsight/clusterPools/clusters/delete", + "Microsoft.HDInsight/clusterPools/clusters/resize/action", + "Microsoft.HDInsight/clusterpools/clusters/instanceviews/read", + "Microsoft.HDInsight/clusterPools/clusters/jobs/read", + "Microsoft.HDInsight/clusterPools/clusters/runjob/action", + "Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read", + "Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read", + "Microsoft.HDInsight/clusterPools/clusters/upgrade/action", + "Microsoft.HDInsight/clusterPools/clusters/rollback/action", + "Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read", + "Microsoft.HDInsight/clusterPools/clusters/libraries/read", + "Microsoft.HDInsight/clusterPools/clusters/managelibraries/action", "Microsoft.ResourceHealth/availabilityStatuses/read", "Microsoft.Resources/deployments/operations/read", - "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/deployments/*/read", "Microsoft.Resources/deployments/read", + "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/deployments/write", "Microsoft.Resources/deployments/exportTemplate/action", - "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", "Microsoft.Resources/subscriptions/resourceGroups/read", @@ -972112,10 +972194,10 @@ ] }, { - "description": "Grants a user/group the ability to create, delete and manage clusters within a given cluster pool. Cluster Admin can also run workloads, monitor, and manage all user activity on these clusters.", + "description": "Can read, create, modify and delete HDInsight on AKS cluster pools and create clusters", "hasExternal": false, "hasUnknown": false, - "name": "HDInsight on AKS Cluster Admin", + "name": "HDInsight on AKS Cluster Pool Admin", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -972321,86 +972403,44 @@ "providerName": "Microsoft.HDInsight" }, { - "description": "Delete a HDInsight on AKS cluster", - "displayName": "Delete HDInsight on AKS Cluster", - "name": "Microsoft.HDInsight/clusterPools/clusters/delete", - "providerDisplayName": "Microsoft.HDInsight", - "providerName": "Microsoft.HDInsight" - }, - { - "description": "Resize a HDInsight on AKS Cluster", - "displayName": "Resize HDInsight on AKS Cluster", - "name": "Microsoft.HDInsight/clusterPools/clusters/resize/action", - "providerDisplayName": "Microsoft.HDInsight", - "providerName": "Microsoft.HDInsight" - }, - { - "description": "Get details about HDInsight on AKS Cluster Instance View", - "displayName": "Read Instance View Details", - "name": "Microsoft.HDInsight/clusterPools/clusters/instanceviews/read", - "providerDisplayName": "Microsoft.HDInsight", - "providerName": "Microsoft.HDInsight" - }, - { - "description": "List HDInsight on AKS Cluster Jobs", - "displayName": "List HDInsight on AKS Cluster Jobs", - "name": "Microsoft.HDInsight/clusterPools/clusters/jobs/read", - "providerDisplayName": "Microsoft.HDInsight", - "providerName": "Microsoft.HDInsight" - }, - { - "description": "Run HDInsight on AKS Cluster Job", - "displayName": "Run HDInsight on AKS Cluster Job", - "name": "Microsoft.HDInsight/clusterPools/clusters/runjob/action", - "providerDisplayName": "Microsoft.HDInsight", - "providerName": "Microsoft.HDInsight" - }, - { - "description": "Get details about HDInsight on AKS Cluster Service Configurations", - "displayName": "Read Service Configurations Details", - "name": "Microsoft.HDInsight/clusterPools/clusters/serviceconfigs/read", - "providerDisplayName": "Microsoft.HDInsight", - "providerName": "Microsoft.HDInsight" - }, - { - "description": "Get Avaliable Upgrades for HDInsight on AKS Cluster", - "displayName": "Get Avaliable Upgrades for HDInsight on AKS Cluster", - "name": "Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read", + "description": "Delete a HDInsight on AKS Cluster Pool", + "displayName": "Delete Cluster Pool", + "name": "Microsoft.HDInsight/clusterPools/delete", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Upgrade HDInsight on AKS Cluster", - "displayName": "Upgrade HDInsight on AKS Cluster", - "name": "Microsoft.HDInsight/clusterPools/clusters/upgrade/action", + "description": "Get details about HDInsight on AKS Cluster Pool", + "displayName": "Read Cluster Pool Details", + "name": "Microsoft.HDInsight/clusterPools/read", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Rollback HDInsight on AKS Cluster Upgrade", - "displayName": "Rollback HDInsight on AKS Cluster Upgrade", - "name": "Microsoft.HDInsight/clusterPools/clusters/rollback/action", + "description": "Create or Update HDInsight on AKS Cluster Pool", + "displayName": "Create or Update Cluster Pool", + "name": "Microsoft.HDInsight/clusterPools/write", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Read HDInsight on AKS Cluster Upgrade Histories", - "displayName": "Read HDInsight on AKS Cluster Upgrade Histories", - "name": "Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read", + "description": "Get Avaliable Upgrades for HDInsight on AKS Cluster Pool", + "displayName": "Get Avaliable Upgrades for HDInsight on AKS Cluster Pool", + "name": "Microsoft.HDInsight/clusterPools/availableupgrades/read", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Read HDInsight on AKS Cluster Libaries", - "displayName": "Read HDInsight on AKS Cluster Libraries", - "name": "Microsoft.HDInsight/clusterPools/clusters/libraries/read", + "description": "Upgrade HDInsight on AKS Cluster Pool", + "displayName": "Upgrade HDInsight on AKS Cluster Pool", + "name": "Microsoft.HDInsight/clusterPools/upgrade/action", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Manage HDInsight on AKS Cluster Libaries", - "displayName": "Manage HDInsight on AKS Cluster Libraries", - "name": "Microsoft.HDInsight/clusterPools/clusters/managelibraries/action", + "description": "Read HDInsight on AKS Cluster Pool Upgrade Histories", + "displayName": "Read HDInsight on AKS Cluster Pool Upgrade Histories", + "name": "Microsoft.HDInsight/clusterPools/upgradehistories/read", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, @@ -972418,6 +972458,13 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, { "description": "Gets or lists deployment operations.", "displayName": "Get Deployment Operation", @@ -972439,13 +972486,6 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, { "description": "Creates or updates an deployment.", "displayName": "Create Deployment", @@ -972460,6 +972500,13 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, { "description": "Gets or lists deployment operations.", "displayName": "Get Deployment Operation", @@ -972559,25 +972606,20 @@ "Microsoft.Authorization/*/read", "Microsoft.HDInsight/clusterPools/clusters/read", "Microsoft.HDInsight/clusterPools/clusters/write", - "Microsoft.HDInsight/clusterPools/clusters/delete", - "Microsoft.HDInsight/clusterPools/clusters/resize/action", - "Microsoft.HDInsight/clusterpools/clusters/instanceviews/read", - "Microsoft.HDInsight/clusterPools/clusters/jobs/read", - "Microsoft.HDInsight/clusterPools/clusters/runjob/action", - "Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read", - "Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read", - "Microsoft.HDInsight/clusterPools/clusters/upgrade/action", - "Microsoft.HDInsight/clusterPools/clusters/rollback/action", - "Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read", - "Microsoft.HDInsight/clusterPools/clusters/libraries/read", - "Microsoft.HDInsight/clusterPools/clusters/managelibraries/action", + "Microsoft.HDInsight/clusterPools/delete", + "Microsoft.HDInsight/clusterPools/read", + "Microsoft.HDInsight/clusterPools/write", + "Microsoft.HDInsight/clusterpools/availableupgrades/read", + "Microsoft.HDInsight/clusterpools/upgrade/action", + "Microsoft.HDInsight/clusterPools/upgradehistories/read", "Microsoft.ResourceHealth/availabilityStatuses/read", "Microsoft.Resources/deployments/operations/read", + "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/deployments/*/read", "Microsoft.Resources/deployments/read", - "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/deployments/write", "Microsoft.Resources/deployments/exportTemplate/action", + "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", "Microsoft.Resources/subscriptions/resourceGroups/read", @@ -975736,10 +975778,10 @@ ] }, { - "description": "Grants read/write access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace.\u00a0 Applying this role at cluster scope will give access across all namespaces.", + "description": "Grants read/write access to all Kubernetes resources in the fleet-managed hub cluster.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Kubernetes Fleet Manager RBAC Writer", + "name": "Azure Kubernetes Fleet Manager RBAC Cluster Admin", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -975967,6 +976009,111 @@ } ], "permittedDataActions": [ + { + "description": "Reads initializerconfigurations", + "displayName": "Gets/List initializerconfigurations resource", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/initializerconfigurations/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes initializerconfigurations", + "displayName": "Creates/Updates initializerconfigurations resource", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/initializerconfigurations/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes/DeletesCollection initializerconfigurations resource", + "displayName": "Initializerconfigurations", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/initializerconfigurations/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads mutatingwebhookconfigurations", + "displayName": "Gets/List mutatingwebhookconfigurations resource", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/mutatingwebhookconfigurations/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes mutatingwebhookconfigurations", + "displayName": "Creates/Updates mutatingwebhookconfigurations resource", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/mutatingwebhookconfigurations/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes mutatingwebhookconfigurations", + "displayName": "Deletes/DeletesCollection mutatingwebhookconfigurations resource", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/mutatingwebhookconfigurations/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads validatingwebhookconfigurations", + "displayName": "Gets/List validatingwebhookconfigurations resource", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/validatingwebhookconfigurations/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes validatingwebhookconfigurations", + "displayName": "Creates/Updates validatingwebhookconfigurations resource", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/validatingwebhookconfigurations/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes validatingwebhookconfigurations", + "displayName": "Deletes/DeletesCollection validatingwebhookconfigurations resource", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/validatingwebhookconfigurations/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads customresourcedefinitions", + "displayName": "Gets/List customresourcedefinitions resource", + "name": "Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes customresourcedefinitions", + "displayName": "Creates/Updates customresourcedefinitions resource", + "name": "Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes customresourcedefinitions", + "displayName": "Deletes/DeletesCollection customresourcedefinitions resource", + "name": "Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads apiservices", + "displayName": "Gets/List apiservices resource", + "name": "Microsoft.ContainerService/fleets/apiregistration.k8s.io/apiservices/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes apiservices", + "displayName": "Creates/Updates apiservices resource", + "name": "Microsoft.ContainerService/fleets/apiregistration.k8s.io/apiservices/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes apiservices", + "displayName": "Deletes/DeletesCollection apiservices resource", + "name": "Microsoft.ContainerService/fleets/apiregistration.k8s.io/apiservices/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, { "description": "Reads controllerrevisions", "displayName": "Gets/List controllerrevisions resource", @@ -975974,6 +976121,20 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, + { + "description": "Writes controllerrevisions", + "displayName": "Creates/Updates controllerrevisions resource", + "name": "Microsoft.ContainerService/fleets/apps/controllerrevisions/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes controllerrevisions", + "displayName": "Deletes/DeletesCollection controllerrevisions resource", + "name": "Microsoft.ContainerService/fleets/apps/controllerrevisions/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, { "description": "Reads daemonsets", "displayName": "Gets/List daemonsets resource", @@ -976037,6 +976198,41 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, + { + "description": "Writes tokenreviews", + "displayName": "Creates/Updates tokenreviews resource", + "name": "Microsoft.ContainerService/fleets/authentication.k8s.io/tokenreviews/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes localsubjectaccessreviews", + "displayName": "Creates/Updates localsubjectaccessreviews resource", + "name": "Microsoft.ContainerService/fleets/authorization.k8s.io/localsubjectaccessreviews/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes selfsubjectaccessreviews", + "displayName": "Creates/Updates selfsubjectaccessreviews resource", + "name": "Microsoft.ContainerService/fleets/authorization.k8s.io/selfsubjectaccessreviews/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes selfsubjectrulesreviews", + "displayName": "Creates/Updates selfsubjectrulesreviews resource", + "name": "Microsoft.ContainerService/fleets/authorization.k8s.io/selfsubjectrulesreviews/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes subjectaccessreviews", + "displayName": "Creates/Updates subjectaccessreviews resource", + "name": "Microsoft.ContainerService/fleets/authorization.k8s.io/subjectaccessreviews/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, { "description": "Reads horizontalpodautoscalers", "displayName": "Gets/List horizontalpodautoscalers resource", @@ -976100,6 +976296,76 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, + { + "description": "Reads certificatesigningrequests", + "displayName": "Gets/List certificatesigningrequests resource", + "name": "Microsoft.ContainerService/fleets/certificates.k8s.io/certificatesigningrequests/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes certificatesigningrequests", + "displayName": "Creates/Updates certificatesigningrequests resource", + "name": "Microsoft.ContainerService/fleets/certificates.k8s.io/certificatesigningrequests/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes certificatesigningrequests", + "displayName": "Deletes/DeletesCollection certificatesigningrequests resource", + "name": "Microsoft.ContainerService/fleets/certificates.k8s.io/certificatesigningrequests/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads leases", + "displayName": "Gets/List leases resource", + "name": "Microsoft.ContainerService/fleets/coordination.k8s.io/leases/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes leases", + "displayName": "Creates/Updates leases resource", + "name": "Microsoft.ContainerService/fleets/coordination.k8s.io/leases/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes leases", + "displayName": "Deletes/DeletesCollection leases resource", + "name": "Microsoft.ContainerService/fleets/coordination.k8s.io/leases/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes bindings", + "displayName": "Creates/Updates bindings resource", + "name": "Microsoft.ContainerService/fleets/bindings/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads componentstatuses", + "displayName": "Gets/List componentstatuses resource", + "name": "Microsoft.ContainerService/fleets/componentstatuses/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes componentstatuses", + "displayName": "Creates/Updates componentstatuses resource", + "name": "Microsoft.ContainerService/fleets/componentstatuses/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes componentstatuses", + "displayName": "Deletes/DeletesCollection componentstatuses resource", + "name": "Microsoft.ContainerService/fleets/componentstatuses/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, { "description": "Reads configmaps", "displayName": "Gets/List configmaps resource", @@ -976145,14 +976411,280 @@ { "description": "Reads events", "displayName": "Gets/List events resource", - "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/read", + "name": "Microsoft.ContainerService/fleets/events/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes events", + "displayName": "Creates/Updates events resource", + "name": "Microsoft.ContainerService/fleets/events/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes events", + "displayName": "Deletes/DeletesCollection events resource", + "name": "Microsoft.ContainerService/fleets/events/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads limitranges", + "displayName": "Gets/List limitranges resource", + "name": "Microsoft.ContainerService/fleets/limitranges/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes limitranges", + "displayName": "Creates/Updates limitranges resource", + "name": "Microsoft.ContainerService/fleets/limitranges/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes limitranges", + "displayName": "Deletes/DeletesCollection limitranges resource", + "name": "Microsoft.ContainerService/fleets/limitranges/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads namespaces", + "displayName": "Gets/List namespaces resource", + "name": "Microsoft.ContainerService/fleets/namespaces/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes namespaces", + "displayName": "Creates/Updates namespaces resource", + "name": "Microsoft.ContainerService/fleets/namespaces/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes namespaces", + "displayName": "Deletes/DeletesCollection namespaces resource", + "name": "Microsoft.ContainerService/fleets/namespaces/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads nodes", + "displayName": "Gets/List nodes resource", + "name": "Microsoft.ContainerService/fleets/nodes/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes nodes", + "displayName": "Creates/Updates nodes resource", + "name": "Microsoft.ContainerService/fleets/nodes/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes nodes", + "displayName": "Deletes/DeletesCollection nodes resource", + "name": "Microsoft.ContainerService/fleets/nodes/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads persistentvolumeclaims", + "displayName": "Gets/List persistentvolumeclaims resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes persistentvolumeclaims", + "displayName": "Creates/Updates persistentvolumeclaims resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes persistentvolumeclaims", + "displayName": "Deletes/DeletesCollection persistentvolumeclaims resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads persistentvolumes", + "displayName": "Gets/List persistentvolumes resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumes/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes persistentvolumes", + "displayName": "Creates/Updates persistentvolumes resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumes/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes persistentvolumes", + "displayName": "Deletes/DeletesCollection persistentvolumes resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumes/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads podtemplates", + "displayName": "Gets/List podtemplates resource", + "name": "Microsoft.ContainerService/fleets/podtemplates/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes podtemplates", + "displayName": "Creates/Updates podtemplates resource", + "name": "Microsoft.ContainerService/fleets/podtemplates/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes podtemplates", + "displayName": "Deletes/DeletesCollection podtemplates resource", + "name": "Microsoft.ContainerService/fleets/podtemplates/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads replicationcontrollers", + "displayName": "Gets/List replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes replicationcontrollers", + "displayName": "Creates/Updates replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes replicationcontrollers", + "displayName": "Deletes/DeletesCollection replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads resourcequotas", + "displayName": "Gets/List resourcequotas resource", + "name": "Microsoft.ContainerService/fleets/resourcequotas/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes resourcequotas", + "displayName": "Creates/Updates resourcequotas resource", + "name": "Microsoft.ContainerService/fleets/resourcequotas/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes resourcequotas", + "displayName": "Deletes/DeletesCollection resourcequotas resource", + "name": "Microsoft.ContainerService/fleets/resourcequotas/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads secrets", + "displayName": "Gets/List secrets resource", + "name": "Microsoft.ContainerService/fleets/secrets/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes secrets", + "displayName": "Creates/Updates secrets resource", + "name": "Microsoft.ContainerService/fleets/secrets/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes secrets", + "displayName": "Deletes/DeletesCollection secrets resource", + "name": "Microsoft.ContainerService/fleets/secrets/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads serviceaccounts", + "displayName": "Gets/List serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes serviceaccounts", + "displayName": "Creates/Updates serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes serviceaccounts", + "displayName": "Deletes/DeletesCollection serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Impersonate serviceaccounts", + "displayName": "Impersonate serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/impersonate/action", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads services", + "displayName": "Gets/List services resource", + "name": "Microsoft.ContainerService/fleets/services/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes services", + "displayName": "Creates/Updates services resource", + "name": "Microsoft.ContainerService/fleets/services/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes services", + "displayName": "Deletes/DeletesCollection services resource", + "name": "Microsoft.ContainerService/fleets/services/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { "description": "Reads events", "displayName": "Gets/List events resource", - "name": "Microsoft.ContainerService/fleets/events/read", + "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes events", + "displayName": "Creates/Updates events resource", + "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes events", + "displayName": "Deletes/DeletesCollection events resource", + "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, @@ -976241,37 +976773,37 @@ "providerName": "Microsoft.ContainerService" }, { - "description": "Reads limitranges", - "displayName": "Gets/List limitranges resource", - "name": "Microsoft.ContainerService/fleets/limitranges/read", + "description": "Reads podsecuritypolicies", + "displayName": "Gets/List podsecuritypolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/podsecuritypolicies/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads namespaces", - "displayName": "Gets/List namespaces resource", - "name": "Microsoft.ContainerService/fleets/namespaces/read", + "description": "Writes podsecuritypolicies", + "displayName": "Creates/Updates podsecuritypolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/podsecuritypolicies/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ingresses", - "displayName": "Gets/List ingresses resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read", + "description": "Deletes podsecuritypolicies", + "displayName": "Deletes/DeletesCollection podsecuritypolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/podsecuritypolicies/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes ingresses", - "displayName": "Creates/Updates ingresses resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write", + "description": "Reads pods", + "displayName": "Gets/List pods resource", + "name": "Microsoft.ContainerService/fleets/metrics.k8s.io/pods/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes ingresses", - "displayName": "Deletes/DeletesCollection ingresses resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/delete", + "description": "Reads nodes", + "displayName": "Gets/List nodes resource", + "name": "Microsoft.ContainerService/fleets/metrics.k8s.io/nodes/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, @@ -976297,799 +976829,898 @@ "providerName": "Microsoft.ContainerService" }, { - "description": "Reads persistentvolumeclaims", - "displayName": "Gets/List persistentvolumeclaims resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/read", + "description": "Reads ingresses", + "displayName": "Gets/List ingresses resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes persistentvolumeclaims", - "displayName": "Creates/Updates persistentvolumeclaims resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/write", + "description": "Writes ingresses", + "displayName": "Creates/Updates ingresses resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes persistentvolumeclaims", - "displayName": "Deletes/DeletesCollection persistentvolumeclaims resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/delete", + "description": "Deletes ingresses", + "displayName": "Deletes/DeletesCollection ingresses resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads poddisruptionbudgets", - "displayName": "Gets/List poddisruptionbudgets resource", - "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read", + "description": "Reads runtimeclasses", + "displayName": "Gets/List runtimeclasses resource", + "name": "Microsoft.ContainerService/fleets/node.k8s.io/runtimeclasses/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes poddisruptionbudgets", - "displayName": "Creates/Updates poddisruptionbudgets resource", - "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write", + "description": "Writes runtimeclasses", + "displayName": "Creates/Updates runtimeclasses resource", + "name": "Microsoft.ContainerService/fleets/node.k8s.io/runtimeclasses/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes poddisruptionbudgets", - "displayName": "Deletes/DeletesCollection poddisruptionbudgets resource", - "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/delete", + "description": "Deletes runtimeclasses", + "displayName": "Deletes/DeletesCollection runtimeclasses resource", + "name": "Microsoft.ContainerService/fleets/node.k8s.io/runtimeclasses/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads replicationcontrollers", - "displayName": "Gets/List replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", + "description": "Reads api", + "displayName": "Gets/List api resource", + "name": "Microsoft.ContainerService/fleets/api/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes replicationcontrollers", - "displayName": "Creates/Updates replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", + "description": "Reads api/v1", + "displayName": "Gets/List api/v1 resource", + "name": "Microsoft.ContainerService/fleets/api/v1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes replicationcontrollers", - "displayName": "Deletes/DeletesCollection replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", + "description": "Reads apis", + "displayName": "Gets/List apis resource", + "name": "Microsoft.ContainerService/fleets/apis/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads replicationcontrollers", - "displayName": "Gets/List replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", + "description": "Reads admissionregistration.k8s.io", + "displayName": "Gets/List admissionregistration.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/admissionregistration.k8s.io/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes replicationcontrollers", - "displayName": "Creates/Updates replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", + "description": "Reads admissionregistration.k8s.io/v1", + "displayName": "Gets/List admissionregistration.k8s.io/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/admissionregistration.k8s.io/v1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes replicationcontrollers", - "displayName": "Deletes/DeletesCollection replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", + "description": "Reads admissionregistration.k8s.io/v1beta1", + "displayName": "Gets/List admissionregistration.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/admissionregistration.k8s.io/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads resourcequotas", - "displayName": "Gets/List resourcequotas resource", - "name": "Microsoft.ContainerService/fleets/resourcequotas/read", + "description": "Reads apiextensions.k8s.io", + "displayName": "Gets/List apiextensions.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/apiextensions.k8s.io/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads secrets", - "displayName": "Gets/List secrets resource", - "name": "Microsoft.ContainerService/fleets/secrets/read", + "description": "Reads apiextensions.k8s.io/v1", + "displayName": "Gets/List apiextensions.k8s.io/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/apiextensions.k8s.io/v1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes secrets", - "displayName": "Creates/Updates secrets resource", - "name": "Microsoft.ContainerService/fleets/secrets/write", + "description": "Reads apiextensions.k8s.io/v1beta1", + "displayName": "Gets/List apiextensions.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/apiextensions.k8s.io/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes secrets", - "displayName": "Deletes/DeletesCollection secrets resource", - "name": "Microsoft.ContainerService/fleets/secrets/delete", + "description": "Reads apiregistration.k8s.io", + "displayName": "Gets/List apiregistration.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/apiregistration.k8s.io/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads serviceaccounts", - "displayName": "Gets/List serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/read", + "description": "Reads apiregistration.k8s.io/v1", + "displayName": "Gets/List apiregistration.k8s.io/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/apiregistration.k8s.io/v1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes serviceaccounts", - "displayName": "Creates/Updates serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/write", + "description": "Reads apiregistration.k8s.io/v1beta1", + "displayName": "Gets/List apiregistration.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/apiregistration.k8s.io/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes serviceaccounts", - "displayName": "Deletes/DeletesCollection serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/delete", + "description": "Reads apps", + "displayName": "Gets/List apps resource", + "name": "Microsoft.ContainerService/fleets/apis/apps/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Impersonate serviceaccounts", - "displayName": "Impersonate serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/impersonate/action", + "description": "Reads apps/v1", + "displayName": "Gets/List apps/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/apps/v1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads services", - "displayName": "Gets/List services resource", - "name": "Microsoft.ContainerService/fleets/services/read", + "description": "Reads apps/v1beta1", + "displayName": "Gets/List apps/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/apps/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes services", - "displayName": "Creates/Updates services resource", - "name": "Microsoft.ContainerService/fleets/services/write", + "description": "Reads apps/v1beta2", + "displayName": "Gets/List apps/v1beta2 resource", + "name": "Microsoft.ContainerService/fleets/apis/apps/v1beta2/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes services", - "displayName": "Deletes/DeletesCollection services resource", - "name": "Microsoft.ContainerService/fleets/services/delete", + "description": "Reads authentication.k8s.io", + "displayName": "Gets/List authentication.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/authentication.k8s.io/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" - } - ], - "rawPermissions": [ + }, { - "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ContainerService/fleets/read", - "Microsoft.ContainerService/fleets/listCredentials/action" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", - "Microsoft.ContainerService/fleets/apps/daemonsets/*", - "Microsoft.ContainerService/fleets/apps/deployments/*", - "Microsoft.ContainerService/fleets/apps/statefulsets/*", - "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*", - "Microsoft.ContainerService/fleets/batch/cronjobs/*", - "Microsoft.ContainerService/fleets/batch/jobs/*", - "Microsoft.ContainerService/fleets/configmaps/*", - "Microsoft.ContainerService/fleets/endpoints/*", - "Microsoft.ContainerService/fleets/events.k8s.io/events/read", - "Microsoft.ContainerService/fleets/events/read", - "Microsoft.ContainerService/fleets/extensions/daemonsets/*", - "Microsoft.ContainerService/fleets/extensions/deployments/*", - "Microsoft.ContainerService/fleets/extensions/ingresses/*", - "Microsoft.ContainerService/fleets/extensions/networkpolicies/*", - "Microsoft.ContainerService/fleets/limitranges/read", - "Microsoft.ContainerService/fleets/namespaces/read", - "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*", - "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*", - "Microsoft.ContainerService/fleets/persistentvolumeclaims/*", - "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*", - "Microsoft.ContainerService/fleets/replicationcontrollers/*", - "Microsoft.ContainerService/fleets/replicationcontrollers/*", - "Microsoft.ContainerService/fleets/resourcequotas/read", - "Microsoft.ContainerService/fleets/secrets/*", - "Microsoft.ContainerService/fleets/serviceaccounts/*", - "Microsoft.ContainerService/fleets/services/*" - ], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Grants read/write access to Kubernetes resources within a namespace in the fleet-managed hub cluster - provides write permissions on most objects within a a namespace, with the exception of ResourceQuota object and the namespace object itself. Applying this role at cluster scope will give access across all namespaces.", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Kubernetes Fleet Manager RBAC Admin", - "permittedActions": [ + "description": "Reads authentication.k8s.io/v1", + "displayName": "Gets/List authentication.k8s.io/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/authentication.k8s.io/v1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads authentication.k8s.io/v1beta1", + "displayName": "Gets/List authentication.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/authentication.k8s.io/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads authorization.k8s.io", + "displayName": "Gets/List authorization.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/authorization.k8s.io/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads authorization.k8s.io/v1", + "displayName": "Gets/List authorization.k8s.io/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/authorization.k8s.io/v1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads authorization.k8s.io/v1beta1", + "displayName": "Gets/List authorization.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/authorization.k8s.io/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads autoscaling", + "displayName": "Gets/List autoscaling resource", + "name": "Microsoft.ContainerService/fleets/apis/autoscaling/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads autoscaling/v1", + "displayName": "Gets/List autoscaling/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/autoscaling/v1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads autoscaling/v2beta1", + "displayName": "Gets/List autoscaling/v2beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/autoscaling/v2beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads autoscaling/v2beta2", + "displayName": "Gets/List autoscaling/v2beta2 resource", + "name": "Microsoft.ContainerService/fleets/apis/autoscaling/v2beta2/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads batch", + "displayName": "Gets/List batch resource", + "name": "Microsoft.ContainerService/fleets/apis/batch/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads batch/v1", + "displayName": "Gets/List batch/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/batch/v1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads batch/v1beta1", + "displayName": "Gets/List batch/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/batch/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads certificates.k8s.io", + "displayName": "Gets/List certificates.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/certificates.k8s.io/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads certificates.k8s.io/v1beta1", + "displayName": "Gets/List certificates.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/certificates.k8s.io/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads coordination.k8s.io", + "displayName": "Gets/List coordination.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/coordination.k8s.io/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads coordination/v1", + "displayName": "Gets/List coordination/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/coordination.k8s.io/v1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads coordination.k8s.io/v1beta1", + "displayName": "Gets/List coordination.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/coordination.k8s.io/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads events.k8s.io", + "displayName": "Gets/List events.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/events.k8s.io/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads events.k8s.io/v1beta1", + "displayName": "Gets/List events.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/events.k8s.io/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads extensions", + "displayName": "Gets/List extensions resource", + "name": "Microsoft.ContainerService/fleets/apis/extensions/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads extensions/v1beta1", + "displayName": "Gets/List extensions/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/extensions/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads metrics.k8s.io", + "displayName": "Gets/List metrics.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/metrics.k8s.io/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads metrics.k8s.io/v1beta1", + "displayName": "Gets/List metrics.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/metrics.k8s.io/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads networking.k8s.io", + "displayName": "Gets/List networking.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/networking.k8s.io/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads networking/v1", + "displayName": "Gets/List networking/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/networking.k8s.io/v1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads networking.k8s.io/v1beta1", + "displayName": "Gets/List networking.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/networking.k8s.io/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads node.k8s.io", + "displayName": "Gets/List node.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/node.k8s.io/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads node.k8s.io/v1beta1", + "displayName": "Gets/List node.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/node.k8s.io/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get the subscription operation results.", - "displayName": "Get Subscription Operation Results", - "name": "Microsoft.Resources/subscriptions/operationresults/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Reads policy", + "displayName": "Gets/List policy resource", + "name": "Microsoft.ContainerService/fleets/apis/policy/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the list of subscriptions.", - "displayName": "Get Subscriptions", - "name": "Microsoft.Resources/subscriptions/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Reads policy/v1beta1", + "displayName": "Gets/List policy/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/policy/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Reads rbac.authorization.k8s.io", + "displayName": "Gets/List rbac.authorization.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/rbac.authorization.k8s.io/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get fleet", - "displayName": "Get fleet", - "name": "Microsoft.ContainerService/fleets/read", + "description": "Reads rbac.authorization/v1", + "displayName": "Gets/List rbac.authorization/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/rbac.authorization.k8s.io/v1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "List fleet credentials", - "displayName": "List fleet credentials", - "name": "Microsoft.ContainerService/fleets/listCredentials/action", + "description": "Reads rbac.authorization.k8s.io/v1beta1", + "displayName": "Gets/List rbac.authorization.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/rbac.authorization.k8s.io/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" - } - ], - "permittedDataActions": [ + }, { - "description": "Reads controllerrevisions", - "displayName": "Gets/List controllerrevisions resource", - "name": "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", + "description": "Reads scheduling.k8s.io", + "displayName": "Gets/List scheduling.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/scheduling.k8s.io/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads daemonsets", - "displayName": "Gets/List daemonsets resource", - "name": "Microsoft.ContainerService/fleets/apps/daemonsets/read", + "description": "Reads scheduling/v1", + "displayName": "Gets/List scheduling/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/scheduling.k8s.io/v1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes daemonsets", - "displayName": "Creates/Updates daemonsets resource", - "name": "Microsoft.ContainerService/fleets/apps/daemonsets/write", + "description": "Reads scheduling.k8s.io/v1beta1", + "displayName": "Gets/List scheduling.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/scheduling.k8s.io/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes daemonsets", - "displayName": "Deletes/DeletesCollection daemonsets resource", - "name": "Microsoft.ContainerService/fleets/apps/daemonsets/delete", + "description": "Reads storage.k8s.io", + "displayName": "Gets/List storage.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/storage.k8s.io/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads deployments", - "displayName": "Gets/List deployments resource", - "name": "Microsoft.ContainerService/fleets/apps/deployments/read", + "description": "Reads storage/v1", + "displayName": "Gets/List storage/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/storage.k8s.io/v1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes deployments", - "displayName": "Creates/Updates deployments resource", - "name": "Microsoft.ContainerService/fleets/apps/deployments/write", + "description": "Reads storage.k8s.io/v1beta1", + "displayName": "Gets/List storage.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/storage.k8s.io/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes deployments", - "displayName": "Deletes/DeletesCollection deployments resource", - "name": "Microsoft.ContainerService/fleets/apps/deployments/delete", + "description": "Reads healthz", + "displayName": "Gets/List healthz resource", + "name": "Microsoft.ContainerService/fleets/healthz/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads statefulsets", - "displayName": "Gets/List statefulsets resource", - "name": "Microsoft.ContainerService/fleets/apps/statefulsets/read", + "description": "Reads autoregister-completion", + "displayName": "Gets/List autoregister-completion resource", + "name": "Microsoft.ContainerService/fleets/healthz/autoregister-completion/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes statefulsets", - "displayName": "Creates/Updates statefulsets resource", - "name": "Microsoft.ContainerService/fleets/apps/statefulsets/write", + "description": "Reads etcd", + "displayName": "Gets/List etcd resource", + "name": "Microsoft.ContainerService/fleets/healthz/etcd/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes statefulsets", - "displayName": "Deletes/DeletesCollection statefulsets resource", - "name": "Microsoft.ContainerService/fleets/apps/statefulsets/delete", + "description": "Reads log", + "displayName": "Gets/List log resource", + "name": "Microsoft.ContainerService/fleets/healthz/log/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes localsubjectaccessreviews", - "displayName": "Creates/Updates localsubjectaccessreviews resource", - "name": "Microsoft.ContainerService/fleets/authorization.k8s.io/localsubjectaccessreviews/write", + "description": "Reads ping", + "displayName": "Gets/List ping resource", + "name": "Microsoft.ContainerService/fleets/healthz/ping/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads horizontalpodautoscalers", - "displayName": "Gets/List horizontalpodautoscalers resource", - "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read", + "description": "Reads apiservice-openapi-controller", + "displayName": "Gets/List apiservice-openapi-controller resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/apiservice-openapi-controller/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes horizontalpodautoscalers", - "displayName": "Creates/Updates horizontalpodautoscalers resource", - "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write", + "description": "Reads apiservice-registration-controller", + "displayName": "Gets/List apiservice-registration-controller resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/apiservice-registration-controller/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes horizontalpodautoscalers", - "displayName": "Deletes/DeletesCollection horizontalpodautoscalers resource", - "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/delete", + "description": "Reads apiservice-status-available-controller", + "displayName": "Gets/List apiservice-status-available-controller resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/apiservice-status-available-controller/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads cronjobs", - "displayName": "Gets/List cronjobs resource", - "name": "Microsoft.ContainerService/fleets/batch/cronjobs/read", + "description": "Reads bootstrap-controller", + "displayName": "Gets/List bootstrap-controller resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/bootstrap-controller/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes cronjobs", - "displayName": "Creates/Updates cronjobs resource", - "name": "Microsoft.ContainerService/fleets/batch/cronjobs/write", + "description": "Reads ca-registration", + "displayName": "Gets/List ca-registration resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/ca-registration/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes cronjobs", - "displayName": "Deletes/DeletesCollection cronjobs resource", - "name": "Microsoft.ContainerService/fleets/batch/cronjobs/delete", + "description": "Reads crd-informer-synced", + "displayName": "Gets/List crd-informer-synced resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/crd-informer-synced/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads jobs", - "displayName": "Gets/List jobs resource", - "name": "Microsoft.ContainerService/fleets/batch/jobs/read", + "description": "Reads generic-apiserver-start-informers", + "displayName": "Gets/List generic-apiserver-start-informers resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/generic-apiserver-start-informers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes jobs", - "displayName": "Creates/Updates jobs resource", - "name": "Microsoft.ContainerService/fleets/batch/jobs/write", + "description": "Reads kube-apiserver-autoregistration", + "displayName": "Gets/List kube-apiserver-autoregistration resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/kube-apiserver-autoregistration/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes jobs", - "displayName": "Deletes/DeletesCollection jobs resource", - "name": "Microsoft.ContainerService/fleets/batch/jobs/delete", + "description": "Reads bootstrap-roles", + "displayName": "Gets/List bootstrap-roles resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/rbac/bootstrap-roles/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads configmaps", - "displayName": "Gets/List configmaps resource", - "name": "Microsoft.ContainerService/fleets/configmaps/read", + "description": "Reads bootstrap-system-priority-classes", + "displayName": "Gets/List bootstrap-system-priority-classes resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/scheduling/bootstrap-system-priority-classes/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes configmaps", - "displayName": "Creates/Updates configmaps resource", - "name": "Microsoft.ContainerService/fleets/configmaps/write", + "description": "Reads start-apiextensions-controllers", + "displayName": "Gets/List start-apiextensions-controllers resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/start-apiextensions-controllers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes configmaps", - "displayName": "Deletes/DeletesCollection configmaps resource", - "name": "Microsoft.ContainerService/fleets/configmaps/delete", + "description": "Reads start-apiextensions-informers", + "displayName": "Gets/List start-apiextensions-informers resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/start-apiextensions-informers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads endpoints", - "displayName": "Gets/List endpoints resource", - "name": "Microsoft.ContainerService/fleets/endpoints/read", + "description": "Reads start-kube-aggregator-informers", + "displayName": "Gets/List start-kube-aggregator-informers resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/start-kube-aggregator-informers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes endpoints", - "displayName": "Creates/Updates endpoints resource", - "name": "Microsoft.ContainerService/fleets/endpoints/write", + "description": "Reads start-kube-apiserver-admission-initializer", + "displayName": "Gets/List start-kube-apiserver-admission-initializer resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/start-kube-apiserver-admission-initializer/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes endpoints", - "displayName": "Deletes/DeletesCollection endpoints resource", - "name": "Microsoft.ContainerService/fleets/endpoints/delete", + "description": "Reads livez", + "displayName": "Gets/List livez resource", + "name": "Microsoft.ContainerService/fleets/livez/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads events", - "displayName": "Gets/List events resource", - "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/read", + "description": "Reads autoregister-completion", + "displayName": "Gets/List autoregister-completion resource", + "name": "Microsoft.ContainerService/fleets/livez/autoregister-completion/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads events", - "displayName": "Gets/List events resource", - "name": "Microsoft.ContainerService/fleets/events/read", + "description": "Reads etcd", + "displayName": "Gets/List etcd resource", + "name": "Microsoft.ContainerService/fleets/livez/etcd/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads daemonsets", - "displayName": "Gets/List daemonsets resource", - "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/read", + "description": "Reads log", + "displayName": "Gets/List log resource", + "name": "Microsoft.ContainerService/fleets/livez/log/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes daemonsets", - "displayName": "Creates/Updates daemonsets resource", - "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/write", + "description": "Reads ping", + "displayName": "Gets/List ping resource", + "name": "Microsoft.ContainerService/fleets/livez/ping/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes daemonsets", - "displayName": "Deletes/DeletesCollection daemonsets resource", - "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/delete", + "description": "Reads apiservice-openapi-controller", + "displayName": "Gets/List apiservice-openapi-controller resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/apiservice-openapi-controller/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads deployments", - "displayName": "Gets/List deployments resource", - "name": "Microsoft.ContainerService/fleets/extensions/deployments/read", + "description": "Reads apiservice-registration-controller", + "displayName": "Gets/List apiservice-registration-controller resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/apiservice-registration-controller/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes deployments", - "displayName": "Creates/Updates deployments resource", - "name": "Microsoft.ContainerService/fleets/extensions/deployments/write", + "description": "Reads apiservice-status-available-controller", + "displayName": "Gets/List apiservice-status-available-controller resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/apiservice-status-available-controller/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes deployments", - "displayName": "Deletes/DeletesCollection deployments resource", - "name": "Microsoft.ContainerService/fleets/extensions/deployments/delete", + "description": "Reads bootstrap-controller", + "displayName": "Gets/List bootstrap-controller resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/bootstrap-controller/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ingresses", - "displayName": "Gets/List ingresses resource", - "name": "Microsoft.ContainerService/fleets/extensions/ingresses/read", + "description": "Reads ca-registration", + "displayName": "Gets/List ca-registration resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/ca-registration/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes ingresses", - "displayName": "Creates/Updates ingresses resource", - "name": "Microsoft.ContainerService/fleets/extensions/ingresses/write", + "description": "Reads crd-informer-synced", + "displayName": "Gets/List crd-informer-synced resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/crd-informer-synced/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes ingresses", - "displayName": "Deletes/DeletesCollection ingresses resource", - "name": "Microsoft.ContainerService/fleets/extensions/ingresses/delete", + "description": "Reads generic-apiserver-start-informers", + "displayName": "Gets/List generic-apiserver-start-informers resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/generic-apiserver-start-informers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads networkpolicies", - "displayName": "Gets/List networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/read", + "description": "Reads kube-apiserver-autoregistration", + "displayName": "Gets/List kube-apiserver-autoregistration resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/kube-apiserver-autoregistration/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes networkpolicies", - "displayName": "Creates/Updates networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/write", + "description": "Reads bootstrap-roles", + "displayName": "Gets/List bootstrap-roles resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/rbac/bootstrap-roles/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes networkpolicies", - "displayName": "Deletes/DeletesCollection networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/delete", + "description": "Reads bootstrap-system-priority-classes", + "displayName": "Gets/List bootstrap-system-priority-classes resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/scheduling/bootstrap-system-priority-classes/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads limitranges", - "displayName": "Gets/List limitranges resource", - "name": "Microsoft.ContainerService/fleets/limitranges/read", + "description": "Reads start-apiextensions-controllers", + "displayName": "Gets/List start-apiextensions-controllers resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/start-apiextensions-controllers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads namespaces", - "displayName": "Gets/List namespaces resource", - "name": "Microsoft.ContainerService/fleets/namespaces/read", + "description": "Reads start-apiextensions-informers", + "displayName": "Gets/List start-apiextensions-informers resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/start-apiextensions-informers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ingresses", - "displayName": "Gets/List ingresses resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read", + "description": "Reads start-kube-aggregator-informers", + "displayName": "Gets/List start-kube-aggregator-informers resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/start-kube-aggregator-informers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes ingresses", - "displayName": "Creates/Updates ingresses resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write", + "description": "Reads start-kube-apiserver-admission-initializer", + "displayName": "Gets/List start-kube-apiserver-admission-initializer resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/start-kube-apiserver-admission-initializer/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes ingresses", - "displayName": "Deletes/DeletesCollection ingresses resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/delete", + "description": "Reads logs", + "displayName": "Gets/List logs resource", + "name": "Microsoft.ContainerService/fleets/logs/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads networkpolicies", - "displayName": "Gets/List networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read", + "description": "Reads metrics", + "displayName": "Gets/List metrics resource", + "name": "Microsoft.ContainerService/fleets/metrics/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes networkpolicies", - "displayName": "Creates/Updates networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write", + "description": "Reads v2", + "displayName": "Gets/List v2 resource", + "name": "Microsoft.ContainerService/fleets/openapi/v2/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes networkpolicies", - "displayName": "Deletes/DeletesCollection networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/delete", + "description": "Reads readyz", + "displayName": "Gets/List readyz resource", + "name": "Microsoft.ContainerService/fleets/readyz/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads persistentvolumeclaims", - "displayName": "Gets/List persistentvolumeclaims resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/read", + "description": "Reads autoregister-completion", + "displayName": "Gets/List autoregister-completion resource", + "name": "Microsoft.ContainerService/fleets/readyz/autoregister-completion/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes persistentvolumeclaims", - "displayName": "Creates/Updates persistentvolumeclaims resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/write", + "description": "Reads etcd", + "displayName": "Gets/List etcd resource", + "name": "Microsoft.ContainerService/fleets/readyz/etcd/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes persistentvolumeclaims", - "displayName": "Deletes/DeletesCollection persistentvolumeclaims resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/delete", + "description": "Reads log", + "displayName": "Gets/List log resource", + "name": "Microsoft.ContainerService/fleets/readyz/log/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads ping", + "displayName": "Gets/List ping resource", + "name": "Microsoft.ContainerService/fleets/readyz/ping/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads apiservice-openapi-controller", + "displayName": "Gets/List apiservice-openapi-controller resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/apiservice-openapi-controller/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads apiservice-registration-controller", + "displayName": "Gets/List apiservice-registration-controller resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/apiservice-registration-controller/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads apiservice-status-available-controller", + "displayName": "Gets/List apiservice-status-available-controller resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/apiservice-status-available-controller/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads bootstrap-controller", + "displayName": "Gets/List bootstrap-controller resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/bootstrap-controller/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads ca-registration", + "displayName": "Gets/List ca-registration resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/ca-registration/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads crd-informer-synced", + "displayName": "Gets/List crd-informer-synced resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/crd-informer-synced/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads generic-apiserver-start-informers", + "displayName": "Gets/List generic-apiserver-start-informers resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/generic-apiserver-start-informers/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads kube-apiserver-autoregistration", + "displayName": "Gets/List kube-apiserver-autoregistration resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/kube-apiserver-autoregistration/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads bootstrap-roles", + "displayName": "Gets/List bootstrap-roles resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/rbac/bootstrap-roles/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads bootstrap-system-priority-classes", + "displayName": "Gets/List bootstrap-system-priority-classes resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/scheduling/bootstrap-system-priority-classes/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads start-apiextensions-controllers", + "displayName": "Gets/List start-apiextensions-controllers resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/start-apiextensions-controllers/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads start-apiextensions-informers", + "displayName": "Gets/List start-apiextensions-informers resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/start-apiextensions-informers/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads start-kube-aggregator-informers", + "displayName": "Gets/List start-kube-aggregator-informers resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/start-kube-aggregator-informers/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads start-kube-apiserver-admission-initializer", + "displayName": "Gets/List start-kube-apiserver-admission-initializer resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/start-kube-apiserver-admission-initializer/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads shutdown", + "displayName": "Gets/List shutdown resource", + "name": "Microsoft.ContainerService/fleets/readyz/shutdown/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads resetMetrics", + "displayName": "Gets/List resetMetrics resource", + "name": "Microsoft.ContainerService/fleets/resetMetrics/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads swagger-ui", + "displayName": "Gets/List swagger-ui resource", + "name": "Microsoft.ContainerService/fleets/swagger-ui/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads swagger-api", + "displayName": "Gets/List swagger-api resource", + "name": "Microsoft.ContainerService/fleets/swagger-api/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads ui", + "displayName": "Gets/List ui resource", + "name": "Microsoft.ContainerService/fleets/ui/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads version", + "displayName": "Gets/List version resource", + "name": "Microsoft.ContainerService/fleets/version/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, @@ -977114,6 +977745,90 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, + { + "description": "Reads podsecuritypolicies", + "displayName": "Gets/List podsecuritypolicies resource", + "name": "Microsoft.ContainerService/fleets/policy/podsecuritypolicies/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes podsecuritypolicies", + "displayName": "Creates/Updates podsecuritypolicies resource", + "name": "Microsoft.ContainerService/fleets/policy/podsecuritypolicies/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes podsecuritypolicies", + "displayName": "Deletes/DeletesCollection podsecuritypolicies resource", + "name": "Microsoft.ContainerService/fleets/policy/podsecuritypolicies/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Use action on podsecuritypolicies", + "displayName": "Use podsecuritypolicies resource", + "name": "Microsoft.ContainerService/fleets/policy/podsecuritypolicies/use/action", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads clusterrolebindings", + "displayName": "Gets/List clusterrolebindings resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterrolebindings/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes clusterrolebindings", + "displayName": "Creates/Updates clusterrolebindings resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterrolebindings/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes clusterrolebindings", + "displayName": "Deletes/DeletesCollection clusterrolebindings resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterrolebindings/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads clusterroles", + "displayName": "Gets/List clusterroles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes clusterroles", + "displayName": "Creates/Updates clusterroles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes clusterroles", + "displayName": "Deletes/DeletesCollection clusterroles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Binds clusterroles", + "displayName": "Bind clusterroles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/bind/action", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Escalates", + "displayName": "Escalate clusterroles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/escalate/action", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, { "description": "Reads rolebindings", "displayName": "Gets/List rolebindings resource", @@ -977171,380 +977886,378 @@ "providerName": "Microsoft.ContainerService" }, { - "description": "Reads replicationcontrollers", - "displayName": "Gets/List replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", + "description": "Reads priorityclasses", + "displayName": "Gets/List priorityclasses resource", + "name": "Microsoft.ContainerService/fleets/scheduling.k8s.io/priorityclasses/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes replicationcontrollers", - "displayName": "Creates/Updates replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", + "description": "Writes priorityclasses", + "displayName": "Creates/Updates priorityclasses resource", + "name": "Microsoft.ContainerService/fleets/scheduling.k8s.io/priorityclasses/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes replicationcontrollers", - "displayName": "Deletes/DeletesCollection replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", + "description": "Deletes priorityclasses", + "displayName": "Deletes/DeletesCollection priorityclasses resource", + "name": "Microsoft.ContainerService/fleets/scheduling.k8s.io/priorityclasses/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads replicationcontrollers", - "displayName": "Gets/List replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", + "description": "Impersonate users", + "displayName": "Impersonate users resource", + "name": "Microsoft.ContainerService/fleets/users/impersonate/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes replicationcontrollers", - "displayName": "Creates/Updates replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", + "description": "Impersonate groups", + "displayName": "Impersonate groups resource", + "name": "Microsoft.ContainerService/fleets/groups/impersonate/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes replicationcontrollers", - "displayName": "Deletes/DeletesCollection replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", + "description": "Impersonate userextras", + "displayName": "Impersonate userextras resource", + "name": "Microsoft.ContainerService/fleets/authentication.k8s.io/userextras/impersonate/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads resourcequotas", - "displayName": "Gets/List resourcequotas resource", - "name": "Microsoft.ContainerService/fleets/resourcequotas/read", + "description": "Reads storageclasses", + "displayName": "Gets/List storageclasses resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/storageclasses/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads secrets", - "displayName": "Gets/List secrets resource", - "name": "Microsoft.ContainerService/fleets/secrets/read", + "description": "Writes storageclasses", + "displayName": "Creates/Updates storageclasses resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/storageclasses/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes secrets", - "displayName": "Creates/Updates secrets resource", - "name": "Microsoft.ContainerService/fleets/secrets/write", + "description": "Deletes storageclasses", + "displayName": "Deletes/DeletesCollection storageclasses resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/storageclasses/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes secrets", - "displayName": "Deletes/DeletesCollection secrets resource", - "name": "Microsoft.ContainerService/fleets/secrets/delete", + "description": "Reads volumeattachments", + "displayName": "Gets/List volumeattachments resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/volumeattachments/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads serviceaccounts", - "displayName": "Gets/List serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/read", + "description": "Writes volumeattachments", + "displayName": "Creates/Updates volumeattachments resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/volumeattachments/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes serviceaccounts", - "displayName": "Creates/Updates serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/write", + "description": "Deletes volumeattachments", + "displayName": "Deletes/DeletesCollection volumeattachments resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/volumeattachments/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes serviceaccounts", - "displayName": "Deletes/DeletesCollection serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/delete", + "description": "Reads csidrivers", + "displayName": "Gets/List csidrivers resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csidrivers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Impersonate serviceaccounts", - "displayName": "Impersonate serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/impersonate/action", + "description": "Writes csidrivers", + "displayName": "Creates/Updates csidrivers resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csidrivers/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads services", - "displayName": "Gets/List services resource", - "name": "Microsoft.ContainerService/fleets/services/read", + "description": "Deletes csidrivers", + "displayName": "Deletes/DeletesCollection csidrivers resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csidrivers/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes services", - "displayName": "Creates/Updates services resource", - "name": "Microsoft.ContainerService/fleets/services/write", + "description": "Reads csinodes", + "displayName": "Gets/List csinodes resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csinodes/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes services", - "displayName": "Deletes/DeletesCollection services resource", - "name": "Microsoft.ContainerService/fleets/services/delete", + "description": "Writes csinodes", + "displayName": "Creates/Updates csinodes resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csinodes/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" - } - ], - "rawPermissions": [ + }, { - "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ContainerService/fleets/read", - "Microsoft.ContainerService/fleets/listCredentials/action" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", - "Microsoft.ContainerService/fleets/apps/daemonsets/*", - "Microsoft.ContainerService/fleets/apps/deployments/*", - "Microsoft.ContainerService/fleets/apps/statefulsets/*", - "Microsoft.ContainerService/fleets/authorization.k8s.io/localsubjectaccessreviews/write", - "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*", - "Microsoft.ContainerService/fleets/batch/cronjobs/*", - "Microsoft.ContainerService/fleets/batch/jobs/*", - "Microsoft.ContainerService/fleets/configmaps/*", - "Microsoft.ContainerService/fleets/endpoints/*", - "Microsoft.ContainerService/fleets/events.k8s.io/events/read", - "Microsoft.ContainerService/fleets/events/read", - "Microsoft.ContainerService/fleets/extensions/daemonsets/*", - "Microsoft.ContainerService/fleets/extensions/deployments/*", - "Microsoft.ContainerService/fleets/extensions/ingresses/*", - "Microsoft.ContainerService/fleets/extensions/networkpolicies/*", - "Microsoft.ContainerService/fleets/limitranges/read", - "Microsoft.ContainerService/fleets/namespaces/read", - "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*", - "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*", - "Microsoft.ContainerService/fleets/persistentvolumeclaims/*", - "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*", - "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/*", - "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/*", - "Microsoft.ContainerService/fleets/replicationcontrollers/*", - "Microsoft.ContainerService/fleets/replicationcontrollers/*", - "Microsoft.ContainerService/fleets/resourcequotas/read", - "Microsoft.ContainerService/fleets/secrets/*", - "Microsoft.ContainerService/fleets/serviceaccounts/*", - "Microsoft.ContainerService/fleets/services/*" - ], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Grants read/write access to Azure resources provided by Azure Kubernetes Fleet Manager, including fleets, fleet members, fleet update strategies, fleet update runs, etc.", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Kubernetes Fleet Manager Contributor Role", - "permittedActions": [ + "description": "Deletes csinodes", + "displayName": "Deletes/DeletesCollection csinodes resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csinodes/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, { - "description": "Get fleet", - "displayName": "Get fleet", - "name": "Microsoft.ContainerService/fleets/read", + "description": "Read fleet membercluster resource", + "displayName": "Get/List fleet membercluster resource", + "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Create or Update a fleet", - "displayName": "Create or Update a fleet", - "name": "Microsoft.ContainerService/fleets/write", + "description": "Write fleet membercluster resource", + "displayName": "Create/Update fleet membercluster resource", + "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete a fleet", - "displayName": "Delete a fleet", - "name": "Microsoft.ContainerService/fleets/delete", + "description": "Delete fleet membercluster resource", + "displayName": "Delete fleet membercluster resource", + "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "List fleet credentials", - "displayName": "List fleet credentials", - "name": "Microsoft.ContainerService/fleets/listCredentials/action", + "description": "Read fleet internalmembercluster resource", + "displayName": "Get/List fleet internalmembercluster resource", + "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Get a fleet member", - "displayName": "Get a fleet member", - "name": "Microsoft.ContainerService/fleets/members/read", + "description": "Write fleet internalmembercluster resource", + "displayName": "Create/Update fleet internalmembercluster resource", + "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Create or Update a fleet member", - "displayName": "Create or Update a fleet member", - "name": "Microsoft.ContainerService/fleets/members/write", + "description": "Delete fleet internalmembercluster resource", + "displayName": "Delete fleet internalmembercluster resource", + "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete a fleet member", - "displayName": "Delete a fleet member", - "name": "Microsoft.ContainerService/fleets/members/delete", + "description": "Read fleet clusterresourceplacement resource", + "displayName": "Gets/List fleet clusterresourceplacement resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Get a fleet update run", - "displayName": "Get a fleet update run", - "name": "Microsoft.ContainerService/fleets/updateRuns/read", + "description": "Write fleet clusterresourceplacement resource", + "displayName": "Create/Update fleet clusterresourceplacement resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Create or Update a fleet update run", - "displayName": "Create or Update a fleet update run", - "name": "Microsoft.ContainerService/fleets/updateRuns/write", + "description": "Delete fleet clusterresourceplacement resource", + "displayName": "Delete fleet clusterresourceplacement resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete a fleet update run", - "displayName": "Delete a fleet update run", - "name": "Microsoft.ContainerService/fleets/updateRuns/delete", + "description": "Read fleet clusterresourcebinding resource", + "displayName": "Gets/List fleet clusterresourcebinding resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Starts a fleet update run", - "displayName": "Starts a fleet update run", - "name": "Microsoft.ContainerService/fleets/updateRuns/start/action", + "description": "Create/Update fleet clusterresourcebinding resource", + "displayName": "Create/Update fleet clusterresourcebinding resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Stops a fleet update run", - "displayName": "Stops a fleet update run", - "name": "Microsoft.ContainerService/fleets/updateRuns/stop/action", + "description": "Delete fleet clusterresourcebinding resource", + "displayName": "Delete fleet clusterresourcebinding resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Get a fleet update strategy", - "displayName": "Get a fleet update strategy", - "name": "Microsoft.ContainerService/fleets/updateStrategies/read", + "description": "Read fleet clusterresourcesnapshot resource", + "displayName": "Gets/List fleet clusterresourcesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Create or Update a fleet update strategy", - "displayName": "Create or Update a fleet update strategy", - "name": "Microsoft.ContainerService/fleets/updateStrategies/write", + "description": "Write fleet clusterresourcesnapshot resource", + "displayName": "Create/Update fleet clusterresourcesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete a fleet update strategy", - "displayName": "Delete a fleet update strategy", - "name": "Microsoft.ContainerService/fleets/updateStrategies/delete", + "description": "Delete fleet clusterresourcesnapshot resource", + "displayName": "Delete fleet clusterresourcesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Get a fleet auto upgrade profile", - "displayName": "Get a fleet auto upgrade profile", - "name": "Microsoft.ContainerService/fleets/autoUpgradeProfiles/read", + "description": "Read fleet clusterschedulingpolicysnapshot resource", + "displayName": "Gets/List fleet clusterschedulingpolicysnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Create or Update a fleet auto upgrade profile", - "displayName": "Create or Update a fleet auto upgrade profile", - "name": "Microsoft.ContainerService/fleets/autoUpgradeProfiles/write", + "description": "Write fleet clusterschedulingpolicysnapshot resource", + "displayName": "Create/Update fleet clusterschedulingpolicysnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete a fleet auto upgrade profile", - "displayName": "Delete a fleet auto upgrade profile", - "name": "Microsoft.ContainerService/fleets/autoUpgradeProfiles/delete", + "description": "Delete fleet clusterschedulingpolicysnapshot resource", + "displayName": "Delete fleet clusterschedulingpolicysnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Read fleet clusterresourceoverride resource", + "displayName": "Gets/List fleet clusterresourceoverride resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Write fleet clusterresourceoverride resource", + "displayName": "Create/Update fleet clusterresourceoverride resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Delete fleet clusterresourceoverride resource", + "displayName": "Delete fleet clusterresourceoverride resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Read fleet clusterresourceoverridesnapshot resource", + "displayName": "Gets/List fleet clusterresourceoverridesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Write fleet clusterresourceoverridesnapshot resource", + "displayName": "Create/Update fleet clusterresourceoverridesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Delete fleet clusterresourceoverridesnapshot resource", + "displayName": "Delete fleet clusterresourceoverridesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Read fleet resourceoverride resource", + "displayName": "Gets/List fleet resourceoverride resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Write fleet resourceoverride resource", + "displayName": "Create/Update fleet resourceoverride resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Delete fleet resourceoverride resource", + "displayName": "Delete fleet resourceoverride resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Read fleet resourceoverridesnapshot resource", + "displayName": "Gets/List fleet resourceoverridesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Write fleet resourceoverridesnapshot resource", + "displayName": "Create/Update fleet resourceoverridesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Delete fleet resourceoverridesnapshot resource", + "displayName": "Delete fleet resourceoverridesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Read fleet work resource", + "displayName": "Gets/List fleet work resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Write fleet work resource", + "displayName": "Create/Update fleet work resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Delete fleet work resource", + "displayName": "Delete fleet work resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" } ], - "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.ContainerService/fleets/*", - "Microsoft.Resources/deployments/*" + "Microsoft.Authorization/*/read", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.ContainerService/fleets/read", + "Microsoft.ContainerService/fleets/listCredentials/action" ], "condition": null, "conditionVersion": null, - "dataActions": [], + "dataActions": [ + "Microsoft.ContainerService/fleets/*" + ], "notActions": [], "notDataActions": [] } @@ -978011,10 +978724,10 @@ ] }, { - "description": "Grants read/write access to all Kubernetes resources in the fleet-managed hub cluster.", + "description": "Grants read/write access to Kubernetes resources within a namespace in the fleet-managed hub cluster - provides write permissions on most objects within a a namespace, with the exception of ResourceQuota object and the namespace object itself. Applying this role at cluster scope will give access across all namespaces.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Kubernetes Fleet Manager RBAC Cluster Admin", + "name": "Azure Kubernetes Fleet Manager RBAC Admin", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -978243,170 +978956,51 @@ ], "permittedDataActions": [ { - "description": "Reads initializerconfigurations", - "displayName": "Gets/List initializerconfigurations resource", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/initializerconfigurations/read", + "description": "Reads controllerrevisions", + "displayName": "Gets/List controllerrevisions resource", + "name": "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes initializerconfigurations", - "displayName": "Creates/Updates initializerconfigurations resource", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/initializerconfigurations/write", + "description": "Reads daemonsets", + "displayName": "Gets/List daemonsets resource", + "name": "Microsoft.ContainerService/fleets/apps/daemonsets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes/DeletesCollection initializerconfigurations resource", - "displayName": "Initializerconfigurations", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/initializerconfigurations/delete", + "description": "Writes daemonsets", + "displayName": "Creates/Updates daemonsets resource", + "name": "Microsoft.ContainerService/fleets/apps/daemonsets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads mutatingwebhookconfigurations", - "displayName": "Gets/List mutatingwebhookconfigurations resource", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/mutatingwebhookconfigurations/read", + "description": "Deletes daemonsets", + "displayName": "Deletes/DeletesCollection daemonsets resource", + "name": "Microsoft.ContainerService/fleets/apps/daemonsets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes mutatingwebhookconfigurations", - "displayName": "Creates/Updates mutatingwebhookconfigurations resource", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/mutatingwebhookconfigurations/write", + "description": "Reads deployments", + "displayName": "Gets/List deployments resource", + "name": "Microsoft.ContainerService/fleets/apps/deployments/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes mutatingwebhookconfigurations", - "displayName": "Deletes/DeletesCollection mutatingwebhookconfigurations resource", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/mutatingwebhookconfigurations/delete", + "description": "Writes deployments", + "displayName": "Creates/Updates deployments resource", + "name": "Microsoft.ContainerService/fleets/apps/deployments/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads validatingwebhookconfigurations", - "displayName": "Gets/List validatingwebhookconfigurations resource", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/validatingwebhookconfigurations/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes validatingwebhookconfigurations", - "displayName": "Creates/Updates validatingwebhookconfigurations resource", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/validatingwebhookconfigurations/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes validatingwebhookconfigurations", - "displayName": "Deletes/DeletesCollection validatingwebhookconfigurations resource", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/validatingwebhookconfigurations/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads customresourcedefinitions", - "displayName": "Gets/List customresourcedefinitions resource", - "name": "Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes customresourcedefinitions", - "displayName": "Creates/Updates customresourcedefinitions resource", - "name": "Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes customresourcedefinitions", - "displayName": "Deletes/DeletesCollection customresourcedefinitions resource", - "name": "Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads apiservices", - "displayName": "Gets/List apiservices resource", - "name": "Microsoft.ContainerService/fleets/apiregistration.k8s.io/apiservices/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes apiservices", - "displayName": "Creates/Updates apiservices resource", - "name": "Microsoft.ContainerService/fleets/apiregistration.k8s.io/apiservices/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes apiservices", - "displayName": "Deletes/DeletesCollection apiservices resource", - "name": "Microsoft.ContainerService/fleets/apiregistration.k8s.io/apiservices/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads controllerrevisions", - "displayName": "Gets/List controllerrevisions resource", - "name": "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes controllerrevisions", - "displayName": "Creates/Updates controllerrevisions resource", - "name": "Microsoft.ContainerService/fleets/apps/controllerrevisions/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes controllerrevisions", - "displayName": "Deletes/DeletesCollection controllerrevisions resource", - "name": "Microsoft.ContainerService/fleets/apps/controllerrevisions/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads daemonsets", - "displayName": "Gets/List daemonsets resource", - "name": "Microsoft.ContainerService/fleets/apps/daemonsets/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes daemonsets", - "displayName": "Creates/Updates daemonsets resource", - "name": "Microsoft.ContainerService/fleets/apps/daemonsets/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes daemonsets", - "displayName": "Deletes/DeletesCollection daemonsets resource", - "name": "Microsoft.ContainerService/fleets/apps/daemonsets/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads deployments", - "displayName": "Gets/List deployments resource", - "name": "Microsoft.ContainerService/fleets/apps/deployments/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes deployments", - "displayName": "Creates/Updates deployments resource", - "name": "Microsoft.ContainerService/fleets/apps/deployments/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes deployments", - "displayName": "Deletes/DeletesCollection deployments resource", - "name": "Microsoft.ContainerService/fleets/apps/deployments/delete", + "description": "Deletes deployments", + "displayName": "Deletes/DeletesCollection deployments resource", + "name": "Microsoft.ContainerService/fleets/apps/deployments/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, @@ -978431,13 +979025,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes tokenreviews", - "displayName": "Creates/Updates tokenreviews resource", - "name": "Microsoft.ContainerService/fleets/authentication.k8s.io/tokenreviews/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Writes localsubjectaccessreviews", "displayName": "Creates/Updates localsubjectaccessreviews resource", @@ -978445,27 +979032,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes selfsubjectaccessreviews", - "displayName": "Creates/Updates selfsubjectaccessreviews resource", - "name": "Microsoft.ContainerService/fleets/authorization.k8s.io/selfsubjectaccessreviews/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes selfsubjectrulesreviews", - "displayName": "Creates/Updates selfsubjectrulesreviews resource", - "name": "Microsoft.ContainerService/fleets/authorization.k8s.io/selfsubjectrulesreviews/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes subjectaccessreviews", - "displayName": "Creates/Updates subjectaccessreviews resource", - "name": "Microsoft.ContainerService/fleets/authorization.k8s.io/subjectaccessreviews/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads horizontalpodautoscalers", "displayName": "Gets/List horizontalpodautoscalers resource", @@ -978529,76 +979095,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Reads certificatesigningrequests", - "displayName": "Gets/List certificatesigningrequests resource", - "name": "Microsoft.ContainerService/fleets/certificates.k8s.io/certificatesigningrequests/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes certificatesigningrequests", - "displayName": "Creates/Updates certificatesigningrequests resource", - "name": "Microsoft.ContainerService/fleets/certificates.k8s.io/certificatesigningrequests/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes certificatesigningrequests", - "displayName": "Deletes/DeletesCollection certificatesigningrequests resource", - "name": "Microsoft.ContainerService/fleets/certificates.k8s.io/certificatesigningrequests/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads leases", - "displayName": "Gets/List leases resource", - "name": "Microsoft.ContainerService/fleets/coordination.k8s.io/leases/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes leases", - "displayName": "Creates/Updates leases resource", - "name": "Microsoft.ContainerService/fleets/coordination.k8s.io/leases/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes leases", - "displayName": "Deletes/DeletesCollection leases resource", - "name": "Microsoft.ContainerService/fleets/coordination.k8s.io/leases/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes bindings", - "displayName": "Creates/Updates bindings resource", - "name": "Microsoft.ContainerService/fleets/bindings/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads componentstatuses", - "displayName": "Gets/List componentstatuses resource", - "name": "Microsoft.ContainerService/fleets/componentstatuses/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes componentstatuses", - "displayName": "Creates/Updates componentstatuses resource", - "name": "Microsoft.ContainerService/fleets/componentstatuses/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes componentstatuses", - "displayName": "Deletes/DeletesCollection componentstatuses resource", - "name": "Microsoft.ContainerService/fleets/componentstatuses/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads configmaps", "displayName": "Gets/List configmaps resource", @@ -978644,280 +979140,14 @@ { "description": "Reads events", "displayName": "Gets/List events resource", - "name": "Microsoft.ContainerService/fleets/events/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes events", - "displayName": "Creates/Updates events resource", - "name": "Microsoft.ContainerService/fleets/events/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes events", - "displayName": "Deletes/DeletesCollection events resource", - "name": "Microsoft.ContainerService/fleets/events/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads limitranges", - "displayName": "Gets/List limitranges resource", - "name": "Microsoft.ContainerService/fleets/limitranges/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes limitranges", - "displayName": "Creates/Updates limitranges resource", - "name": "Microsoft.ContainerService/fleets/limitranges/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes limitranges", - "displayName": "Deletes/DeletesCollection limitranges resource", - "name": "Microsoft.ContainerService/fleets/limitranges/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads namespaces", - "displayName": "Gets/List namespaces resource", - "name": "Microsoft.ContainerService/fleets/namespaces/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes namespaces", - "displayName": "Creates/Updates namespaces resource", - "name": "Microsoft.ContainerService/fleets/namespaces/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes namespaces", - "displayName": "Deletes/DeletesCollection namespaces resource", - "name": "Microsoft.ContainerService/fleets/namespaces/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads nodes", - "displayName": "Gets/List nodes resource", - "name": "Microsoft.ContainerService/fleets/nodes/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes nodes", - "displayName": "Creates/Updates nodes resource", - "name": "Microsoft.ContainerService/fleets/nodes/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes nodes", - "displayName": "Deletes/DeletesCollection nodes resource", - "name": "Microsoft.ContainerService/fleets/nodes/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads persistentvolumeclaims", - "displayName": "Gets/List persistentvolumeclaims resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes persistentvolumeclaims", - "displayName": "Creates/Updates persistentvolumeclaims resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes persistentvolumeclaims", - "displayName": "Deletes/DeletesCollection persistentvolumeclaims resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads persistentvolumes", - "displayName": "Gets/List persistentvolumes resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumes/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes persistentvolumes", - "displayName": "Creates/Updates persistentvolumes resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumes/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes persistentvolumes", - "displayName": "Deletes/DeletesCollection persistentvolumes resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumes/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads podtemplates", - "displayName": "Gets/List podtemplates resource", - "name": "Microsoft.ContainerService/fleets/podtemplates/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes podtemplates", - "displayName": "Creates/Updates podtemplates resource", - "name": "Microsoft.ContainerService/fleets/podtemplates/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes podtemplates", - "displayName": "Deletes/DeletesCollection podtemplates resource", - "name": "Microsoft.ContainerService/fleets/podtemplates/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads replicationcontrollers", - "displayName": "Gets/List replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes replicationcontrollers", - "displayName": "Creates/Updates replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes replicationcontrollers", - "displayName": "Deletes/DeletesCollection replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads resourcequotas", - "displayName": "Gets/List resourcequotas resource", - "name": "Microsoft.ContainerService/fleets/resourcequotas/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes resourcequotas", - "displayName": "Creates/Updates resourcequotas resource", - "name": "Microsoft.ContainerService/fleets/resourcequotas/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes resourcequotas", - "displayName": "Deletes/DeletesCollection resourcequotas resource", - "name": "Microsoft.ContainerService/fleets/resourcequotas/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads secrets", - "displayName": "Gets/List secrets resource", - "name": "Microsoft.ContainerService/fleets/secrets/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes secrets", - "displayName": "Creates/Updates secrets resource", - "name": "Microsoft.ContainerService/fleets/secrets/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes secrets", - "displayName": "Deletes/DeletesCollection secrets resource", - "name": "Microsoft.ContainerService/fleets/secrets/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads serviceaccounts", - "displayName": "Gets/List serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes serviceaccounts", - "displayName": "Creates/Updates serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes serviceaccounts", - "displayName": "Deletes/DeletesCollection serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Impersonate serviceaccounts", - "displayName": "Impersonate serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/impersonate/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads services", - "displayName": "Gets/List services resource", - "name": "Microsoft.ContainerService/fleets/services/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes services", - "displayName": "Creates/Updates services resource", - "name": "Microsoft.ContainerService/fleets/services/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes services", - "displayName": "Deletes/DeletesCollection services resource", - "name": "Microsoft.ContainerService/fleets/services/delete", + "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { "description": "Reads events", "displayName": "Gets/List events resource", - "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes events", - "displayName": "Creates/Updates events resource", - "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes events", - "displayName": "Deletes/DeletesCollection events resource", - "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/delete", + "name": "Microsoft.ContainerService/fleets/events/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, @@ -979006,58 +979236,16 @@ "providerName": "Microsoft.ContainerService" }, { - "description": "Reads podsecuritypolicies", - "displayName": "Gets/List podsecuritypolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/podsecuritypolicies/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes podsecuritypolicies", - "displayName": "Creates/Updates podsecuritypolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/podsecuritypolicies/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes podsecuritypolicies", - "displayName": "Deletes/DeletesCollection podsecuritypolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/podsecuritypolicies/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads pods", - "displayName": "Gets/List pods resource", - "name": "Microsoft.ContainerService/fleets/metrics.k8s.io/pods/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads nodes", - "displayName": "Gets/List nodes resource", - "name": "Microsoft.ContainerService/fleets/metrics.k8s.io/nodes/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads networkpolicies", - "displayName": "Gets/List networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes networkpolicies", - "displayName": "Creates/Updates networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write", + "description": "Reads limitranges", + "displayName": "Gets/List limitranges resource", + "name": "Microsoft.ContainerService/fleets/limitranges/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes networkpolicies", - "displayName": "Deletes/DeletesCollection networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/delete", + "description": "Reads namespaces", + "displayName": "Gets/List namespaces resource", + "name": "Microsoft.ContainerService/fleets/namespaces/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, @@ -979083,877 +979271,872 @@ "providerName": "Microsoft.ContainerService" }, { - "description": "Reads runtimeclasses", - "displayName": "Gets/List runtimeclasses resource", - "name": "Microsoft.ContainerService/fleets/node.k8s.io/runtimeclasses/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes runtimeclasses", - "displayName": "Creates/Updates runtimeclasses resource", - "name": "Microsoft.ContainerService/fleets/node.k8s.io/runtimeclasses/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes runtimeclasses", - "displayName": "Deletes/DeletesCollection runtimeclasses resource", - "name": "Microsoft.ContainerService/fleets/node.k8s.io/runtimeclasses/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads api", - "displayName": "Gets/List api resource", - "name": "Microsoft.ContainerService/fleets/api/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads api/v1", - "displayName": "Gets/List api/v1 resource", - "name": "Microsoft.ContainerService/fleets/api/v1/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads apis", - "displayName": "Gets/List apis resource", - "name": "Microsoft.ContainerService/fleets/apis/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads admissionregistration.k8s.io", - "displayName": "Gets/List admissionregistration.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/admissionregistration.k8s.io/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads admissionregistration.k8s.io/v1", - "displayName": "Gets/List admissionregistration.k8s.io/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/admissionregistration.k8s.io/v1/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads admissionregistration.k8s.io/v1beta1", - "displayName": "Gets/List admissionregistration.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/admissionregistration.k8s.io/v1beta1/read", + "description": "Reads networkpolicies", + "displayName": "Gets/List networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiextensions.k8s.io", - "displayName": "Gets/List apiextensions.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/apiextensions.k8s.io/read", + "description": "Writes networkpolicies", + "displayName": "Creates/Updates networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiextensions.k8s.io/v1", - "displayName": "Gets/List apiextensions.k8s.io/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/apiextensions.k8s.io/v1/read", + "description": "Deletes networkpolicies", + "displayName": "Deletes/DeletesCollection networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiextensions.k8s.io/v1beta1", - "displayName": "Gets/List apiextensions.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/apiextensions.k8s.io/v1beta1/read", + "description": "Reads persistentvolumeclaims", + "displayName": "Gets/List persistentvolumeclaims resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiregistration.k8s.io", - "displayName": "Gets/List apiregistration.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/apiregistration.k8s.io/read", + "description": "Writes persistentvolumeclaims", + "displayName": "Creates/Updates persistentvolumeclaims resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiregistration.k8s.io/v1", - "displayName": "Gets/List apiregistration.k8s.io/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/apiregistration.k8s.io/v1/read", + "description": "Deletes persistentvolumeclaims", + "displayName": "Deletes/DeletesCollection persistentvolumeclaims resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiregistration.k8s.io/v1beta1", - "displayName": "Gets/List apiregistration.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/apiregistration.k8s.io/v1beta1/read", + "description": "Reads poddisruptionbudgets", + "displayName": "Gets/List poddisruptionbudgets resource", + "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apps", - "displayName": "Gets/List apps resource", - "name": "Microsoft.ContainerService/fleets/apis/apps/read", + "description": "Writes poddisruptionbudgets", + "displayName": "Creates/Updates poddisruptionbudgets resource", + "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apps/v1", - "displayName": "Gets/List apps/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/apps/v1/read", + "description": "Deletes poddisruptionbudgets", + "displayName": "Deletes/DeletesCollection poddisruptionbudgets resource", + "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apps/v1beta1", - "displayName": "Gets/List apps/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/apps/v1beta1/read", + "description": "Reads rolebindings", + "displayName": "Gets/List rolebindings resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apps/v1beta2", - "displayName": "Gets/List apps/v1beta2 resource", - "name": "Microsoft.ContainerService/fleets/apis/apps/v1beta2/read", + "description": "Writes rolebindings", + "displayName": "Creates/Updates rolebindings resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads authentication.k8s.io", - "displayName": "Gets/List authentication.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/authentication.k8s.io/read", + "description": "Deletes rolebindings", + "displayName": "Deletes/DeletesCollection rolebindings resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads authentication.k8s.io/v1", - "displayName": "Gets/List authentication.k8s.io/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/authentication.k8s.io/v1/read", + "description": "Reads roles", + "displayName": "Gets/List roles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads authentication.k8s.io/v1beta1", - "displayName": "Gets/List authentication.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/authentication.k8s.io/v1beta1/read", + "description": "Writes roles", + "displayName": "Creates/Updates roles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads authorization.k8s.io", - "displayName": "Gets/List authorization.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/authorization.k8s.io/read", + "description": "Deletes roles", + "displayName": "Deletes/DeletesCollection roles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads authorization.k8s.io/v1", - "displayName": "Gets/List authorization.k8s.io/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/authorization.k8s.io/v1/read", + "description": "Binds roles", + "displayName": "Bind roles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/bind/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads authorization.k8s.io/v1beta1", - "displayName": "Gets/List authorization.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/authorization.k8s.io/v1beta1/read", + "description": "Escalates roles", + "displayName": "Escalate roles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/escalate/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads autoscaling", - "displayName": "Gets/List autoscaling resource", - "name": "Microsoft.ContainerService/fleets/apis/autoscaling/read", + "description": "Reads replicationcontrollers", + "displayName": "Gets/List replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads autoscaling/v1", - "displayName": "Gets/List autoscaling/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/autoscaling/v1/read", + "description": "Writes replicationcontrollers", + "displayName": "Creates/Updates replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads autoscaling/v2beta1", - "displayName": "Gets/List autoscaling/v2beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/autoscaling/v2beta1/read", + "description": "Deletes replicationcontrollers", + "displayName": "Deletes/DeletesCollection replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads autoscaling/v2beta2", - "displayName": "Gets/List autoscaling/v2beta2 resource", - "name": "Microsoft.ContainerService/fleets/apis/autoscaling/v2beta2/read", + "description": "Reads replicationcontrollers", + "displayName": "Gets/List replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads batch", - "displayName": "Gets/List batch resource", - "name": "Microsoft.ContainerService/fleets/apis/batch/read", + "description": "Writes replicationcontrollers", + "displayName": "Creates/Updates replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads batch/v1", - "displayName": "Gets/List batch/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/batch/v1/read", + "description": "Deletes replicationcontrollers", + "displayName": "Deletes/DeletesCollection replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads batch/v1beta1", - "displayName": "Gets/List batch/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/batch/v1beta1/read", + "description": "Reads resourcequotas", + "displayName": "Gets/List resourcequotas resource", + "name": "Microsoft.ContainerService/fleets/resourcequotas/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads certificates.k8s.io", - "displayName": "Gets/List certificates.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/certificates.k8s.io/read", + "description": "Reads secrets", + "displayName": "Gets/List secrets resource", + "name": "Microsoft.ContainerService/fleets/secrets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads certificates.k8s.io/v1beta1", - "displayName": "Gets/List certificates.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/certificates.k8s.io/v1beta1/read", + "description": "Writes secrets", + "displayName": "Creates/Updates secrets resource", + "name": "Microsoft.ContainerService/fleets/secrets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads coordination.k8s.io", - "displayName": "Gets/List coordination.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/coordination.k8s.io/read", + "description": "Deletes secrets", + "displayName": "Deletes/DeletesCollection secrets resource", + "name": "Microsoft.ContainerService/fleets/secrets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads coordination/v1", - "displayName": "Gets/List coordination/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/coordination.k8s.io/v1/read", + "description": "Reads serviceaccounts", + "displayName": "Gets/List serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads coordination.k8s.io/v1beta1", - "displayName": "Gets/List coordination.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/coordination.k8s.io/v1beta1/read", + "description": "Writes serviceaccounts", + "displayName": "Creates/Updates serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads events.k8s.io", - "displayName": "Gets/List events.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/events.k8s.io/read", + "description": "Deletes serviceaccounts", + "displayName": "Deletes/DeletesCollection serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads events.k8s.io/v1beta1", - "displayName": "Gets/List events.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/events.k8s.io/v1beta1/read", + "description": "Impersonate serviceaccounts", + "displayName": "Impersonate serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/impersonate/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads extensions", - "displayName": "Gets/List extensions resource", - "name": "Microsoft.ContainerService/fleets/apis/extensions/read", + "description": "Reads services", + "displayName": "Gets/List services resource", + "name": "Microsoft.ContainerService/fleets/services/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads extensions/v1beta1", - "displayName": "Gets/List extensions/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/extensions/v1beta1/read", + "description": "Writes services", + "displayName": "Creates/Updates services resource", + "name": "Microsoft.ContainerService/fleets/services/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads metrics.k8s.io", - "displayName": "Gets/List metrics.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/metrics.k8s.io/read", + "description": "Deletes services", + "displayName": "Deletes/DeletesCollection services resource", + "name": "Microsoft.ContainerService/fleets/services/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" - }, + } + ], + "rawPermissions": [ { - "description": "Reads metrics.k8s.io/v1beta1", - "displayName": "Gets/List metrics.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/metrics.k8s.io/v1beta1/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, + "actions": [ + "Microsoft.Authorization/*/read", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.ContainerService/fleets/read", + "Microsoft.ContainerService/fleets/listCredentials/action" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", + "Microsoft.ContainerService/fleets/apps/daemonsets/*", + "Microsoft.ContainerService/fleets/apps/deployments/*", + "Microsoft.ContainerService/fleets/apps/statefulsets/*", + "Microsoft.ContainerService/fleets/authorization.k8s.io/localsubjectaccessreviews/write", + "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*", + "Microsoft.ContainerService/fleets/batch/cronjobs/*", + "Microsoft.ContainerService/fleets/batch/jobs/*", + "Microsoft.ContainerService/fleets/configmaps/*", + "Microsoft.ContainerService/fleets/endpoints/*", + "Microsoft.ContainerService/fleets/events.k8s.io/events/read", + "Microsoft.ContainerService/fleets/events/read", + "Microsoft.ContainerService/fleets/extensions/daemonsets/*", + "Microsoft.ContainerService/fleets/extensions/deployments/*", + "Microsoft.ContainerService/fleets/extensions/ingresses/*", + "Microsoft.ContainerService/fleets/extensions/networkpolicies/*", + "Microsoft.ContainerService/fleets/limitranges/read", + "Microsoft.ContainerService/fleets/namespaces/read", + "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*", + "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*", + "Microsoft.ContainerService/fleets/persistentvolumeclaims/*", + "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*", + "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/*", + "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/*", + "Microsoft.ContainerService/fleets/replicationcontrollers/*", + "Microsoft.ContainerService/fleets/replicationcontrollers/*", + "Microsoft.ContainerService/fleets/resourcequotas/read", + "Microsoft.ContainerService/fleets/secrets/*", + "Microsoft.ContainerService/fleets/serviceaccounts/*", + "Microsoft.ContainerService/fleets/services/*" + ], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Grants read/write access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace.\u00a0 Applying this role at cluster scope will give access across all namespaces.", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Kubernetes Fleet Manager RBAC Writer", + "permittedActions": [ { - "description": "Reads networking.k8s.io", - "displayName": "Gets/List networking.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/networking.k8s.io/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Reads the administrators for the subscription.", + "displayName": "Get administrator", + "name": "Microsoft.Authorization/classicAdministrators/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads networking/v1", - "displayName": "Gets/List networking/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/networking.k8s.io/v1/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Get information about a role assignment.", + "displayName": "Get role assignment", + "name": "Microsoft.Authorization/roleAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads networking.k8s.io/v1beta1", - "displayName": "Gets/List networking.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/networking.k8s.io/v1beta1/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Lists all the permissions the caller has at a given scope.", + "displayName": "List permissions", + "name": "Microsoft.Authorization/permissions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads node.k8s.io", - "displayName": "Gets/List node.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/node.k8s.io/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Gets locks at the specified scope.", + "displayName": "Get management locks", + "name": "Microsoft.Authorization/locks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads node.k8s.io/v1beta1", - "displayName": "Gets/List node.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/node.k8s.io/v1beta1/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Get information about a role definition.", + "displayName": "Get role definition", + "name": "Microsoft.Authorization/roleDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads policy", - "displayName": "Gets/List policy resource", - "name": "Microsoft.ContainerService/fleets/apis/policy/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Get operations for all resource providers which can be used in role definitions.", + "displayName": "Get operations for resource providers", + "name": "Microsoft.Authorization/providerOperations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads policy/v1beta1", - "displayName": "Gets/List policy/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/policy/v1beta1/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Get information about a policy set definition.", + "displayName": "Get policy set definition", + "name": "Microsoft.Authorization/policySetDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads rbac.authorization.k8s.io", - "displayName": "Gets/List rbac.authorization.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/rbac.authorization.k8s.io/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Get information about a policy definition.", + "displayName": "Get policy definition", + "name": "Microsoft.Authorization/policyDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads rbac.authorization/v1", - "displayName": "Gets/List rbac.authorization/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/rbac.authorization.k8s.io/v1/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Get information about a policy assignment.", + "displayName": "Get policy assignment", + "name": "Microsoft.Authorization/policyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads rbac.authorization.k8s.io/v1beta1", - "displayName": "Gets/List rbac.authorization.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/rbac.authorization.k8s.io/v1beta1/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Gets the list of operations", + "displayName": "Get operations", + "name": "Microsoft.Authorization/operations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads scheduling.k8s.io", - "displayName": "Gets/List scheduling.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/scheduling.k8s.io/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Gets the administrator opreation statuses of the subscription.", + "displayName": "Get administrator operation statuses", + "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads scheduling/v1", - "displayName": "Gets/List scheduling/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/scheduling.k8s.io/v1/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Get information about a deny assignment.", + "displayName": "Get deny assignment", + "name": "Microsoft.Authorization/denyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads scheduling.k8s.io/v1beta1", - "displayName": "Gets/List scheduling.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/scheduling.k8s.io/v1beta1/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Get information about resource management private link.", + "displayName": "Get Resource Management Private Link", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads storage.k8s.io", - "displayName": "Gets/List storage.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/storage.k8s.io/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Get information about private endpoint connection proxy.", + "displayName": "Get Private Endpoint Connection Proxy", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads storage/v1", - "displayName": "Gets/List storage/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/storage.k8s.io/v1/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Get information about private endpoint connection.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads storage.k8s.io/v1beta1", - "displayName": "Gets/List storage.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/storage.k8s.io/v1beta1/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Get information about private link association.", + "displayName": "Get Private Link Association", + "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads healthz", - "displayName": "Gets/List healthz resource", - "name": "Microsoft.ContainerService/fleets/healthz/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Get information about a policy exemption.", + "displayName": "Get policy exemption", + "name": "Microsoft.Authorization/policyExemptions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads autoregister-completion", - "displayName": "Gets/List autoregister-completion resource", - "name": "Microsoft.ContainerService/fleets/healthz/autoregister-completion/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Gets the role assignment schedule requests at given scope.", + "displayName": "Get Role assignment schedule request", + "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads etcd", - "displayName": "Gets/List etcd resource", - "name": "Microsoft.ContainerService/fleets/healthz/etcd/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Gets the role eligibility schedule requests at given scope.", + "displayName": "Get Role eligibility schedule request", + "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads log", - "displayName": "Gets/List log resource", - "name": "Microsoft.ContainerService/fleets/healthz/log/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Gets the role assignment schedules at given scope.", + "displayName": "Get Role assignment schedule", + "name": "Microsoft.Authorization/roleAssignmentSchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads ping", - "displayName": "Gets/List ping resource", - "name": "Microsoft.ContainerService/fleets/healthz/ping/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Gets the role eligibility schedules at given scope.", + "displayName": "Get Role eligibility schedule", + "name": "Microsoft.Authorization/roleEligibilitySchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads apiservice-openapi-controller", - "displayName": "Gets/List apiservice-openapi-controller resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/apiservice-openapi-controller/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Gets the role assignment schedule instances at given scope.", + "displayName": "Get Role assignment schedule instance", + "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads apiservice-registration-controller", - "displayName": "Gets/List apiservice-registration-controller resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/apiservice-registration-controller/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Gets the role eligibility schedule instances at given scope.", + "displayName": "Get Role eligibility schedule instance", + "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads apiservice-status-available-controller", - "displayName": "Gets/List apiservice-status-available-controller resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/apiservice-status-available-controller/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Get Role management policies", + "displayName": "Get Role management policy", + "name": "Microsoft.Authorization/roleManagementPolicies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads bootstrap-controller", - "displayName": "Gets/List bootstrap-controller resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/bootstrap-controller/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Get role management policy assignments", + "displayName": "Get Role management policy assignment", + "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads ca-registration", - "displayName": "Gets/List ca-registration resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/ca-registration/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Read the information about diagnostics settings", + "displayName": "Get information about diagnostics settings", + "name": "Microsoft.Authorization/diagnosticSettings/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads crd-informer-synced", - "displayName": "Gets/List crd-informer-synced resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/crd-informer-synced/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Get the information about diagnostic settings categories", + "displayName": "Read the information about diagnostic settings categories", + "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads generic-apiserver-start-informers", - "displayName": "Gets/List generic-apiserver-start-informers resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/generic-apiserver-start-informers/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Get the subscription operation results.", + "displayName": "Get Subscription Operation Results", + "name": "Microsoft.Resources/subscriptions/operationresults/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Reads kube-apiserver-autoregistration", - "displayName": "Gets/List kube-apiserver-autoregistration resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/kube-apiserver-autoregistration/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Gets the list of subscriptions.", + "displayName": "Get Subscriptions", + "name": "Microsoft.Resources/subscriptions/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Reads bootstrap-roles", - "displayName": "Gets/List bootstrap-roles resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/rbac/bootstrap-roles/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Reads bootstrap-system-priority-classes", - "displayName": "Gets/List bootstrap-system-priority-classes resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/scheduling/bootstrap-system-priority-classes/read", + "description": "Get fleet", + "displayName": "Get fleet", + "name": "Microsoft.ContainerService/fleets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-apiextensions-controllers", - "displayName": "Gets/List start-apiextensions-controllers resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/start-apiextensions-controllers/read", + "description": "List fleet credentials", + "displayName": "List fleet credentials", + "name": "Microsoft.ContainerService/fleets/listCredentials/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" - }, + } + ], + "permittedDataActions": [ { - "description": "Reads start-apiextensions-informers", - "displayName": "Gets/List start-apiextensions-informers resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/start-apiextensions-informers/read", + "description": "Reads controllerrevisions", + "displayName": "Gets/List controllerrevisions resource", + "name": "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-kube-aggregator-informers", - "displayName": "Gets/List start-kube-aggregator-informers resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/start-kube-aggregator-informers/read", + "description": "Reads daemonsets", + "displayName": "Gets/List daemonsets resource", + "name": "Microsoft.ContainerService/fleets/apps/daemonsets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-kube-apiserver-admission-initializer", - "displayName": "Gets/List start-kube-apiserver-admission-initializer resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/start-kube-apiserver-admission-initializer/read", + "description": "Writes daemonsets", + "displayName": "Creates/Updates daemonsets resource", + "name": "Microsoft.ContainerService/fleets/apps/daemonsets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads livez", - "displayName": "Gets/List livez resource", - "name": "Microsoft.ContainerService/fleets/livez/read", + "description": "Deletes daemonsets", + "displayName": "Deletes/DeletesCollection daemonsets resource", + "name": "Microsoft.ContainerService/fleets/apps/daemonsets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads autoregister-completion", - "displayName": "Gets/List autoregister-completion resource", - "name": "Microsoft.ContainerService/fleets/livez/autoregister-completion/read", + "description": "Reads deployments", + "displayName": "Gets/List deployments resource", + "name": "Microsoft.ContainerService/fleets/apps/deployments/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads etcd", - "displayName": "Gets/List etcd resource", - "name": "Microsoft.ContainerService/fleets/livez/etcd/read", + "description": "Writes deployments", + "displayName": "Creates/Updates deployments resource", + "name": "Microsoft.ContainerService/fleets/apps/deployments/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads log", - "displayName": "Gets/List log resource", - "name": "Microsoft.ContainerService/fleets/livez/log/read", + "description": "Deletes deployments", + "displayName": "Deletes/DeletesCollection deployments resource", + "name": "Microsoft.ContainerService/fleets/apps/deployments/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ping", - "displayName": "Gets/List ping resource", - "name": "Microsoft.ContainerService/fleets/livez/ping/read", + "description": "Reads statefulsets", + "displayName": "Gets/List statefulsets resource", + "name": "Microsoft.ContainerService/fleets/apps/statefulsets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiservice-openapi-controller", - "displayName": "Gets/List apiservice-openapi-controller resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/apiservice-openapi-controller/read", + "description": "Writes statefulsets", + "displayName": "Creates/Updates statefulsets resource", + "name": "Microsoft.ContainerService/fleets/apps/statefulsets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiservice-registration-controller", - "displayName": "Gets/List apiservice-registration-controller resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/apiservice-registration-controller/read", + "description": "Deletes statefulsets", + "displayName": "Deletes/DeletesCollection statefulsets resource", + "name": "Microsoft.ContainerService/fleets/apps/statefulsets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiservice-status-available-controller", - "displayName": "Gets/List apiservice-status-available-controller resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/apiservice-status-available-controller/read", + "description": "Reads horizontalpodautoscalers", + "displayName": "Gets/List horizontalpodautoscalers resource", + "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads bootstrap-controller", - "displayName": "Gets/List bootstrap-controller resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/bootstrap-controller/read", + "description": "Writes horizontalpodautoscalers", + "displayName": "Creates/Updates horizontalpodautoscalers resource", + "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ca-registration", - "displayName": "Gets/List ca-registration resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/ca-registration/read", + "description": "Deletes horizontalpodautoscalers", + "displayName": "Deletes/DeletesCollection horizontalpodautoscalers resource", + "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads crd-informer-synced", - "displayName": "Gets/List crd-informer-synced resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/crd-informer-synced/read", + "description": "Reads cronjobs", + "displayName": "Gets/List cronjobs resource", + "name": "Microsoft.ContainerService/fleets/batch/cronjobs/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads generic-apiserver-start-informers", - "displayName": "Gets/List generic-apiserver-start-informers resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/generic-apiserver-start-informers/read", + "description": "Writes cronjobs", + "displayName": "Creates/Updates cronjobs resource", + "name": "Microsoft.ContainerService/fleets/batch/cronjobs/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads kube-apiserver-autoregistration", - "displayName": "Gets/List kube-apiserver-autoregistration resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/kube-apiserver-autoregistration/read", + "description": "Deletes cronjobs", + "displayName": "Deletes/DeletesCollection cronjobs resource", + "name": "Microsoft.ContainerService/fleets/batch/cronjobs/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads bootstrap-roles", - "displayName": "Gets/List bootstrap-roles resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/rbac/bootstrap-roles/read", + "description": "Reads jobs", + "displayName": "Gets/List jobs resource", + "name": "Microsoft.ContainerService/fleets/batch/jobs/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads bootstrap-system-priority-classes", - "displayName": "Gets/List bootstrap-system-priority-classes resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/scheduling/bootstrap-system-priority-classes/read", + "description": "Writes jobs", + "displayName": "Creates/Updates jobs resource", + "name": "Microsoft.ContainerService/fleets/batch/jobs/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-apiextensions-controllers", - "displayName": "Gets/List start-apiextensions-controllers resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/start-apiextensions-controllers/read", + "description": "Deletes jobs", + "displayName": "Deletes/DeletesCollection jobs resource", + "name": "Microsoft.ContainerService/fleets/batch/jobs/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-apiextensions-informers", - "displayName": "Gets/List start-apiextensions-informers resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/start-apiextensions-informers/read", + "description": "Reads configmaps", + "displayName": "Gets/List configmaps resource", + "name": "Microsoft.ContainerService/fleets/configmaps/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-kube-aggregator-informers", - "displayName": "Gets/List start-kube-aggregator-informers resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/start-kube-aggregator-informers/read", + "description": "Writes configmaps", + "displayName": "Creates/Updates configmaps resource", + "name": "Microsoft.ContainerService/fleets/configmaps/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-kube-apiserver-admission-initializer", - "displayName": "Gets/List start-kube-apiserver-admission-initializer resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/start-kube-apiserver-admission-initializer/read", + "description": "Deletes configmaps", + "displayName": "Deletes/DeletesCollection configmaps resource", + "name": "Microsoft.ContainerService/fleets/configmaps/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads logs", - "displayName": "Gets/List logs resource", - "name": "Microsoft.ContainerService/fleets/logs/read", + "description": "Reads endpoints", + "displayName": "Gets/List endpoints resource", + "name": "Microsoft.ContainerService/fleets/endpoints/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads metrics", - "displayName": "Gets/List metrics resource", - "name": "Microsoft.ContainerService/fleets/metrics/read", + "description": "Writes endpoints", + "displayName": "Creates/Updates endpoints resource", + "name": "Microsoft.ContainerService/fleets/endpoints/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads v2", - "displayName": "Gets/List v2 resource", - "name": "Microsoft.ContainerService/fleets/openapi/v2/read", + "description": "Deletes endpoints", + "displayName": "Deletes/DeletesCollection endpoints resource", + "name": "Microsoft.ContainerService/fleets/endpoints/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads readyz", - "displayName": "Gets/List readyz resource", - "name": "Microsoft.ContainerService/fleets/readyz/read", + "description": "Reads events", + "displayName": "Gets/List events resource", + "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads autoregister-completion", - "displayName": "Gets/List autoregister-completion resource", - "name": "Microsoft.ContainerService/fleets/readyz/autoregister-completion/read", + "description": "Reads events", + "displayName": "Gets/List events resource", + "name": "Microsoft.ContainerService/fleets/events/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads etcd", - "displayName": "Gets/List etcd resource", - "name": "Microsoft.ContainerService/fleets/readyz/etcd/read", + "description": "Reads daemonsets", + "displayName": "Gets/List daemonsets resource", + "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads log", - "displayName": "Gets/List log resource", - "name": "Microsoft.ContainerService/fleets/readyz/log/read", + "description": "Writes daemonsets", + "displayName": "Creates/Updates daemonsets resource", + "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ping", - "displayName": "Gets/List ping resource", - "name": "Microsoft.ContainerService/fleets/readyz/ping/read", + "description": "Deletes daemonsets", + "displayName": "Deletes/DeletesCollection daemonsets resource", + "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiservice-openapi-controller", - "displayName": "Gets/List apiservice-openapi-controller resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/apiservice-openapi-controller/read", + "description": "Reads deployments", + "displayName": "Gets/List deployments resource", + "name": "Microsoft.ContainerService/fleets/extensions/deployments/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiservice-registration-controller", - "displayName": "Gets/List apiservice-registration-controller resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/apiservice-registration-controller/read", + "description": "Writes deployments", + "displayName": "Creates/Updates deployments resource", + "name": "Microsoft.ContainerService/fleets/extensions/deployments/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiservice-status-available-controller", - "displayName": "Gets/List apiservice-status-available-controller resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/apiservice-status-available-controller/read", + "description": "Deletes deployments", + "displayName": "Deletes/DeletesCollection deployments resource", + "name": "Microsoft.ContainerService/fleets/extensions/deployments/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads bootstrap-controller", - "displayName": "Gets/List bootstrap-controller resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/bootstrap-controller/read", + "description": "Reads ingresses", + "displayName": "Gets/List ingresses resource", + "name": "Microsoft.ContainerService/fleets/extensions/ingresses/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ca-registration", - "displayName": "Gets/List ca-registration resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/ca-registration/read", + "description": "Writes ingresses", + "displayName": "Creates/Updates ingresses resource", + "name": "Microsoft.ContainerService/fleets/extensions/ingresses/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads crd-informer-synced", - "displayName": "Gets/List crd-informer-synced resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/crd-informer-synced/read", + "description": "Deletes ingresses", + "displayName": "Deletes/DeletesCollection ingresses resource", + "name": "Microsoft.ContainerService/fleets/extensions/ingresses/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads generic-apiserver-start-informers", - "displayName": "Gets/List generic-apiserver-start-informers resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/generic-apiserver-start-informers/read", + "description": "Reads networkpolicies", + "displayName": "Gets/List networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads kube-apiserver-autoregistration", - "displayName": "Gets/List kube-apiserver-autoregistration resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/kube-apiserver-autoregistration/read", + "description": "Writes networkpolicies", + "displayName": "Creates/Updates networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads bootstrap-roles", - "displayName": "Gets/List bootstrap-roles resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/rbac/bootstrap-roles/read", + "description": "Deletes networkpolicies", + "displayName": "Deletes/DeletesCollection networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads bootstrap-system-priority-classes", - "displayName": "Gets/List bootstrap-system-priority-classes resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/scheduling/bootstrap-system-priority-classes/read", + "description": "Reads limitranges", + "displayName": "Gets/List limitranges resource", + "name": "Microsoft.ContainerService/fleets/limitranges/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-apiextensions-controllers", - "displayName": "Gets/List start-apiextensions-controllers resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/start-apiextensions-controllers/read", + "description": "Reads namespaces", + "displayName": "Gets/List namespaces resource", + "name": "Microsoft.ContainerService/fleets/namespaces/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-apiextensions-informers", - "displayName": "Gets/List start-apiextensions-informers resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/start-apiextensions-informers/read", + "description": "Reads ingresses", + "displayName": "Gets/List ingresses resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-kube-aggregator-informers", - "displayName": "Gets/List start-kube-aggregator-informers resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/start-kube-aggregator-informers/read", + "description": "Writes ingresses", + "displayName": "Creates/Updates ingresses resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-kube-apiserver-admission-initializer", - "displayName": "Gets/List start-kube-apiserver-admission-initializer resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/start-kube-apiserver-admission-initializer/read", + "description": "Deletes ingresses", + "displayName": "Deletes/DeletesCollection ingresses resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads shutdown", - "displayName": "Gets/List shutdown resource", - "name": "Microsoft.ContainerService/fleets/readyz/shutdown/read", + "description": "Reads networkpolicies", + "displayName": "Gets/List networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads resetMetrics", - "displayName": "Gets/List resetMetrics resource", - "name": "Microsoft.ContainerService/fleets/resetMetrics/read", + "description": "Writes networkpolicies", + "displayName": "Creates/Updates networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads swagger-ui", - "displayName": "Gets/List swagger-ui resource", - "name": "Microsoft.ContainerService/fleets/swagger-ui/read", + "description": "Deletes networkpolicies", + "displayName": "Deletes/DeletesCollection networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads swagger-api", - "displayName": "Gets/List swagger-api resource", - "name": "Microsoft.ContainerService/fleets/swagger-api/read", + "description": "Reads persistentvolumeclaims", + "displayName": "Gets/List persistentvolumeclaims resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ui", - "displayName": "Gets/List ui resource", - "name": "Microsoft.ContainerService/fleets/ui/read", + "description": "Writes persistentvolumeclaims", + "displayName": "Creates/Updates persistentvolumeclaims resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads version", - "displayName": "Gets/List version resource", - "name": "Microsoft.ContainerService/fleets/version/read", + "description": "Deletes persistentvolumeclaims", + "displayName": "Deletes/DeletesCollection persistentvolumeclaims resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, @@ -979979,518 +980162,377 @@ "providerName": "Microsoft.ContainerService" }, { - "description": "Reads podsecuritypolicies", - "displayName": "Gets/List podsecuritypolicies resource", - "name": "Microsoft.ContainerService/fleets/policy/podsecuritypolicies/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes podsecuritypolicies", - "displayName": "Creates/Updates podsecuritypolicies resource", - "name": "Microsoft.ContainerService/fleets/policy/podsecuritypolicies/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes podsecuritypolicies", - "displayName": "Deletes/DeletesCollection podsecuritypolicies resource", - "name": "Microsoft.ContainerService/fleets/policy/podsecuritypolicies/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Use action on podsecuritypolicies", - "displayName": "Use podsecuritypolicies resource", - "name": "Microsoft.ContainerService/fleets/policy/podsecuritypolicies/use/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads clusterrolebindings", - "displayName": "Gets/List clusterrolebindings resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterrolebindings/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes clusterrolebindings", - "displayName": "Creates/Updates clusterrolebindings resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterrolebindings/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes clusterrolebindings", - "displayName": "Deletes/DeletesCollection clusterrolebindings resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterrolebindings/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads clusterroles", - "displayName": "Gets/List clusterroles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes clusterroles", - "displayName": "Creates/Updates clusterroles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes clusterroles", - "displayName": "Deletes/DeletesCollection clusterroles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Binds clusterroles", - "displayName": "Bind clusterroles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/bind/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Escalates", - "displayName": "Escalate clusterroles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/escalate/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads rolebindings", - "displayName": "Gets/List rolebindings resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes rolebindings", - "displayName": "Creates/Updates rolebindings resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes rolebindings", - "displayName": "Deletes/DeletesCollection rolebindings resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads roles", - "displayName": "Gets/List roles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes roles", - "displayName": "Creates/Updates roles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes roles", - "displayName": "Deletes/DeletesCollection roles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Binds roles", - "displayName": "Bind roles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/bind/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Escalates roles", - "displayName": "Escalate roles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/escalate/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads priorityclasses", - "displayName": "Gets/List priorityclasses resource", - "name": "Microsoft.ContainerService/fleets/scheduling.k8s.io/priorityclasses/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes priorityclasses", - "displayName": "Creates/Updates priorityclasses resource", - "name": "Microsoft.ContainerService/fleets/scheduling.k8s.io/priorityclasses/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes priorityclasses", - "displayName": "Deletes/DeletesCollection priorityclasses resource", - "name": "Microsoft.ContainerService/fleets/scheduling.k8s.io/priorityclasses/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Impersonate users", - "displayName": "Impersonate users resource", - "name": "Microsoft.ContainerService/fleets/users/impersonate/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Impersonate groups", - "displayName": "Impersonate groups resource", - "name": "Microsoft.ContainerService/fleets/groups/impersonate/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Impersonate userextras", - "displayName": "Impersonate userextras resource", - "name": "Microsoft.ContainerService/fleets/authentication.k8s.io/userextras/impersonate/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads storageclasses", - "displayName": "Gets/List storageclasses resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/storageclasses/read", + "description": "Reads replicationcontrollers", + "displayName": "Gets/List replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes storageclasses", - "displayName": "Creates/Updates storageclasses resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/storageclasses/write", + "description": "Writes replicationcontrollers", + "displayName": "Creates/Updates replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes storageclasses", - "displayName": "Deletes/DeletesCollection storageclasses resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/storageclasses/delete", + "description": "Deletes replicationcontrollers", + "displayName": "Deletes/DeletesCollection replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads volumeattachments", - "displayName": "Gets/List volumeattachments resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/volumeattachments/read", + "description": "Reads replicationcontrollers", + "displayName": "Gets/List replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes volumeattachments", - "displayName": "Creates/Updates volumeattachments resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/volumeattachments/write", + "description": "Writes replicationcontrollers", + "displayName": "Creates/Updates replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes volumeattachments", - "displayName": "Deletes/DeletesCollection volumeattachments resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/volumeattachments/delete", + "description": "Deletes replicationcontrollers", + "displayName": "Deletes/DeletesCollection replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads csidrivers", - "displayName": "Gets/List csidrivers resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csidrivers/read", + "description": "Reads resourcequotas", + "displayName": "Gets/List resourcequotas resource", + "name": "Microsoft.ContainerService/fleets/resourcequotas/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes csidrivers", - "displayName": "Creates/Updates csidrivers resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csidrivers/write", + "description": "Reads secrets", + "displayName": "Gets/List secrets resource", + "name": "Microsoft.ContainerService/fleets/secrets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes csidrivers", - "displayName": "Deletes/DeletesCollection csidrivers resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csidrivers/delete", + "description": "Writes secrets", + "displayName": "Creates/Updates secrets resource", + "name": "Microsoft.ContainerService/fleets/secrets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads csinodes", - "displayName": "Gets/List csinodes resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csinodes/read", + "description": "Deletes secrets", + "displayName": "Deletes/DeletesCollection secrets resource", + "name": "Microsoft.ContainerService/fleets/secrets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes csinodes", - "displayName": "Creates/Updates csinodes resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csinodes/write", + "description": "Reads serviceaccounts", + "displayName": "Gets/List serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes csinodes", - "displayName": "Deletes/DeletesCollection csinodes resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csinodes/delete", + "description": "Writes serviceaccounts", + "displayName": "Creates/Updates serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Read fleet membercluster resource", - "displayName": "Get/List fleet membercluster resource", - "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/read", + "description": "Deletes serviceaccounts", + "displayName": "Deletes/DeletesCollection serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Write fleet membercluster resource", - "displayName": "Create/Update fleet membercluster resource", - "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/write", + "description": "Impersonate serviceaccounts", + "displayName": "Impersonate serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/impersonate/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete fleet membercluster resource", - "displayName": "Delete fleet membercluster resource", - "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/delete", + "description": "Reads services", + "displayName": "Gets/List services resource", + "name": "Microsoft.ContainerService/fleets/services/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Read fleet internalmembercluster resource", - "displayName": "Get/List fleet internalmembercluster resource", - "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read", + "description": "Writes services", + "displayName": "Creates/Updates services resource", + "name": "Microsoft.ContainerService/fleets/services/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Write fleet internalmembercluster resource", - "displayName": "Create/Update fleet internalmembercluster resource", - "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/write", + "description": "Deletes services", + "displayName": "Deletes/DeletesCollection services resource", + "name": "Microsoft.ContainerService/fleets/services/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" - }, + } + ], + "rawPermissions": [ { - "description": "Delete fleet internalmembercluster resource", - "displayName": "Delete fleet internalmembercluster resource", - "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, + "actions": [ + "Microsoft.Authorization/*/read", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.ContainerService/fleets/read", + "Microsoft.ContainerService/fleets/listCredentials/action" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", + "Microsoft.ContainerService/fleets/apps/daemonsets/*", + "Microsoft.ContainerService/fleets/apps/deployments/*", + "Microsoft.ContainerService/fleets/apps/statefulsets/*", + "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*", + "Microsoft.ContainerService/fleets/batch/cronjobs/*", + "Microsoft.ContainerService/fleets/batch/jobs/*", + "Microsoft.ContainerService/fleets/configmaps/*", + "Microsoft.ContainerService/fleets/endpoints/*", + "Microsoft.ContainerService/fleets/events.k8s.io/events/read", + "Microsoft.ContainerService/fleets/events/read", + "Microsoft.ContainerService/fleets/extensions/daemonsets/*", + "Microsoft.ContainerService/fleets/extensions/deployments/*", + "Microsoft.ContainerService/fleets/extensions/ingresses/*", + "Microsoft.ContainerService/fleets/extensions/networkpolicies/*", + "Microsoft.ContainerService/fleets/limitranges/read", + "Microsoft.ContainerService/fleets/namespaces/read", + "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*", + "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*", + "Microsoft.ContainerService/fleets/persistentvolumeclaims/*", + "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*", + "Microsoft.ContainerService/fleets/replicationcontrollers/*", + "Microsoft.ContainerService/fleets/replicationcontrollers/*", + "Microsoft.ContainerService/fleets/resourcequotas/read", + "Microsoft.ContainerService/fleets/secrets/*", + "Microsoft.ContainerService/fleets/serviceaccounts/*", + "Microsoft.ContainerService/fleets/services/*" + ], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Grants read/write access to Azure resources provided by Azure Kubernetes Fleet Manager, including fleets, fleet members, fleet update strategies, fleet update runs, etc.", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Kubernetes Fleet Manager Contributor Role", + "permittedActions": [ { - "description": "Read fleet clusterresourceplacement resource", - "displayName": "Gets/List fleet clusterresourceplacement resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/read", + "description": "Get fleet", + "displayName": "Get fleet", + "name": "Microsoft.ContainerService/fleets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Write fleet clusterresourceplacement resource", - "displayName": "Create/Update fleet clusterresourceplacement resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/write", + "description": "Create or Update a fleet", + "displayName": "Create or Update a fleet", + "name": "Microsoft.ContainerService/fleets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete fleet clusterresourceplacement resource", - "displayName": "Delete fleet clusterresourceplacement resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/delete", + "description": "Delete a fleet", + "displayName": "Delete a fleet", + "name": "Microsoft.ContainerService/fleets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Read fleet clusterresourcebinding resource", - "displayName": "Gets/List fleet clusterresourcebinding resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/read", + "description": "List fleet credentials", + "displayName": "List fleet credentials", + "name": "Microsoft.ContainerService/fleets/listCredentials/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Create/Update fleet clusterresourcebinding resource", - "displayName": "Create/Update fleet clusterresourcebinding resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/write", + "description": "Get a fleet member", + "displayName": "Get a fleet member", + "name": "Microsoft.ContainerService/fleets/members/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete fleet clusterresourcebinding resource", - "displayName": "Delete fleet clusterresourcebinding resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/delete", + "description": "Create or Update a fleet member", + "displayName": "Create or Update a fleet member", + "name": "Microsoft.ContainerService/fleets/members/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Read fleet clusterresourcesnapshot resource", - "displayName": "Gets/List fleet clusterresourcesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/read", + "description": "Delete a fleet member", + "displayName": "Delete a fleet member", + "name": "Microsoft.ContainerService/fleets/members/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Write fleet clusterresourcesnapshot resource", - "displayName": "Create/Update fleet clusterresourcesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/write", + "description": "Get a fleet update run", + "displayName": "Get a fleet update run", + "name": "Microsoft.ContainerService/fleets/updateRuns/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete fleet clusterresourcesnapshot resource", - "displayName": "Delete fleet clusterresourcesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/delete", + "description": "Create or Update a fleet update run", + "displayName": "Create or Update a fleet update run", + "name": "Microsoft.ContainerService/fleets/updateRuns/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Read fleet clusterschedulingpolicysnapshot resource", - "displayName": "Gets/List fleet clusterschedulingpolicysnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/read", + "description": "Delete a fleet update run", + "displayName": "Delete a fleet update run", + "name": "Microsoft.ContainerService/fleets/updateRuns/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Write fleet clusterschedulingpolicysnapshot resource", - "displayName": "Create/Update fleet clusterschedulingpolicysnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/write", + "description": "Starts a fleet update run", + "displayName": "Starts a fleet update run", + "name": "Microsoft.ContainerService/fleets/updateRuns/start/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete fleet clusterschedulingpolicysnapshot resource", - "displayName": "Delete fleet clusterschedulingpolicysnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/delete", + "description": "Stops a fleet update run", + "displayName": "Stops a fleet update run", + "name": "Microsoft.ContainerService/fleets/updateRuns/stop/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Read fleet clusterresourceoverride resource", - "displayName": "Gets/List fleet clusterresourceoverride resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/read", + "description": "Get a fleet update strategy", + "displayName": "Get a fleet update strategy", + "name": "Microsoft.ContainerService/fleets/updateStrategies/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Write fleet clusterresourceoverride resource", - "displayName": "Create/Update fleet clusterresourceoverride resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/write", + "description": "Create or Update a fleet update strategy", + "displayName": "Create or Update a fleet update strategy", + "name": "Microsoft.ContainerService/fleets/updateStrategies/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete fleet clusterresourceoverride resource", - "displayName": "Delete fleet clusterresourceoverride resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/delete", + "description": "Delete a fleet update strategy", + "displayName": "Delete a fleet update strategy", + "name": "Microsoft.ContainerService/fleets/updateStrategies/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Read fleet clusterresourceoverridesnapshot resource", - "displayName": "Gets/List fleet clusterresourceoverridesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/read", + "description": "Get a fleet auto upgrade profile", + "displayName": "Get a fleet auto upgrade profile", + "name": "Microsoft.ContainerService/fleets/autoUpgradeProfiles/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Write fleet clusterresourceoverridesnapshot resource", - "displayName": "Create/Update fleet clusterresourceoverridesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/write", + "description": "Create or Update a fleet auto upgrade profile", + "displayName": "Create or Update a fleet auto upgrade profile", + "name": "Microsoft.ContainerService/fleets/autoUpgradeProfiles/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete fleet clusterresourceoverridesnapshot resource", - "displayName": "Delete fleet clusterresourceoverridesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/delete", + "description": "Delete a fleet auto upgrade profile", + "displayName": "Delete a fleet auto upgrade profile", + "name": "Microsoft.ContainerService/fleets/autoUpgradeProfiles/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Read fleet resourceoverride resource", - "displayName": "Gets/List fleet resourceoverride resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Write fleet resourceoverride resource", - "displayName": "Create/Update fleet resourceoverride resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Delete fleet resourceoverride resource", - "displayName": "Delete fleet resourceoverride resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Read fleet resourceoverridesnapshot resource", - "displayName": "Gets/List fleet resourceoverridesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Write fleet resourceoverridesnapshot resource", - "displayName": "Create/Update fleet resourceoverridesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Delete fleet resourceoverridesnapshot resource", - "displayName": "Delete fleet resourceoverridesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Read fleet work resource", - "displayName": "Gets/List fleet work resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Write fleet work resource", - "displayName": "Create/Update fleet work resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Delete fleet work resource", - "displayName": "Delete fleet work resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" } ], + "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ContainerService/fleets/read", - "Microsoft.ContainerService/fleets/listCredentials/action" + "Microsoft.ContainerService/fleets/*", + "Microsoft.Resources/deployments/*" ], "condition": null, "conditionVersion": null, - "dataActions": [ - "Microsoft.ContainerService/fleets/*" - ], + "dataActions": [], "notActions": [], "notDataActions": [] } @@ -1031078,63 +1031120,6 @@ } ] }, - { - "description": "Can perform all actions on Machine Learning Services Registry assets\u00a0as well as get Registry resources.", - "hasExternal": false, - "hasUnknown": false, - "name": "AzureML Registry User", - "permittedActions": [ - { - "description": "Gets the Machine Learning Services registry(ies)", - "displayName": "Gets the Machine Learning Services registry(ies)", - "name": "Microsoft.MachineLearningServices/registries/read", - "providerDisplayName": "Machine Learning Services Resource Provider", - "providerName": "Microsoft.MachineLearningServices" - }, - { - "description": "Reads assets in Machine Learning Services registry(ies)", - "displayName": "Reads assets in Machine Learning Services registry(ies)", - "name": "Microsoft.MachineLearningServices/registries/assets/read", - "providerDisplayName": "Machine Learning Services Resource Provider", - "providerName": "Microsoft.MachineLearningServices" - }, - { - "description": "Creates or updates assets in Machine Learning Services registry(ies)", - "displayName": "Creates or updates assets in Machine Learning Services registry(ies)", - "name": "Microsoft.MachineLearningServices/registries/assets/write", - "providerDisplayName": "Machine Learning Services Resource Provider", - "providerName": "Microsoft.MachineLearningServices" - }, - { - "description": "Deletes assets in Machine Learning Services registry(ies)", - "displayName": "Deletes assets in Machine Learning Services registry(ies)", - "name": "Microsoft.MachineLearningServices/registries/assets/delete", - "providerDisplayName": "Machine Learning Services Resource Provider", - "providerName": "Microsoft.MachineLearningServices" - }, - { - "description": "Updates the stage on a Machine Learning Services registry asset", - "displayName": "Updates the stage on a Machine Learning Services registry asset", - "name": "Microsoft.MachineLearningServices/registries/assets/stage/write", - "providerDisplayName": "Machine Learning Services Resource Provider", - "providerName": "Microsoft.MachineLearningServices" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.MachineLearningServices/registries/read", - "Microsoft.MachineLearningServices/registries/assets/*" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Can access and perform CRUD operations on Machine Learning Services managed compute resources (including Notebook VMs).", "hasExternal": false, @@ -1031283,6 +1031268,63 @@ } ] }, + { + "description": "Can perform all actions on Machine Learning Services Registry assets\u00a0as well as get Registry resources.", + "hasExternal": false, + "hasUnknown": false, + "name": "AzureML Registry User", + "permittedActions": [ + { + "description": "Gets the Machine Learning Services registry(ies)", + "displayName": "Gets the Machine Learning Services registry(ies)", + "name": "Microsoft.MachineLearningServices/registries/read", + "providerDisplayName": "Machine Learning Services Resource Provider", + "providerName": "Microsoft.MachineLearningServices" + }, + { + "description": "Reads assets in Machine Learning Services registry(ies)", + "displayName": "Reads assets in Machine Learning Services registry(ies)", + "name": "Microsoft.MachineLearningServices/registries/assets/read", + "providerDisplayName": "Machine Learning Services Resource Provider", + "providerName": "Microsoft.MachineLearningServices" + }, + { + "description": "Creates or updates assets in Machine Learning Services registry(ies)", + "displayName": "Creates or updates assets in Machine Learning Services registry(ies)", + "name": "Microsoft.MachineLearningServices/registries/assets/write", + "providerDisplayName": "Machine Learning Services Resource Provider", + "providerName": "Microsoft.MachineLearningServices" + }, + { + "description": "Deletes assets in Machine Learning Services registry(ies)", + "displayName": "Deletes assets in Machine Learning Services registry(ies)", + "name": "Microsoft.MachineLearningServices/registries/assets/delete", + "providerDisplayName": "Machine Learning Services Resource Provider", + "providerName": "Microsoft.MachineLearningServices" + }, + { + "description": "Updates the stage on a Machine Learning Services registry asset", + "displayName": "Updates the stage on a Machine Learning Services registry asset", + "name": "Microsoft.MachineLearningServices/registries/assets/stage/write", + "providerDisplayName": "Machine Learning Services Resource Provider", + "providerName": "Microsoft.MachineLearningServices" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.MachineLearningServices/registries/read", + "Microsoft.MachineLearningServices/registries/assets/*" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Azure Center for SAP solutions service role - This role is intended to be used for providing the permissions to user assigned managed identity. Azure Center for SAP solutions will use this identity to deploy and manage SAP systems.", "hasExternal": false, @@ -1037463,36 +1037505,36 @@ ] }, { - "description": "For internal use within Azure. Can manage Azure Front Door domains, but can't grant access to other users.", + "description": "For internal use within Azure. Can manage Azure Front Door secrets, but can't grant access to other users.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Front Door Domain Contributor", + "name": "Azure Front Door Secret Contributor", "permittedActions": [ { "description": null, "displayName": "read", - "name": "Microsoft.Cdn/operationresults/profileresults/customdomainresults/read", + "name": "Microsoft.Cdn/operationresults/profileresults/secretresults/read", "providerDisplayName": "Microsoft.Cdn", "providerName": "Microsoft.Cdn" }, { "description": null, "displayName": "read", - "name": "Microsoft.Cdn/profiles/customdomains/read", + "name": "Microsoft.Cdn/profiles/secrets/read", "providerDisplayName": "Microsoft.Cdn", "providerName": "Microsoft.Cdn" }, { "description": null, "displayName": "write", - "name": "Microsoft.Cdn/profiles/customdomains/write", + "name": "Microsoft.Cdn/profiles/secrets/write", "providerDisplayName": "Microsoft.Cdn", "providerName": "Microsoft.Cdn" }, { "description": null, "displayName": "delete", - "name": "Microsoft.Cdn/profiles/customdomains/delete", + "name": "Microsoft.Cdn/profiles/secrets/delete", "providerDisplayName": "Microsoft.Cdn", "providerName": "Microsoft.Cdn" }, @@ -1037508,10 +1037550,10 @@ "rawPermissions": [ { "actions": [ - "Microsoft.Cdn/operationresults/profileresults/customdomainresults/read", - "Microsoft.Cdn/profiles/customdomains/read", - "Microsoft.Cdn/profiles/customdomains/write", - "Microsoft.Cdn/profiles/customdomains/delete", + "Microsoft.Cdn/operationresults/profileresults/secretresults/read", + "Microsoft.Cdn/profiles/secrets/read", + "Microsoft.Cdn/profiles/secrets/write", + "Microsoft.Cdn/profiles/secrets/delete", "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, @@ -1037523,22 +1037565,36 @@ ] }, { - "description": "For internal use within Azure. Can view Azure Front Door secrets, but can't make changes.", + "description": "For internal use within Azure. Can manage Azure Front Door domains, but can't grant access to other users.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Front Door Secret Reader", + "name": "Azure Front Door Domain Contributor", "permittedActions": [ { "description": null, "displayName": "read", - "name": "Microsoft.Cdn/operationresults/profileresults/secretresults/read", + "name": "Microsoft.Cdn/operationresults/profileresults/customdomainresults/read", "providerDisplayName": "Microsoft.Cdn", "providerName": "Microsoft.Cdn" }, { "description": null, "displayName": "read", - "name": "Microsoft.Cdn/profiles/secrets/read", + "name": "Microsoft.Cdn/profiles/customdomains/read", + "providerDisplayName": "Microsoft.Cdn", + "providerName": "Microsoft.Cdn" + }, + { + "description": null, + "displayName": "write", + "name": "Microsoft.Cdn/profiles/customdomains/write", + "providerDisplayName": "Microsoft.Cdn", + "providerName": "Microsoft.Cdn" + }, + { + "description": null, + "displayName": "delete", + "name": "Microsoft.Cdn/profiles/customdomains/delete", "providerDisplayName": "Microsoft.Cdn", "providerName": "Microsoft.Cdn" }, @@ -1037554,8 +1037610,10 @@ "rawPermissions": [ { "actions": [ - "Microsoft.Cdn/operationresults/profileresults/secretresults/read", - "Microsoft.Cdn/profiles/secrets/read", + "Microsoft.Cdn/operationresults/profileresults/customdomainresults/read", + "Microsoft.Cdn/profiles/customdomains/read", + "Microsoft.Cdn/profiles/customdomains/write", + "Microsoft.Cdn/profiles/customdomains/delete", "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, @@ -1037567,36 +1037625,22 @@ ] }, { - "description": "For internal use within Azure. Can manage Azure Front Door secrets, but can't grant access to other users.", + "description": "For internal use within Azure. Can view Azure Front Door domains, but can't make changes.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Front Door Secret Contributor", + "name": "Azure Front Door Domain Reader", "permittedActions": [ { "description": null, "displayName": "read", - "name": "Microsoft.Cdn/operationresults/profileresults/secretresults/read", + "name": "Microsoft.Cdn/operationresults/profileresults/customdomainresults/read", "providerDisplayName": "Microsoft.Cdn", "providerName": "Microsoft.Cdn" }, { "description": null, "displayName": "read", - "name": "Microsoft.Cdn/profiles/secrets/read", - "providerDisplayName": "Microsoft.Cdn", - "providerName": "Microsoft.Cdn" - }, - { - "description": null, - "displayName": "write", - "name": "Microsoft.Cdn/profiles/secrets/write", - "providerDisplayName": "Microsoft.Cdn", - "providerName": "Microsoft.Cdn" - }, - { - "description": null, - "displayName": "delete", - "name": "Microsoft.Cdn/profiles/secrets/delete", + "name": "Microsoft.Cdn/profiles/customdomains/read", "providerDisplayName": "Microsoft.Cdn", "providerName": "Microsoft.Cdn" }, @@ -1037612,10 +1037656,8 @@ "rawPermissions": [ { "actions": [ - "Microsoft.Cdn/operationresults/profileresults/secretresults/read", - "Microsoft.Cdn/profiles/secrets/read", - "Microsoft.Cdn/profiles/secrets/write", - "Microsoft.Cdn/profiles/secrets/delete", + "Microsoft.Cdn/operationresults/profileresults/customdomainresults/read", + "Microsoft.Cdn/profiles/customdomains/read", "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, @@ -1037627,22 +1037669,22 @@ ] }, { - "description": "For internal use within Azure. Can view Azure Front Door domains, but can't make changes.", + "description": "For internal use within Azure. Can view Azure Front Door secrets, but can't make changes.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Front Door Domain Reader", + "name": "Azure Front Door Secret Reader", "permittedActions": [ { "description": null, "displayName": "read", - "name": "Microsoft.Cdn/operationresults/profileresults/customdomainresults/read", + "name": "Microsoft.Cdn/operationresults/profileresults/secretresults/read", "providerDisplayName": "Microsoft.Cdn", "providerName": "Microsoft.Cdn" }, { "description": null, "displayName": "read", - "name": "Microsoft.Cdn/profiles/customdomains/read", + "name": "Microsoft.Cdn/profiles/secrets/read", "providerDisplayName": "Microsoft.Cdn", "providerName": "Microsoft.Cdn" }, @@ -1037658,8 +1037700,8 @@ "rawPermissions": [ { "actions": [ - "Microsoft.Cdn/operationresults/profileresults/customdomainresults/read", - "Microsoft.Cdn/profiles/customdomains/read", + "Microsoft.Cdn/operationresults/profileresults/secretresults/read", + "Microsoft.Cdn/profiles/secrets/read", "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, @@ -1037671,291 +1037713,967 @@ ] }, { - "description": "Grants full access to the cluster and its resources, including the ability to register Azure Stack HCI and assign others as Azure Arc HCI VM Contributor and/or Azure Arc HCI VM Reader", - "hasExternal": false, + "description": "Allows users to create, modify, describe, or delete Rulestacks.", + "hasExternal": true, "hasUnknown": false, - "name": "Azure Stack HCI Administrator", + "name": "LocalRulestacksAdministrator role", "permittedActions": [ { - "description": "Registers the subscription for the Azure Stack HCI resource provider and enables the creation of Azure Stack HCI resources.", - "displayName": "Registers the Azure Stack HCI Resource Provider", - "name": "Microsoft.AzureStackHCI/Register/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Unregisters the subscription for the Azure Stack HCI resource provider.", - "displayName": "Unregisters the Azure Stack HCI Resource Provider", - "name": "Microsoft.AzureStackHCI/Unregister/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets clusters", - "displayName": "Gets/List cluster resources", - "name": "Microsoft.AzureStackHCI/Clusters/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Creates or updates a cluster", - "displayName": "Create/update cluster resources", - "name": "Microsoft.AzureStackHCI/Clusters/Write", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Deletes cluster resource", - "displayName": "Deletes cluster resource", - "name": "Microsoft.AzureStackHCI/Clusters/Delete", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Adds Arc Nodes to the cluster", - "displayName": "Adds Arc Nodes to the cluster", - "name": "Microsoft.AzureStackHCI/Clusters/AddNodes/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Create cluster identity", - "displayName": "Create cluster identity", - "name": "Microsoft.AzureStackHCI/Clusters/CreateClusterIdentity/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Upload cluster certificate", - "displayName": "Upload cluster certificate", - "name": "Microsoft.AzureStackHCI/Clusters/UploadCertificate/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets arc resource of HCI cluster", - "displayName": "Gets/List arc resources", - "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "List LocalRulestackResource resources by subscription ID", + "displayName": "LocalRulestacks_ListBySubscription", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/read", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Create or updates arc resource of HCI cluster", - "displayName": "Create/Update arc resources", - "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Write", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Get a LocalRulestackResource", + "displayName": "LocalRulestacks_Get", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/read", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Delete arc resource of HCI cluster", - "displayName": "Delete arc resources", - "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Delete", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Create a LocalRulestackResource", + "displayName": "LocalRulestacks_CreateOrUpdate", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/write", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Generate password for Arc settings identity", - "displayName": "Generate password for Arc settings identity", - "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/GeneratePassword/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Delete a LocalRulestackResource", + "displayName": "LocalRulestacks_Delete", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/delete", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Create Arc settings identity", - "displayName": "Create Arc settings identity", - "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/CreateArcIdentity/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Commit rulestack configuration", + "displayName": "LocalRulestacks_commit", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/commit/action", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Updates Consent Time and Installs default extensions", - "displayName": "Updates Consent Time and Installs default extensions", - "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/ConsentAndInstallDefaultExtensions/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Get changelog", + "displayName": "LocalRulestacks_getChangeLog", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/getChangeLog/action", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Initializes disable process for arc settings resource", - "displayName": "Initializes disable process for arc settings resource", - "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/InitializeDisableProcess/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Get the list of advanced security objects", + "displayName": "LocalRulestacks_listAdvancedSecurityObjects", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/listAdvancedSecurityObjects/action", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Gets extension resource of HCI cluster", - "displayName": "Gets/List extension resources of HCI cluster", - "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "List of AppIds for LocalRulestack ApiVersion", + "displayName": "LocalRulestacks_listAppIds", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/listAppIds/action", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Create or update extension resource of HCI cluster", - "displayName": "Create/Update extension resources of HCI cluster", - "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Write", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "List of countries for Rulestack", + "displayName": "LocalRulestacks_listCountries", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/listCountries/action", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Delete extension resources of HCI cluster", - "displayName": "Delete extension resources of HCI cluster", - "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Delete", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "List of Firewalls associated with Rulestack", + "displayName": "LocalRulestacks_listFirewalls", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/listFirewalls/action", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Upgrade extension resources of HCI cluster", - "displayName": "Upgrade extension resources of HCI cluster", - "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Upgrade/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "List predefined URL categories for rulestack", + "displayName": "LocalRulestacks_listPredefinedUrlCategories", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/listPredefinedUrlCategories/action", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Gets DeploymentSettings", - "displayName": "Gets/List DeploymentSettings resources", - "name": "Microsoft.AzureStackHCI/Clusters/DeploymentSettings/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "List the security services for rulestack", + "displayName": "LocalRulestacks_listSecurityServices", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/listSecurityServices/action", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Creates or updates DeploymentSettings resource", - "displayName": "Create/update DeploymentSettings resources", - "name": "Microsoft.AzureStackHCI/Clusters/DeploymentSettings/Write", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Revert rulestack configuration", + "displayName": "LocalRulestacks_revert", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/revert/action", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Deletes DeploymentSettings resource", - "displayName": "Deletes DeploymentSettings resource", - "name": "Microsoft.AzureStackHCI/Clusters/DeploymentSettings/Delete", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "List LocalRulesResource resources by LocalRulestacks", + "displayName": "LocalRules_ListByLocalRulestacks", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules/read", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Gets SecuritySettings of HCI cluster", - "displayName": "Gets/List SecuritySettings", - "name": "Microsoft.AzureStackHCI/Clusters/SecuritySettings/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Create a LocalRulesResource", + "displayName": "LocalRules_CreateOrUpdate", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules/write", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Create or updates SecuritySettings resource of HCI cluster", - "displayName": "Create/Update SecuritySettings resources", - "name": "Microsoft.AzureStackHCI/Clusters/SecuritySettings/Write", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Delete a LocalRulesResource", + "displayName": "LocalRules_Delete", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules/delete", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Delete SecuritySettings resource of HCI cluster", - "displayName": "Delete SecuritySettings resources", - "name": "Microsoft.AzureStackHCI/Clusters/SecuritySettings/Delete", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Get counters", + "displayName": "LocalRules_getCounters", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules/getCounters/action", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Gets/Lists a network security group resource", - "displayName": "Gets/Lists a network security group resource", - "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Refresh counters", + "displayName": "LocalRules_refreshCounters", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules/refreshCounters/action", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Gets/Lists security rule resource", - "displayName": "Gets/Lists security rule resource", - "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Reset counters", + "displayName": "LocalRules_resetCounters", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules/resetCounters/action", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Creates/Updates a network security group resource", - "displayName": "Creates/Updates a network security group resource", - "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/Write", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "List FqdnListLocalRulestackResource resources by LocalRulestacks", + "displayName": "FqdnListLocalRulestack_ListByLocalRulestacks", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists/read", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Creates/Updates security rule resource", - "displayName": "Creates/Updates security rule resource", - "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Write", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Create a FqdnListLocalRulestackResource", + "displayName": "FqdnListLocalRulestack_CreateOrUpdate", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists/write", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Deletes a network security group resource", - "displayName": "Deletes a network security group resource", - "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/Delete", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Delete a FqdnListLocalRulestackResource", + "displayName": "FqdnListLocalRulestack_Delete", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists/delete", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Deletes a security rule resource", - "displayName": "Deletes a security rule resource", - "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Delete", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "List PrefixListResource resources by LocalRulestacks", + "displayName": "PrefixListLocalRulestack_ListByLocalRulestacks", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists/read", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Joins network security group resource", - "displayName": "Joins network security group resource", - "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/join/action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Create a PrefixListResource", + "displayName": "PrefixListLocalRulestack_CreateOrUpdate", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists/write", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Registers the subscription for the Microsoft.HybridCompute Resource Provider", - "displayName": "Register Subscription for Azure Arc for Servers", - "name": "Microsoft.HybridCompute/register/action", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Delete a PrefixListResource", + "displayName": "PrefixListLocalRulestack_Delete", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists/delete", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Registers the subscription for the Microsoft.GuestConfiguration resource provider.", - "displayName": "Registers the feature for Microsoft.GuestConfiguration", - "name": "Microsoft.GuestConfiguration/register/action", - "providerDisplayName": "Microsoft Guest Configuration", - "providerName": "Microsoft.GuestConfiguration" + "description": "List CertificateObjectLocalRulestackResource resources by LocalRulestacks", + "displayName": "CertificateObjectLocalRulestack_ListByLocalRulestacks", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates/read", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Get guest configuration assignment.", - "displayName": "Microsoft.GuestConfiguration/guestConfigurationAssignments/read", - "name": "Microsoft.GuestConfiguration/guestConfigurationAssignments/read", - "providerDisplayName": "Microsoft Guest Configuration", - "providerName": "Microsoft.GuestConfiguration" + "description": "Create a CertificateObjectLocalRulestackResource", + "displayName": "CertificateObjectLocalRulestack_CreateOrUpdate", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates/write", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Creates or updates a resource group.", - "displayName": "Create Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Delete a CertificateObjectLocalRulestackResource", + "displayName": "CertificateObjectLocalRulestack_Delete", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates/delete", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" }, { - "description": "Deletes a resource group and all its resources.", - "displayName": "Delete Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/delete", + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, - { - "description": "Register the subscription for Microsoft.HybridConnectivity", - "displayName": "Register the Microsoft.HybridConnectivity", - "name": "Microsoft.HybridConnectivity/register/action", - "providerDisplayName": "Microsoft.HybridConnectivity", - "providerName": "Microsoft.HybridConnectivity" - }, - { - "description": "Create a role assignment at the specified scope.", - "displayName": "Create role assignment", - "name": "Microsoft.Authorization/roleAssignments/write", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Delete a role assignment at the specified scope.", - "displayName": "Delete role assignment", - "name": "Microsoft.Authorization/roleAssignments/delete", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, + { + "description": "Reads the administrators for the subscription.", + "displayName": "Get administrator", + "name": "Microsoft.Authorization/classicAdministrators/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role assignment.", + "displayName": "Get role assignment", + "name": "Microsoft.Authorization/roleAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Lists all the permissions the caller has at a given scope.", + "displayName": "List permissions", + "name": "Microsoft.Authorization/permissions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets locks at the specified scope.", + "displayName": "Get management locks", + "name": "Microsoft.Authorization/locks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role definition.", + "displayName": "Get role definition", + "name": "Microsoft.Authorization/roleDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get operations for all resource providers which can be used in role definitions.", + "displayName": "Get operations for resource providers", + "name": "Microsoft.Authorization/providerOperations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy set definition.", + "displayName": "Get policy set definition", + "name": "Microsoft.Authorization/policySetDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy definition.", + "displayName": "Get policy definition", + "name": "Microsoft.Authorization/policyDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy assignment.", + "displayName": "Get policy assignment", + "name": "Microsoft.Authorization/policyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the list of operations", + "displayName": "Get operations", + "name": "Microsoft.Authorization/operations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the administrator opreation statuses of the subscription.", + "displayName": "Get administrator operation statuses", + "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a deny assignment.", + "displayName": "Get deny assignment", + "name": "Microsoft.Authorization/denyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about resource management private link.", + "displayName": "Get Resource Management Private Link", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection proxy.", + "displayName": "Get Private Endpoint Connection Proxy", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private link association.", + "displayName": "Get Private Link Association", + "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy exemption.", + "displayName": "Get policy exemption", + "name": "Microsoft.Authorization/policyExemptions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule requests at given scope.", + "displayName": "Get Role assignment schedule request", + "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule requests at given scope.", + "displayName": "Get Role eligibility schedule request", + "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedules at given scope.", + "displayName": "Get Role assignment schedule", + "name": "Microsoft.Authorization/roleAssignmentSchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedules at given scope.", + "displayName": "Get Role eligibility schedule", + "name": "Microsoft.Authorization/roleEligibilitySchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule instances at given scope.", + "displayName": "Get Role assignment schedule instance", + "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule instances at given scope.", + "displayName": "Get Role eligibility schedule instance", + "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get Role management policies", + "displayName": "Get Role management policy", + "name": "Microsoft.Authorization/roleManagementPolicies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get role management policy assignments", + "displayName": "Get Role management policy assignment", + "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Read the information about diagnostics settings", + "displayName": "Get information about diagnostics settings", + "name": "Microsoft.Authorization/diagnosticSettings/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get the information about diagnostic settings categories", + "displayName": "Read the information about diagnostic settings categories", + "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the availability statuses for all resources in the specified scope", + "displayName": "Get Availability Statuses", + "name": "Microsoft.ResourceHealth/AvailabilityStatuses/read", + "providerDisplayName": "Microsoft ResourceHealth", + "providerName": "Microsoft.ResourceHealth" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Create or update a classic metric alert", + "displayName": "Create or update classic metric alert", + "name": "Microsoft.Insights/AlertRules/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Delete a classic metric alert", + "displayName": "Delete classic metric alert", + "name": "Microsoft.Insights/AlertRules/Delete", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert", + "displayName": "Read classic metric alert", + "name": "Microsoft.Insights/AlertRules/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert activated", + "displayName": "Classic metric alert activated", + "name": "Microsoft.Insights/AlertRules/Activated/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert resolved", + "displayName": "Classic metric alert resolved", + "name": "Microsoft.Insights/AlertRules/Resolved/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert rule throttled", + "displayName": "Classic metric alert rule throttled", + "name": "Microsoft.Insights/AlertRules/Throttled/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert incident", + "displayName": "Read classic metric alert incidents", + "name": "Microsoft.Insights/AlertRules/Incidents/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Registers Support Resource Provider", + "displayName": "Registers Support Resource Provider", + "name": "Microsoft.Support/register/action", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Looks up resource Id for resource type", + "displayName": "Look Up Resource Id", + "name": "Microsoft.Support/lookUpResourceId/action", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Checks that name is valid and not in use for resource type", + "displayName": "Check Name Availability", + "name": "Microsoft.Support/checkNameAvailability/action", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Lists one or all support tickets", + "displayName": "Reads Support Ticket", + "name": "Microsoft.Support/supportTickets/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Allows creating and updating a support ticket", + "displayName": "Writes Support Ticket", + "name": "Microsoft.Support/supportTickets/write", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Lists one or all Azure services available for support", + "displayName": "Reads Services", + "name": "Microsoft.Support/services/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Lists one or all problem classifications for an Azure service", + "displayName": "Reads Problem Classifications", + "name": "Microsoft.Support/services/problemClassifications/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Gets the result of the asynchronous operation", + "displayName": "Get Operation Result", + "name": "Microsoft.Support/operationresults/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Gets the status of the asynchronous operation", + "displayName": "Get Operation Status", + "name": "Microsoft.Support/operationsstatus/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Lists all operations available on Microsoft.Support resource provider", + "displayName": "Lists operations", + "name": "Microsoft.Support/operations/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "PaloAltoNetworks.Cloudngfw/localRulestacks/*", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Authorization/*/read", + "Microsoft.ResourceHealth/availabilityStatuses/read", + "Microsoft.Resources/deployments/*", + "Microsoft.Insights/alertRules/*", + "Microsoft.Support/*" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Grants full access to manage backup and export resources", + "hasExternal": false, + "hasUnknown": false, + "name": "MySQL Backup And Export Operator", + "permittedActions": [ + { + "description": "Validate that the server is ready for backup.", + "displayName": "Validate MySQL Server BackupAndExport", + "name": "Microsoft.DBforMySQL/flexibleServers/validateBackup/action", + "providerDisplayName": "Microsoft DB for MySQL", + "providerName": "Microsoft.DBforMySQL" + }, + { + "description": "Creates a server backup for long term with specific backup name and export it.", + "displayName": "Create MySQL Server LTR BackupAndExport", + "name": "Microsoft.DBforMySQL/flexibleServers/backupAndExport/action", + "providerDisplayName": "Microsoft DB for MySQL", + "providerName": "Microsoft.DBforMySQL" + }, + { + "description": "Return ResourceGroup based MySQL Server Operation Results", + "displayName": "Get MySQL ResourceGroup based Server Operation Results ", + "name": "Microsoft.DBforMySQL/locations/operationResults/read", + "providerDisplayName": "Microsoft DB for MySQL", + "providerName": "Microsoft.DBforMySQL" + }, + { + "description": "Return MySQL Server Operation Results", + "displayName": "Get MySQL Server Operation Results", + "name": "Microsoft.DBforMySQL/locations/azureAsyncOperation/read", + "providerDisplayName": "Microsoft DB for MySQL", + "providerName": "Microsoft.DBforMySQL" + }, + { + "description": "Gets the list of subscriptions.", + "displayName": "Get Subscriptions", + "name": "Microsoft.Resources/subscriptions/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.DBforMySQL/flexibleServers/validateBackup/action", + "Microsoft.DBforMySQL/flexibleServers/backupAndExport/action", + "Microsoft.DBforMySQL/locations/operationResults/read", + "Microsoft.DBforMySQL/locations/azureAsyncOperation/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Grants full access to the cluster and its resources, including the ability to register Azure Stack HCI and assign others as Azure Arc HCI VM Contributor and/or Azure Arc HCI VM Reader", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Stack HCI Administrator", + "permittedActions": [ + { + "description": "Registers the subscription for the Azure Stack HCI resource provider and enables the creation of Azure Stack HCI resources.", + "displayName": "Registers the Azure Stack HCI Resource Provider", + "name": "Microsoft.AzureStackHCI/Register/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Unregisters the subscription for the Azure Stack HCI resource provider.", + "displayName": "Unregisters the Azure Stack HCI Resource Provider", + "name": "Microsoft.AzureStackHCI/Unregister/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets clusters", + "displayName": "Gets/List cluster resources", + "name": "Microsoft.AzureStackHCI/Clusters/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Creates or updates a cluster", + "displayName": "Create/update cluster resources", + "name": "Microsoft.AzureStackHCI/Clusters/Write", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Deletes cluster resource", + "displayName": "Deletes cluster resource", + "name": "Microsoft.AzureStackHCI/Clusters/Delete", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Adds Arc Nodes to the cluster", + "displayName": "Adds Arc Nodes to the cluster", + "name": "Microsoft.AzureStackHCI/Clusters/AddNodes/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Create cluster identity", + "displayName": "Create cluster identity", + "name": "Microsoft.AzureStackHCI/Clusters/CreateClusterIdentity/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Upload cluster certificate", + "displayName": "Upload cluster certificate", + "name": "Microsoft.AzureStackHCI/Clusters/UploadCertificate/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets arc resource of HCI cluster", + "displayName": "Gets/List arc resources", + "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Create or updates arc resource of HCI cluster", + "displayName": "Create/Update arc resources", + "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Write", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Delete arc resource of HCI cluster", + "displayName": "Delete arc resources", + "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Delete", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Generate password for Arc settings identity", + "displayName": "Generate password for Arc settings identity", + "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/GeneratePassword/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Create Arc settings identity", + "displayName": "Create Arc settings identity", + "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/CreateArcIdentity/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Updates Consent Time and Installs default extensions", + "displayName": "Updates Consent Time and Installs default extensions", + "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/ConsentAndInstallDefaultExtensions/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Initializes disable process for arc settings resource", + "displayName": "Initializes disable process for arc settings resource", + "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/InitializeDisableProcess/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets extension resource of HCI cluster", + "displayName": "Gets/List extension resources of HCI cluster", + "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Create or update extension resource of HCI cluster", + "displayName": "Create/Update extension resources of HCI cluster", + "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Write", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Delete extension resources of HCI cluster", + "displayName": "Delete extension resources of HCI cluster", + "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Delete", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Upgrade extension resources of HCI cluster", + "displayName": "Upgrade extension resources of HCI cluster", + "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Extensions/Upgrade/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets DeploymentSettings", + "displayName": "Gets/List DeploymentSettings resources", + "name": "Microsoft.AzureStackHCI/Clusters/DeploymentSettings/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Creates or updates DeploymentSettings resource", + "displayName": "Create/update DeploymentSettings resources", + "name": "Microsoft.AzureStackHCI/Clusters/DeploymentSettings/Write", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Deletes DeploymentSettings resource", + "displayName": "Deletes DeploymentSettings resource", + "name": "Microsoft.AzureStackHCI/Clusters/DeploymentSettings/Delete", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets SecuritySettings of HCI cluster", + "displayName": "Gets/List SecuritySettings", + "name": "Microsoft.AzureStackHCI/Clusters/SecuritySettings/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Create or updates SecuritySettings resource of HCI cluster", + "displayName": "Create/Update SecuritySettings resources", + "name": "Microsoft.AzureStackHCI/Clusters/SecuritySettings/Write", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Delete SecuritySettings resource of HCI cluster", + "displayName": "Delete SecuritySettings resources", + "name": "Microsoft.AzureStackHCI/Clusters/SecuritySettings/Delete", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists a network security group resource", + "displayName": "Gets/Lists a network security group resource", + "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists security rule resource", + "displayName": "Gets/Lists security rule resource", + "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Creates/Updates a network security group resource", + "displayName": "Creates/Updates a network security group resource", + "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/Write", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Creates/Updates security rule resource", + "displayName": "Creates/Updates security rule resource", + "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Write", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Deletes a network security group resource", + "displayName": "Deletes a network security group resource", + "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/Delete", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Deletes a security rule resource", + "displayName": "Deletes a security rule resource", + "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Delete", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Joins network security group resource", + "displayName": "Joins network security group resource", + "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/join/action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Registers the subscription for the Microsoft.HybridCompute Resource Provider", + "displayName": "Register Subscription for Azure Arc for Servers", + "name": "Microsoft.HybridCompute/register/action", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Registers the subscription for the Microsoft.GuestConfiguration resource provider.", + "displayName": "Registers the feature for Microsoft.GuestConfiguration", + "name": "Microsoft.GuestConfiguration/register/action", + "providerDisplayName": "Microsoft Guest Configuration", + "providerName": "Microsoft.GuestConfiguration" + }, + { + "description": "Get guest configuration assignment.", + "displayName": "Microsoft.GuestConfiguration/guestConfigurationAssignments/read", + "name": "Microsoft.GuestConfiguration/guestConfigurationAssignments/read", + "providerDisplayName": "Microsoft Guest Configuration", + "providerName": "Microsoft.GuestConfiguration" + }, + { + "description": "Creates or updates a resource group.", + "displayName": "Create Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Deletes a resource group and all its resources.", + "displayName": "Delete Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Register the subscription for Microsoft.HybridConnectivity", + "displayName": "Register the Microsoft.HybridConnectivity", + "name": "Microsoft.HybridConnectivity/register/action", + "providerDisplayName": "Microsoft.HybridConnectivity", + "providerName": "Microsoft.HybridConnectivity" + }, + { + "description": "Create a role assignment at the specified scope.", + "displayName": "Create role assignment", + "name": "Microsoft.Authorization/roleAssignments/write", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Delete a role assignment at the specified scope.", + "displayName": "Delete role assignment", + "name": "Microsoft.Authorization/roleAssignments/delete", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1039508,74 +1040226,6 @@ } ] }, - { - "description": "Grants full access to manage backup and export resources", - "hasExternal": false, - "hasUnknown": false, - "name": "MySQL Backup And Export Operator", - "permittedActions": [ - { - "description": "Validate that the server is ready for backup.", - "displayName": "Validate MySQL Server BackupAndExport", - "name": "Microsoft.DBforMySQL/flexibleServers/validateBackup/action", - "providerDisplayName": "Microsoft DB for MySQL", - "providerName": "Microsoft.DBforMySQL" - }, - { - "description": "Creates a server backup for long term with specific backup name and export it.", - "displayName": "Create MySQL Server LTR BackupAndExport", - "name": "Microsoft.DBforMySQL/flexibleServers/backupAndExport/action", - "providerDisplayName": "Microsoft DB for MySQL", - "providerName": "Microsoft.DBforMySQL" - }, - { - "description": "Return ResourceGroup based MySQL Server Operation Results", - "displayName": "Get MySQL ResourceGroup based Server Operation Results ", - "name": "Microsoft.DBforMySQL/locations/operationResults/read", - "providerDisplayName": "Microsoft DB for MySQL", - "providerName": "Microsoft.DBforMySQL" - }, - { - "description": "Return MySQL Server Operation Results", - "displayName": "Get MySQL Server Operation Results", - "name": "Microsoft.DBforMySQL/locations/azureAsyncOperation/read", - "providerDisplayName": "Microsoft DB for MySQL", - "providerName": "Microsoft.DBforMySQL" - }, - { - "description": "Gets the list of subscriptions.", - "displayName": "Get Subscriptions", - "name": "Microsoft.Resources/subscriptions/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.DBforMySQL/flexibleServers/validateBackup/action", - "Microsoft.DBforMySQL/flexibleServers/backupAndExport/action", - "Microsoft.DBforMySQL/locations/operationResults/read", - "Microsoft.DBforMySQL/locations/azureAsyncOperation/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Allows user to create, modify, describe, or delete NGFirewalls.", "hasExternal": true, @@ -1040212,614 +1040862,6 @@ } ] }, - { - "description": "Allows users to create, modify, describe, or delete Rulestacks.", - "hasExternal": true, - "hasUnknown": false, - "name": "LocalRulestacksAdministrator role", - "permittedActions": [ - { - "description": "List LocalRulestackResource resources by subscription ID", - "displayName": "LocalRulestacks_ListBySubscription", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/read", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Get a LocalRulestackResource", - "displayName": "LocalRulestacks_Get", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/read", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Create a LocalRulestackResource", - "displayName": "LocalRulestacks_CreateOrUpdate", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/write", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Delete a LocalRulestackResource", - "displayName": "LocalRulestacks_Delete", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/delete", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Commit rulestack configuration", - "displayName": "LocalRulestacks_commit", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/commit/action", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Get changelog", - "displayName": "LocalRulestacks_getChangeLog", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/getChangeLog/action", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Get the list of advanced security objects", - "displayName": "LocalRulestacks_listAdvancedSecurityObjects", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/listAdvancedSecurityObjects/action", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "List of AppIds for LocalRulestack ApiVersion", - "displayName": "LocalRulestacks_listAppIds", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/listAppIds/action", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "List of countries for Rulestack", - "displayName": "LocalRulestacks_listCountries", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/listCountries/action", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "List of Firewalls associated with Rulestack", - "displayName": "LocalRulestacks_listFirewalls", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/listFirewalls/action", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "List predefined URL categories for rulestack", - "displayName": "LocalRulestacks_listPredefinedUrlCategories", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/listPredefinedUrlCategories/action", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "List the security services for rulestack", - "displayName": "LocalRulestacks_listSecurityServices", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/listSecurityServices/action", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Revert rulestack configuration", - "displayName": "LocalRulestacks_revert", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/revert/action", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "List LocalRulesResource resources by LocalRulestacks", - "displayName": "LocalRules_ListByLocalRulestacks", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules/read", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Create a LocalRulesResource", - "displayName": "LocalRules_CreateOrUpdate", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules/write", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Delete a LocalRulesResource", - "displayName": "LocalRules_Delete", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules/delete", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Get counters", - "displayName": "LocalRules_getCounters", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules/getCounters/action", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Refresh counters", - "displayName": "LocalRules_refreshCounters", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules/refreshCounters/action", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Reset counters", - "displayName": "LocalRules_resetCounters", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/localRules/resetCounters/action", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "List FqdnListLocalRulestackResource resources by LocalRulestacks", - "displayName": "FqdnListLocalRulestack_ListByLocalRulestacks", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists/read", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Create a FqdnListLocalRulestackResource", - "displayName": "FqdnListLocalRulestack_CreateOrUpdate", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists/write", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Delete a FqdnListLocalRulestackResource", - "displayName": "FqdnListLocalRulestack_Delete", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/fqdnlists/delete", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "List PrefixListResource resources by LocalRulestacks", - "displayName": "PrefixListLocalRulestack_ListByLocalRulestacks", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists/read", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Create a PrefixListResource", - "displayName": "PrefixListLocalRulestack_CreateOrUpdate", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists/write", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Delete a PrefixListResource", - "displayName": "PrefixListLocalRulestack_Delete", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/prefixlists/delete", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "List CertificateObjectLocalRulestackResource resources by LocalRulestacks", - "displayName": "CertificateObjectLocalRulestack_ListByLocalRulestacks", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates/read", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Create a CertificateObjectLocalRulestackResource", - "displayName": "CertificateObjectLocalRulestack_CreateOrUpdate", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates/write", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Delete a CertificateObjectLocalRulestackResource", - "displayName": "CertificateObjectLocalRulestack_Delete", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/certificates/delete", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the availability statuses for all resources in the specified scope", - "displayName": "Get Availability Statuses", - "name": "Microsoft.ResourceHealth/AvailabilityStatuses/read", - "providerDisplayName": "Microsoft ResourceHealth", - "providerName": "Microsoft.ResourceHealth" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Create or update a classic metric alert", - "displayName": "Create or update classic metric alert", - "name": "Microsoft.Insights/AlertRules/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Delete a classic metric alert", - "displayName": "Delete classic metric alert", - "name": "Microsoft.Insights/AlertRules/Delete", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert", - "displayName": "Read classic metric alert", - "name": "Microsoft.Insights/AlertRules/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert activated", - "displayName": "Classic metric alert activated", - "name": "Microsoft.Insights/AlertRules/Activated/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert resolved", - "displayName": "Classic metric alert resolved", - "name": "Microsoft.Insights/AlertRules/Resolved/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert rule throttled", - "displayName": "Classic metric alert rule throttled", - "name": "Microsoft.Insights/AlertRules/Throttled/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert incident", - "displayName": "Read classic metric alert incidents", - "name": "Microsoft.Insights/AlertRules/Incidents/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Registers Support Resource Provider", - "displayName": "Registers Support Resource Provider", - "name": "Microsoft.Support/register/action", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Looks up resource Id for resource type", - "displayName": "Look Up Resource Id", - "name": "Microsoft.Support/lookUpResourceId/action", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Checks that name is valid and not in use for resource type", - "displayName": "Check Name Availability", - "name": "Microsoft.Support/checkNameAvailability/action", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Lists one or all support tickets", - "displayName": "Reads Support Ticket", - "name": "Microsoft.Support/supportTickets/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Allows creating and updating a support ticket", - "displayName": "Writes Support Ticket", - "name": "Microsoft.Support/supportTickets/write", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Lists one or all Azure services available for support", - "displayName": "Reads Services", - "name": "Microsoft.Support/services/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Lists one or all problem classifications for an Azure service", - "displayName": "Reads Problem Classifications", - "name": "Microsoft.Support/services/problemClassifications/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Gets the result of the asynchronous operation", - "displayName": "Get Operation Result", - "name": "Microsoft.Support/operationresults/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Gets the status of the asynchronous operation", - "displayName": "Get Operation Status", - "name": "Microsoft.Support/operationsstatus/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Lists all operations available on Microsoft.Support resource provider", - "displayName": "Lists operations", - "name": "Microsoft.Support/operations/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "PaloAltoNetworks.Cloudngfw/localRulestacks/*", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Authorization/*/read", - "Microsoft.ResourceHealth/availabilityStatuses/read", - "Microsoft.Resources/deployments/*", - "Microsoft.Insights/alertRules/*", - "Microsoft.Support/*" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Microsoft.AzureArcData service role to enable deployment of Azure Extension for SQL Server", "hasExternal": false, @@ -1040969,374 +1041011,6 @@ } ] }, - { - "description": "Has the same access as API Management Service Workspace API Developer as well as read access to users and write access to allow assigning users to groups. This role should be assigned on the service scope.", - "hasExternal": false, - "hasUnknown": false, - "name": "API Management Service Workspace API Product Manager", - "permittedActions": [ - { - "description": "Lists a collection of registered users in the specified service instance. or Gets the details of the user specified by its identifier.", - "displayName": "Get users list or Get user details", - "name": "Microsoft.ApiManagement/service/users/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of tags defined within a service instance. or Gets the details of the tag specified by its identifier.", - "displayName": "Get Tags list or Tag details", - "name": "Microsoft.ApiManagement/service/tags/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of Tag-API links in the specified service instance. or Get Tag-API details.", - "displayName": "Get links or Get Tag-API details", - "name": "Microsoft.ApiManagement/service/tags/apiLinks/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or Updates a Tag-API link.", - "displayName": "Create Tag-API link", - "name": "Microsoft.ApiManagement/service/tags/apiLinks/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Delete Tag-API link.", - "displayName": "Remove Tag-API link", - "name": "Microsoft.ApiManagement/service/tags/apiLinks/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of Tag-operation links in the specified service instance. or Get Tag-operation details.", - "displayName": "Get links or Get Tag-operation details", - "name": "Microsoft.ApiManagement/service/tags/operationLinks/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or Updates a Tag-operation link.", - "displayName": "Create Tag-operation link", - "name": "Microsoft.ApiManagement/service/tags/operationLinks/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Delete Tag-operation link.", - "displayName": "Remove Tag-operation link", - "name": "Microsoft.ApiManagement/service/tags/operationLinks/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of Tag-product links in the specified service instance. or Get Tag-product details.", - "displayName": "Get links or Get Tag-product details", - "name": "Microsoft.ApiManagement/service/tags/productLinks/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or Updates a Tag-product link.", - "displayName": "Create Tag-product link", - "name": "Microsoft.ApiManagement/service/tags/productLinks/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Delete Tag-product link.", - "displayName": "Remove Tag-product link", - "name": "Microsoft.ApiManagement/service/tags/productLinks/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of products in the specified service instance. or Gets the details of the product specified by its identifier.", - "displayName": "Get product list or Get product details", - "name": "Microsoft.ApiManagement/service/products/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of product-API links in the specified service instance. or Get product-API details.", - "displayName": "Get links or Get product-API details", - "name": "Microsoft.ApiManagement/service/products/apiLinks/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or Updates a product-API link.", - "displayName": "Create product-API link", - "name": "Microsoft.ApiManagement/service/products/apiLinks/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Delete product-API link.", - "displayName": "Remove product-API link", - "name": "Microsoft.ApiManagement/service/products/apiLinks/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of groups defined within a service instance. or Gets the details of the group specified by its identifier.", - "displayName": "Get groups list or Get group details", - "name": "Microsoft.ApiManagement/service/groups/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of user entities associated with the group.", - "displayName": "Get group users list", - "name": "Microsoft.ApiManagement/service/groups/users/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Add existing user to existing group", - "displayName": "Add user to group", - "name": "Microsoft.ApiManagement/service/groups/users/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Remove existing user from existing group.", - "displayName": "Remove user from group", - "name": "Microsoft.ApiManagement/service/groups/users/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Read metadata for an API Management Service instance", - "displayName": "Read metadata for an API Management Service instance", - "name": "Microsoft.ApiManagement/service/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of authorization servers defined within a service instance. or Gets the details of the authorization server without secrets.", - "displayName": "Get authorization service list or Get authorization server details without secrets", - "name": "Microsoft.ApiManagement/service/authorizationServers/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.ApiManagement/service/users/read", - "Microsoft.ApiManagement/service/tags/read", - "Microsoft.ApiManagement/service/tags/apiLinks/*", - "Microsoft.ApiManagement/service/tags/operationLinks/*", - "Microsoft.ApiManagement/service/tags/productLinks/*", - "Microsoft.ApiManagement/service/products/read", - "Microsoft.ApiManagement/service/products/apiLinks/*", - "Microsoft.ApiManagement/service/groups/read", - "Microsoft.ApiManagement/service/groups/users/*", - "Microsoft.ApiManagement/service/read", - "Microsoft.ApiManagement/service/authorizationServers/read", - "Microsoft.Authorization/*/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Has read access to entities in the workspace and read and write access to entities for editing APIs. This role should be assigned on the workspace scope.", "hasExternal": false, @@ -1042548,11 +1042222,46 @@ ] }, { - "description": "Has read-only access to entities in the workspace. This role should be assigned on the workspace scope.", + "description": "Can manage the workspace and view, but not modify its members. This role should be assigned on the workspace scope.", "hasExternal": false, "hasUnknown": false, - "name": "API Management Workspace Reader", + "name": "API Management Workspace Contributor", "permittedActions": [ + { + "description": "Joins a service workspace. Not Alertable.", + "displayName": "Join an API Management service workspace", + "name": "Microsoft.ApiManagement/service/workspaces/join/action", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of Workspaces defined within a service instance. or Gets the details of the Workspace specified by its identifier.", + "displayName": "Get list of Workspaces or Workspace details", + "name": "Microsoft.ApiManagement/service/workspaces/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Creates Workspace. or Updates the details of the Workspace specified by its identifier.", + "displayName": "Add Workspace or Update Workspace", + "name": "Microsoft.ApiManagement/service/workspaces/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes specific Workspace of the API Management service instance.", + "displayName": "Remove Workspace", + "name": "Microsoft.ApiManagement/service/workspaces/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Sends notification to a specified user", + "displayName": "Send notification", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/action", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of named values defined within a service instance. or Gets the details of the named value specified by its identifier.", "displayName": "Get all named values or Get named value details", @@ -1042560,6 +1042269,34 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or updates named value. or Updates the specific named value.", + "displayName": "Create named value or Update named value", + "name": "Microsoft.ApiManagement/service/workspaces/namedValues/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes specific named value from the API Management service instance.", + "displayName": "Remove named value", + "name": "Microsoft.ApiManagement/service/workspaces/namedValues/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Gets the secret of the named value specified by its identifier.", + "displayName": "Get the value", + "name": "Microsoft.ApiManagement/service/workspaces/namedValues/listValue/action", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Refreshes named value by fetching it from Key Vault.", + "displayName": "Refresh certificate from KeyVault", + "name": "Microsoft.ApiManagement/service/workspaces/namedValues/refreshSecret/action", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists all APIs of the API Management service instance. or Gets the details of the API specified by its identifier.", "displayName": "Get API list or Get API details", @@ -1042567,6 +1042304,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates new or updates existing specified API of the API Management service instance. or Updates the specified API of the API Management service instance.", + "displayName": "Create API or Update API", + "name": "Microsoft.ApiManagement/service/workspaces/apis/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes the specified API of the API Management service instance.", + "displayName": "Remove API", + "name": "Microsoft.ApiManagement/service/workspaces/apis/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of the operations for the specified API. or Gets the details of the API Operation specified by its identifier.", "displayName": "Get API operations or Get API operation details", @@ -1042574,6 +1042325,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates a new operation in the API or updates an existing one. or Updates the details of the operation in the API specified by its identifier.", + "displayName": "Create API operation or Update API operation", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes the specified operation in the API.", + "displayName": "Remove API operation", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Get the list of policy configuration at the API Operation level. or Get the policy configuration at the API Operation level.", "displayName": "Get API Operation policies or Get API operation policy configuration", @@ -1042581,6 +1042346,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or updates policy configuration for the API Operation level.", + "displayName": "Set API operation policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/policies/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes the policy configuration at the Api Operation.", + "displayName": "Remove API Operation policy configuration from policies", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/policies/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Get the policy configuration at the API level. or Get the policy configuration at the API level.", "displayName": "Get API policies or Get API policy configuration", @@ -1042588,6 +1042367,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or updates policy configuration for the API.", + "displayName": "Set API policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/apis/policies/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes the policy configuration at the Api.", + "displayName": "Remove API policy configuration from policies", + "name": "Microsoft.ApiManagement/service/workspaces/apis/policies/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Get the schema configuration at the API level. or Get the schema configuration at the API level.", "displayName": "Gets the schemas stored for a given API or Gets schemas for the API", @@ -1042595,6 +1042388,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or updates schema configuration for the API.", + "displayName": "Sets schema used by the API", + "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes the schema configuration at the Api.", + "displayName": "Removes schema for the API", + "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Get the document describing the Schema", "displayName": "Get the document for the schema", @@ -1042602,6 +1042409,13 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Update the document describing the Schema", + "displayName": "Update the document for the schema", + "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/document/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of API Version Sets in the specified service instance. or Gets the details of the Api Version Set specified by its identifier.", "displayName": "Get version set list or Get versionSet details", @@ -1042609,6 +1042423,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or Updates a Api Version Set. or Updates the details of the Api VersionSet specified by its identifier.", + "displayName": "Create VersionSet or Update VersionSet", + "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes specific Api Version Set.", + "displayName": "Remove VersionSet", + "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Get list of version entities", "displayName": "Get VersionSet version entity list", @@ -1042623,6 +1042451,41 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or updates the subscription of specified user to the specified product. or Updates the details of a subscription specified by its identifier.", + "displayName": "Subscribe to product or Update subscription", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes the specified subscription.", + "displayName": "Delete subscription", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Regenerates primary key of existing subscription of the API Management service instance.", + "displayName": "Regenerate subscription PK", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/regeneratePrimaryKey/action", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Regenerates secondary key of existing subscription of the API Management service instance.", + "displayName": "Regenerate subscription SK", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/regenerateSecondaryKey/action", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Gets the specified Subscription keys.", + "displayName": "Get subscripiton keys", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/listSecrets/action", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of products in the specified service instance. or Gets the details of the product specified by its identifier.", "displayName": "Get product list or Get product details", @@ -1042630,6 +1042493,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or Updates a product. or Update existing product details.", + "displayName": "Create product or Update product", + "name": "Microsoft.ApiManagement/service/workspaces/products/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Delete product.", + "displayName": "Remove product", + "name": "Microsoft.ApiManagement/service/workspaces/products/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Get the policy configuration at the Product level. or Get the policy configuration at the Product level.", "displayName": "Get Product policies or Get Product policy configuration", @@ -1042637,6 +1042514,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or updates policy configuration for the Product.", + "displayName": "Set Product policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/products/policies/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes the policy configuration at the Product.", + "displayName": "Remove Product policy configuration from policies", + "name": "Microsoft.ApiManagement/service/workspaces/products/policies/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Get the policy configuration at the Workspace level. or Get the policy configuration at the Workspace level.", "displayName": "Get Workspace policies or Get Workspace policy configuration", @@ -1042644,6 +1042535,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or updates policy configuration for the Workspace.", + "displayName": "Set Workspace policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/policies/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes the policy configuration at the Workspace.", + "displayName": "Remove Workspace policy configuration from policies", + "name": "Microsoft.ApiManagement/service/workspaces/policies/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of product-group links in the specified service instance. or Get product-group details.", "displayName": "Get links or Get product-group details", @@ -1042651,6 +1042556,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or Updates a product-group link.", + "displayName": "Create product-group link", + "name": "Microsoft.ApiManagement/service/workspaces/products/groupLinks/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Delete product-group link.", + "displayName": "Remove product-group link", + "name": "Microsoft.ApiManagement/service/workspaces/products/groupLinks/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of product-API links in the specified service instance. or Get product-API details.", "displayName": "Get links or Get product-API details", @@ -1042658,6 +1042577,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or Updates a product-API link.", + "displayName": "Create product-API link", + "name": "Microsoft.ApiManagement/service/workspaces/products/apiLinks/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Delete product-API link.", + "displayName": "Remove product-API link", + "name": "Microsoft.ApiManagement/service/workspaces/products/apiLinks/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of tags defined within a service instance. or Gets the details of the tag specified by its identifier.", "displayName": "Get Tags list or Tag details", @@ -1042665,6 +1042598,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates a tag. or Updates the details of the tag specified by its identifier.", + "displayName": "Add Tag or Update Tag", + "name": "Microsoft.ApiManagement/service/workspaces/tags/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes specific tag of the API Management service instance.", + "displayName": "Remove Tag", + "name": "Microsoft.ApiManagement/service/workspaces/tags/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of Tag-API links in the specified service instance. or Get Tag-API details.", "displayName": "Get links or Get Tag-API details", @@ -1042672,6 +1042619,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or Updates a Tag-API link.", + "displayName": "Create Tag-API link", + "name": "Microsoft.ApiManagement/service/workspaces/tags/apiLinks/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Delete Tag-API link.", + "displayName": "Remove Tag-API link", + "name": "Microsoft.ApiManagement/service/workspaces/tags/apiLinks/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of Tag-product links in the specified service instance. or Get Tag-product details.", "displayName": "Get links or Get Tag-product details", @@ -1042679,6 +1042640,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or Updates a Tag-product link.", + "displayName": "Create Tag-product link", + "name": "Microsoft.ApiManagement/service/workspaces/tags/productLinks/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Delete Tag-product link.", + "displayName": "Remove Tag-product link", + "name": "Microsoft.ApiManagement/service/workspaces/tags/productLinks/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of Tag-operation links in the specified service instance. or Get Tag-operation details.", "displayName": "Get links or Get Tag-operation details", @@ -1042686,6 +1042661,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or Updates a Tag-operation link.", + "displayName": "Create Tag-operation link", + "name": "Microsoft.ApiManagement/service/workspaces/tags/operationLinks/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Delete Tag-operation link.", + "displayName": "Remove Tag-operation link", + "name": "Microsoft.ApiManagement/service/workspaces/tags/operationLinks/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Gets the list of the Notification Recipient User subscribed to the notification.", "displayName": "Get recipient users for the Notification", @@ -1042693,6 +1042682,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Adds the API Management User to the list of Recipients for the Notification.", + "displayName": "Add user to notification", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientUsers/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Removes the API Management user from the list of Notification.", + "displayName": "Removes user from notification recipients", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientUsers/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Gets the list of the Notification Recipient Emails subscribed to a notification.", "displayName": "Get Email Recipients associated with Publisher Notification", @@ -1042700,6 +1042703,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Adds the Email address to the list of Recipients for the Notification.", + "displayName": "Create new email recipient", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientEmails/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Removes the email from the list of Notification.", + "displayName": "Removes email associated with notification", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientEmails/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of schemas registered. or Gets the details of the Schema specified by its identifier.", "displayName": "Get schemas list or Get schema details", @@ -1042707,6 +1042724,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or updates an Schema to be used in Api Management instance.", + "displayName": "Create schema", + "name": "Microsoft.ApiManagement/service/workspaces/schemas/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes specific Schema.", + "displayName": "Remove schema", + "name": "Microsoft.ApiManagement/service/workspaces/schemas/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists all releases of an API. An API release is created when making an API Revision current. Releases are also used to rollback to previous revisions. Results will be paged and can be constrained by the $top and $skip parameters. or Returns the details of an API release.", "displayName": "Get revisions for an API or Get API release details", @@ -1042714,6 +1042745,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Removes all releases of the API or Deletes the specified release in the API.", + "displayName": "Removes all releases of the API or Delete API release", + "name": "Microsoft.ApiManagement/service/workspaces/apis/releases/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Creates a new Release for the API. or Updates the details of the release of the API specified by its identifier.", + "displayName": "Create API release or Update API release", + "name": "Microsoft.ApiManagement/service/workspaces/apis/releases/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists all Tags associated with the Operation. or Get tag associated with the Operation.", "displayName": "Get tags associated with the Operation or Tag details", @@ -1042721,6 +1042766,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Assign tag to the Operation.", + "displayName": "Associate Tag with Operation", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/tags/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Detach the tag from the Operation.", + "displayName": "Delete Tag with Operation association", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/tags/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists all revisions of an API.", "displayName": "Get revisions for an API", @@ -1042742,6 +1042801,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Assign tag to the Api.", + "displayName": "Add Tag", + "name": "Microsoft.ApiManagement/service/workspaces/apis/tags/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Detach the tag from the Api.", + "displayName": "Remove Tag", + "name": "Microsoft.ApiManagement/service/workspaces/apis/tags/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of operations associated with tags.", "displayName": "Get Operation-Tag associations list", @@ -1042756,6 +1042829,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Adds an API to the specified product.", + "displayName": "Add API to product", + "name": "Microsoft.ApiManagement/service/workspaces/products/apis/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes the specified API from the specified product.", + "displayName": "Remove API from product", + "name": "Microsoft.ApiManagement/service/workspaces/products/apis/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists the collection of developer groups associated with the specified product.", "displayName": "Get product groups list", @@ -1042763,6 +1042850,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Adds the association between the specified developer group with the specified product.", + "displayName": "Associate group with product", + "name": "Microsoft.ApiManagement/service/workspaces/products/groups/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes the association between the specified group and product.", + "displayName": "Delete group with product association", + "name": "Microsoft.ApiManagement/service/workspaces/products/groups/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists the collection of subscriptions to the specified product.", "displayName": "Get product subscriptions list", @@ -1042777,6 +1042878,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Assign tag to the Product.", + "displayName": "Associate Tag with Product", + "name": "Microsoft.ApiManagement/service/workspaces/products/tags/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Detach the tag from the Product.", + "displayName": "Delete Tag with Product association", + "name": "Microsoft.ApiManagement/service/workspaces/products/tags/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of groups defined within a service instance. or Gets the details of the group specified by its identifier.", "displayName": "Get groups list or Get group details", @@ -1042784,6 +1042899,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or Updates a group. or Updates the details of the group specified by its identifier.", + "displayName": "Create group or Update group", + "name": "Microsoft.ApiManagement/service/workspaces/groups/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes specific group of the API Management service instance.", + "displayName": "Remove group", + "name": "Microsoft.ApiManagement/service/workspaces/groups/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of user entities associated with the group.", "displayName": "Get group users list", @@ -1042791,6 +1042920,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Add existing user to existing group", + "displayName": "Add user to group", + "name": "Microsoft.ApiManagement/service/workspaces/groups/users/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Remove existing user from existing group.", + "displayName": "Remove user from group", + "name": "Microsoft.ApiManagement/service/workspaces/groups/users/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Gets all policy fragments. or Gets a policy fragment.", "displayName": "Get policy fragments or Get policy fragment", @@ -1042798,6 +1042941,27 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or updates a policy fragment.", + "displayName": "Set policy fragment", + "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes a policy fragment.", + "displayName": "Delete policy fragment", + "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists policy resources that reference the policy fragment.", + "displayName": "List policy fragment references", + "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/listReferences/action", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of properties defined within a service instance. or Gets the details of the Notification specified by its identifier.", "displayName": "Get all publisher notifications or Get publisher notification details", @@ -1042805,6 +1042969,13 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Create or Update API Management publisher notification.", + "displayName": "Create publisher notification", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists all Documentations of the API Management service instance. or Gets the details of the documentation specified by its identifier.", "displayName": "Get documentations list or Get documentation details", @@ -1042812,6 +1042983,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or Updates a documentation. or Updates the specified documentation of the API Management service instance.", + "displayName": "Create documentation or Update documentation", + "name": "Microsoft.ApiManagement/service/workspaces/documentations/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Delete documentation.", + "displayName": "Remove documentation", + "name": "Microsoft.ApiManagement/service/workspaces/documentations/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of all certificates in the specified workspace or Gets the details of the certificate specified by its identifier.", "displayName": "Get certificates list or Get cerificate details", @@ -1042819,6 +1043004,27 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or updates the certificate being used for authentication with the backend.", + "displayName": "Add certificate", + "name": "Microsoft.ApiManagement/service/workspaces/certificates/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes specific certificate.", + "displayName": "Remove certificate", + "name": "Microsoft.ApiManagement/service/workspaces/certificates/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Refreshes certificate by fetching it from Key Vault.", + "displayName": "Refresh certificate from KeyVault", + "name": "Microsoft.ApiManagement/service/workspaces/certificates/refreshSecret/action", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of loggers in the specified workspace. or Gets the details of the logger specified by its identifier.", "displayName": "Get loggers list or Get logger details", @@ -1042826,6 +1043032,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or Updates a logger. or Updates an existing logger.", + "displayName": "Add logger or Update logger", + "name": "Microsoft.ApiManagement/service/workspaces/loggers/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes the specified logger.", + "displayName": "Remove logger", + "name": "Microsoft.ApiManagement/service/workspaces/loggers/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists all diagnostics of an API. or Gets the details of the Diagnostic for an API specified by its identifier.", "displayName": "Get diagnostics list or Get diagnostic details", @@ -1042833,6 +1043053,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates a new Diagnostic for an API or updates an existing one. or Updates the details of the Diagnostic for an API specified by its identifier.", + "displayName": "Add diagnostic or Update diagnostic", + "name": "Microsoft.ApiManagement/service/workspaces/apis/diagnostics/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes the specified Diagnostic from an API.", + "displayName": "Remove diagnostic", + "name": "Microsoft.ApiManagement/service/workspaces/apis/diagnostics/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists a collection of backed in the specified service instance. or Gets the details of the backend specified by its identifier.", "displayName": "Get list of backend or Get backend details", @@ -1042840,6 +1043074,27 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates or Updates a Api Version Set. or Updates the details of the backend specified by its identifier.", + "displayName": "Add Backend or Update backend", + "name": "Microsoft.ApiManagement/service/workspaces/backends/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes specific Api Version Set.", + "displayName": "Remove backend", + "name": "Microsoft.ApiManagement/service/workspaces/backends/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Notifies the APIM proxy to create a new connection to the backend after the specified timeout. If no timeout was specified, timeout of 2 minutes is used.", + "displayName": "Create Request", + "name": "Microsoft.ApiManagement/service/workspaces/backends/reconnect/action", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Lists all diagnostics of a workspace. or Gets the details of the Diagnostic for a workspace specified by its identifier.", "displayName": "Get diagnostics list or Get diagnostic details", @@ -1042847,6 +1043102,20 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Creates a new Diagnostic for a workspace or updates an existing one. or Updates the details of the Diagnostic for a workspace specified by its identifier.", + "displayName": "Add diagnostic or Update diagnostic", + "name": "Microsoft.ApiManagement/service/workspaces/diagnostics/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes the specified Diagnostic from a workspace.", + "displayName": "Remove diagnostic", + "name": "Microsoft.ApiManagement/service/workspaces/diagnostics/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1043041,7 +1043310,7 @@ "rawPermissions": [ { "actions": [ - "Microsoft.ApiManagement/service/workspaces/*/read", + "Microsoft.ApiManagement/service/workspaces/*", "Microsoft.Authorization/*/read" ], "condition": null, @@ -1043053,10 +1043322,10 @@ ] }, { - "description": "Has read access to entities in the workspace and read and write access to entities for publishing APIs. This role should be assigned on the workspace scope.", + "description": "Has read-only access to entities in the workspace. This role should be assigned on the workspace scope.", "hasExternal": false, "hasUnknown": false, - "name": "API Management Workspace API Product Manager", + "name": "API Management Workspace Reader", "permittedActions": [ { "description": "Lists a collection of named values defined within a service instance. or Gets the details of the named value specified by its identifier.", @@ -1043352,391 +1043621,6 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, - { - "description": "Lists a collection of products in the specified service instance. or Gets the details of the product specified by its identifier.", - "displayName": "Get product list or Get product details", - "name": "Microsoft.ApiManagement/service/workspaces/products/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or Updates a product. or Update existing product details.", - "displayName": "Create product or Update product", - "name": "Microsoft.ApiManagement/service/workspaces/products/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Delete product.", - "displayName": "Remove product", - "name": "Microsoft.ApiManagement/service/workspaces/products/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Get the policy configuration at the Product level. or Get the policy configuration at the Product level.", - "displayName": "Get Product policies or Get Product policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/products/policies/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or updates policy configuration for the Product.", - "displayName": "Set Product policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/products/policies/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Deletes the policy configuration at the Product.", - "displayName": "Remove Product policy configuration from policies", - "name": "Microsoft.ApiManagement/service/workspaces/products/policies/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of product-group links in the specified service instance. or Get product-group details.", - "displayName": "Get links or Get product-group details", - "name": "Microsoft.ApiManagement/service/workspaces/products/groupLinks/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or Updates a product-group link.", - "displayName": "Create product-group link", - "name": "Microsoft.ApiManagement/service/workspaces/products/groupLinks/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Delete product-group link.", - "displayName": "Remove product-group link", - "name": "Microsoft.ApiManagement/service/workspaces/products/groupLinks/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of product-API links in the specified service instance. or Get product-API details.", - "displayName": "Get links or Get product-API details", - "name": "Microsoft.ApiManagement/service/workspaces/products/apiLinks/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or Updates a product-API link.", - "displayName": "Create product-API link", - "name": "Microsoft.ApiManagement/service/workspaces/products/apiLinks/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Delete product-API link.", - "displayName": "Remove product-API link", - "name": "Microsoft.ApiManagement/service/workspaces/products/apiLinks/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of the APIs associated with a product.", - "displayName": "Get product APIs list", - "name": "Microsoft.ApiManagement/service/workspaces/products/apis/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Adds an API to the specified product.", - "displayName": "Add API to product", - "name": "Microsoft.ApiManagement/service/workspaces/products/apis/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Deletes the specified API from the specified product.", - "displayName": "Remove API from product", - "name": "Microsoft.ApiManagement/service/workspaces/products/apis/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists the collection of developer groups associated with the specified product.", - "displayName": "Get product groups list", - "name": "Microsoft.ApiManagement/service/workspaces/products/groups/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Adds the association between the specified developer group with the specified product.", - "displayName": "Associate group with product", - "name": "Microsoft.ApiManagement/service/workspaces/products/groups/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Deletes the association between the specified group and product.", - "displayName": "Delete group with product association", - "name": "Microsoft.ApiManagement/service/workspaces/products/groups/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists the collection of subscriptions to the specified product.", - "displayName": "Get product subscriptions list", - "name": "Microsoft.ApiManagement/service/workspaces/products/subscriptions/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists all Tags associated with the Product. or Get tag associated with the Product.", - "displayName": "Get product tags or Tag details", - "name": "Microsoft.ApiManagement/service/workspaces/products/tags/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Assign tag to the Product.", - "displayName": "Associate Tag with Product", - "name": "Microsoft.ApiManagement/service/workspaces/products/tags/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Detach the tag from the Product.", - "displayName": "Delete Tag with Product association", - "name": "Microsoft.ApiManagement/service/workspaces/products/tags/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists all subscriptions of the API Management service instance. or Gets the specified Subscription entity (without keys).", - "displayName": "Get subscriptions list or Get subscripiton details", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or updates the subscription of specified user to the specified product. or Updates the details of a subscription specified by its identifier.", - "displayName": "Subscribe to product or Update subscription", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Deletes the specified subscription.", - "displayName": "Delete subscription", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Regenerates primary key of existing subscription of the API Management service instance.", - "displayName": "Regenerate subscription PK", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/regeneratePrimaryKey/action", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Regenerates secondary key of existing subscription of the API Management service instance.", - "displayName": "Regenerate subscription SK", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/regenerateSecondaryKey/action", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Gets the specified Subscription keys.", - "displayName": "Get subscripiton keys", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/listSecrets/action", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of groups defined within a service instance. or Gets the details of the group specified by its identifier.", - "displayName": "Get groups list or Get group details", - "name": "Microsoft.ApiManagement/service/workspaces/groups/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or Updates a group. or Updates the details of the group specified by its identifier.", - "displayName": "Create group or Update group", - "name": "Microsoft.ApiManagement/service/workspaces/groups/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Deletes specific group of the API Management service instance.", - "displayName": "Remove group", - "name": "Microsoft.ApiManagement/service/workspaces/groups/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of user entities associated with the group.", - "displayName": "Get group users list", - "name": "Microsoft.ApiManagement/service/workspaces/groups/users/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Add existing user to existing group", - "displayName": "Add user to group", - "name": "Microsoft.ApiManagement/service/workspaces/groups/users/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Remove existing user from existing group.", - "displayName": "Remove user from group", - "name": "Microsoft.ApiManagement/service/workspaces/groups/users/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of tags defined within a service instance. or Gets the details of the tag specified by its identifier.", - "displayName": "Get Tags list or Tag details", - "name": "Microsoft.ApiManagement/service/workspaces/tags/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates a tag. or Updates the details of the tag specified by its identifier.", - "displayName": "Add Tag or Update Tag", - "name": "Microsoft.ApiManagement/service/workspaces/tags/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Deletes specific tag of the API Management service instance.", - "displayName": "Remove Tag", - "name": "Microsoft.ApiManagement/service/workspaces/tags/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of Tag-API links in the specified service instance. or Get Tag-API details.", - "displayName": "Get links or Get Tag-API details", - "name": "Microsoft.ApiManagement/service/workspaces/tags/apiLinks/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or Updates a Tag-API link.", - "displayName": "Create Tag-API link", - "name": "Microsoft.ApiManagement/service/workspaces/tags/apiLinks/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Delete Tag-API link.", - "displayName": "Remove Tag-API link", - "name": "Microsoft.ApiManagement/service/workspaces/tags/apiLinks/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of Tag-product links in the specified service instance. or Get Tag-product details.", - "displayName": "Get links or Get Tag-product details", - "name": "Microsoft.ApiManagement/service/workspaces/tags/productLinks/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or Updates a Tag-product link.", - "displayName": "Create Tag-product link", - "name": "Microsoft.ApiManagement/service/workspaces/tags/productLinks/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Delete Tag-product link.", - "displayName": "Remove Tag-product link", - "name": "Microsoft.ApiManagement/service/workspaces/tags/productLinks/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of Tag-operation links in the specified service instance. or Get Tag-operation details.", - "displayName": "Get links or Get Tag-operation details", - "name": "Microsoft.ApiManagement/service/workspaces/tags/operationLinks/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or Updates a Tag-operation link.", - "displayName": "Create Tag-operation link", - "name": "Microsoft.ApiManagement/service/workspaces/tags/operationLinks/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Delete Tag-operation link.", - "displayName": "Remove Tag-operation link", - "name": "Microsoft.ApiManagement/service/workspaces/tags/operationLinks/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Sends notification to a specified user", - "displayName": "Send notification", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/action", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Gets the list of the Notification Recipient User subscribed to the notification.", - "displayName": "Get recipient users for the Notification", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientUsers/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Adds the API Management User to the list of Recipients for the Notification.", - "displayName": "Add user to notification", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientUsers/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Removes the API Management user from the list of Notification.", - "displayName": "Removes user from notification recipients", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientUsers/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Gets the list of the Notification Recipient Emails subscribed to a notification.", - "displayName": "Get Email Recipients associated with Publisher Notification", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientEmails/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Adds the Email address to the list of Recipients for the Notification.", - "displayName": "Create new email recipient", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientEmails/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Removes the email from the list of Notification.", - "displayName": "Removes email associated with notification", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientEmails/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of properties defined within a service instance. or Gets the details of the Notification specified by its identifier.", - "displayName": "Get all publisher notifications or Get publisher notification details", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Create or Update API Management publisher notification.", - "displayName": "Create publisher notification", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1043932,11 +1043816,6 @@ { "actions": [ "Microsoft.ApiManagement/service/workspaces/*/read", - "Microsoft.ApiManagement/service/workspaces/products/*", - "Microsoft.ApiManagement/service/workspaces/subscriptions/*", - "Microsoft.ApiManagement/service/workspaces/groups/*", - "Microsoft.ApiManagement/service/workspaces/tags/*", - "Microsoft.ApiManagement/service/workspaces/notifications/*", "Microsoft.Authorization/*/read" ], "condition": null, @@ -1043948,702 +1043827,540 @@ ] }, { - "description": "Has read access to tags and products and write access to allow: assigning APIs to products, assigning tags to products and APIs. This role should be assigned on the service scope.", + "description": "Has read access to entities in the workspace and read and write access to entities for publishing APIs. This role should be assigned on the workspace scope.", "hasExternal": false, "hasUnknown": false, - "name": "API Management Service Workspace API Developer", + "name": "API Management Workspace API Product Manager", "permittedActions": [ { - "description": "Lists a collection of tags defined within a service instance. or Gets the details of the tag specified by its identifier.", - "displayName": "Get Tags list or Tag details", - "name": "Microsoft.ApiManagement/service/tags/read", + "description": "Lists a collection of named values defined within a service instance. or Gets the details of the named value specified by its identifier.", + "displayName": "Get all named values or Get named value details", + "name": "Microsoft.ApiManagement/service/workspaces/namedValues/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of Tag-API links in the specified service instance. or Get Tag-API details.", - "displayName": "Get links or Get Tag-API details", - "name": "Microsoft.ApiManagement/service/tags/apiLinks/read", + "description": "Lists all APIs of the API Management service instance. or Gets the details of the API specified by its identifier.", + "displayName": "Get API list or Get API details", + "name": "Microsoft.ApiManagement/service/workspaces/apis/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a Tag-API link.", - "displayName": "Create Tag-API link", - "name": "Microsoft.ApiManagement/service/tags/apiLinks/write", + "description": "Lists a collection of the operations for the specified API. or Gets the details of the API Operation specified by its identifier.", + "displayName": "Get API operations or Get API operation details", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Delete Tag-API link.", - "displayName": "Remove Tag-API link", - "name": "Microsoft.ApiManagement/service/tags/apiLinks/delete", + "description": "Get the list of policy configuration at the API Operation level. or Get the policy configuration at the API Operation level.", + "displayName": "Get API Operation policies or Get API operation policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/policies/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of Tag-operation links in the specified service instance. or Get Tag-operation details.", - "displayName": "Get links or Get Tag-operation details", - "name": "Microsoft.ApiManagement/service/tags/operationLinks/read", + "description": "Get the policy configuration at the API level. or Get the policy configuration at the API level.", + "displayName": "Get API policies or Get API policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/apis/policies/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a Tag-operation link.", - "displayName": "Create Tag-operation link", - "name": "Microsoft.ApiManagement/service/tags/operationLinks/write", + "description": "Get the schema configuration at the API level. or Get the schema configuration at the API level.", + "displayName": "Gets the schemas stored for a given API or Gets schemas for the API", + "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Delete Tag-operation link.", - "displayName": "Remove Tag-operation link", - "name": "Microsoft.ApiManagement/service/tags/operationLinks/delete", + "description": "Get the document describing the Schema", + "displayName": "Get the document for the schema", + "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/document/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of Tag-product links in the specified service instance. or Get Tag-product details.", - "displayName": "Get links or Get Tag-product details", - "name": "Microsoft.ApiManagement/service/tags/productLinks/read", + "description": "Lists a collection of API Version Sets in the specified service instance. or Gets the details of the Api Version Set specified by its identifier.", + "displayName": "Get version set list or Get versionSet details", + "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a Tag-product link.", - "displayName": "Create Tag-product link", - "name": "Microsoft.ApiManagement/service/tags/productLinks/write", + "description": "Get list of version entities", + "displayName": "Get VersionSet version entity list", + "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/versions/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Delete Tag-product link.", - "displayName": "Remove Tag-product link", - "name": "Microsoft.ApiManagement/service/tags/productLinks/delete", + "description": "Lists all subscriptions of the API Management service instance. or Gets the specified Subscription entity (without keys).", + "displayName": "Get subscriptions list or Get subscripiton details", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { "description": "Lists a collection of products in the specified service instance. or Gets the details of the product specified by its identifier.", "displayName": "Get product list or Get product details", - "name": "Microsoft.ApiManagement/service/products/read", + "name": "Microsoft.ApiManagement/service/workspaces/products/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of product-API links in the specified service instance. or Get product-API details.", - "displayName": "Get links or Get product-API details", - "name": "Microsoft.ApiManagement/service/products/apiLinks/read", + "description": "Get the policy configuration at the Product level. or Get the policy configuration at the Product level.", + "displayName": "Get Product policies or Get Product policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/products/policies/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a product-API link.", - "displayName": "Create product-API link", - "name": "Microsoft.ApiManagement/service/products/apiLinks/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Delete product-API link.", - "displayName": "Remove product-API link", - "name": "Microsoft.ApiManagement/service/products/apiLinks/delete", + "description": "Get the policy configuration at the Workspace level. or Get the policy configuration at the Workspace level.", + "displayName": "Get Workspace policies or Get Workspace policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/policies/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Read metadata for an API Management Service instance", - "displayName": "Read metadata for an API Management Service instance", - "name": "Microsoft.ApiManagement/service/read", + "description": "Lists a collection of product-group links in the specified service instance. or Get product-group details.", + "displayName": "Get links or Get product-group details", + "name": "Microsoft.ApiManagement/service/workspaces/products/groupLinks/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of authorization servers defined within a service instance. or Gets the details of the authorization server without secrets.", - "displayName": "Get authorization service list or Get authorization server details without secrets", - "name": "Microsoft.ApiManagement/service/authorizationServers/read", + "description": "Lists a collection of product-API links in the specified service instance. or Get product-API details.", + "displayName": "Get links or Get product-API details", + "name": "Microsoft.ApiManagement/service/workspaces/products/apiLinks/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Lists a collection of tags defined within a service instance. or Gets the details of the tag specified by its identifier.", + "displayName": "Get Tags list or Tag details", + "name": "Microsoft.ApiManagement/service/workspaces/tags/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" }, { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Lists a collection of Tag-API links in the specified service instance. or Get Tag-API details.", + "displayName": "Get links or Get Tag-API details", + "name": "Microsoft.ApiManagement/service/workspaces/tags/apiLinks/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" }, { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Lists a collection of Tag-product links in the specified service instance. or Get Tag-product details.", + "displayName": "Get links or Get Tag-product details", + "name": "Microsoft.ApiManagement/service/workspaces/tags/productLinks/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" }, { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Lists a collection of Tag-operation links in the specified service instance. or Get Tag-operation details.", + "displayName": "Get links or Get Tag-operation details", + "name": "Microsoft.ApiManagement/service/workspaces/tags/operationLinks/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" }, { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Gets the list of the Notification Recipient User subscribed to the notification.", + "displayName": "Get recipient users for the Notification", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientUsers/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" }, { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Gets the list of the Notification Recipient Emails subscribed to a notification.", + "displayName": "Get Email Recipients associated with Publisher Notification", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientEmails/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" }, { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Lists a collection of schemas registered. or Gets the details of the Schema specified by its identifier.", + "displayName": "Get schemas list or Get schema details", + "name": "Microsoft.ApiManagement/service/workspaces/schemas/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" }, { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Lists all releases of an API. An API release is created when making an API Revision current. Releases are also used to rollback to previous revisions. Results will be paged and can be constrained by the $top and $skip parameters. or Returns the details of an API release.", + "displayName": "Get revisions for an API or Get API release details", + "name": "Microsoft.ApiManagement/service/workspaces/apis/releases/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" }, { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Lists all Tags associated with the Operation. or Get tag associated with the Operation.", + "displayName": "Get tags associated with the Operation or Tag details", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/tags/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" }, { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.ApiManagement/service/tags/read", - "Microsoft.ApiManagement/service/tags/apiLinks/*", - "Microsoft.ApiManagement/service/tags/operationLinks/*", - "Microsoft.ApiManagement/service/tags/productLinks/*", - "Microsoft.ApiManagement/service/products/read", - "Microsoft.ApiManagement/service/products/apiLinks/*", - "Microsoft.ApiManagement/service/read", - "Microsoft.ApiManagement/service/authorizationServers/read", - "Microsoft.Authorization/*/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Can manage the workspace and view, but not modify its members. This role should be assigned on the workspace scope.", - "hasExternal": false, - "hasUnknown": false, - "name": "API Management Workspace Contributor", - "permittedActions": [ - { - "description": "Joins a service workspace. Not Alertable.", - "displayName": "Join an API Management service workspace", - "name": "Microsoft.ApiManagement/service/workspaces/join/action", + "description": "Lists all revisions of an API.", + "displayName": "Get revisions for an API", + "name": "Microsoft.ApiManagement/service/workspaces/apis/revisions/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of Workspaces defined within a service instance. or Gets the details of the Workspace specified by its identifier.", - "displayName": "Get list of Workspaces or Workspace details", - "name": "Microsoft.ApiManagement/service/workspaces/read", + "description": "Lists all Products, which the API is part of.", + "displayName": "Get products associated with the API", + "name": "Microsoft.ApiManagement/service/workspaces/apis/products/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates Workspace. or Updates the details of the Workspace specified by its identifier.", - "displayName": "Add Workspace or Update Workspace", - "name": "Microsoft.ApiManagement/service/workspaces/write", + "description": "Lists all Tags associated with the API. or Get tag associated with the API.", + "displayName": "Get tags associated with the API or Get Tag associated with API", + "name": "Microsoft.ApiManagement/service/workspaces/apis/tags/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes specific Workspace of the API Management service instance.", - "displayName": "Remove Workspace", - "name": "Microsoft.ApiManagement/service/workspaces/delete", + "description": "Lists a collection of operations associated with tags.", + "displayName": "Get Operation-Tag associations list", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operationsByTags/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Sends notification to a specified user", - "displayName": "Send notification", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/action", + "description": "Lists a collection of the APIs associated with a product.", + "displayName": "Get product APIs list", + "name": "Microsoft.ApiManagement/service/workspaces/products/apis/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of named values defined within a service instance. or Gets the details of the named value specified by its identifier.", - "displayName": "Get all named values or Get named value details", - "name": "Microsoft.ApiManagement/service/workspaces/namedValues/read", + "description": "Lists the collection of developer groups associated with the specified product.", + "displayName": "Get product groups list", + "name": "Microsoft.ApiManagement/service/workspaces/products/groups/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or updates named value. or Updates the specific named value.", - "displayName": "Create named value or Update named value", - "name": "Microsoft.ApiManagement/service/workspaces/namedValues/write", + "description": "Lists the collection of subscriptions to the specified product.", + "displayName": "Get product subscriptions list", + "name": "Microsoft.ApiManagement/service/workspaces/products/subscriptions/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes specific named value from the API Management service instance.", - "displayName": "Remove named value", - "name": "Microsoft.ApiManagement/service/workspaces/namedValues/delete", + "description": "Lists all Tags associated with the Product. or Get tag associated with the Product.", + "displayName": "Get product tags or Tag details", + "name": "Microsoft.ApiManagement/service/workspaces/products/tags/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Gets the secret of the named value specified by its identifier.", - "displayName": "Get the value", - "name": "Microsoft.ApiManagement/service/workspaces/namedValues/listValue/action", + "description": "Lists a collection of groups defined within a service instance. or Gets the details of the group specified by its identifier.", + "displayName": "Get groups list or Get group details", + "name": "Microsoft.ApiManagement/service/workspaces/groups/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Refreshes named value by fetching it from Key Vault.", - "displayName": "Refresh certificate from KeyVault", - "name": "Microsoft.ApiManagement/service/workspaces/namedValues/refreshSecret/action", + "description": "Lists a collection of user entities associated with the group.", + "displayName": "Get group users list", + "name": "Microsoft.ApiManagement/service/workspaces/groups/users/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists all APIs of the API Management service instance. or Gets the details of the API specified by its identifier.", - "displayName": "Get API list or Get API details", - "name": "Microsoft.ApiManagement/service/workspaces/apis/read", + "description": "Gets all policy fragments. or Gets a policy fragment.", + "displayName": "Get policy fragments or Get policy fragment", + "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates new or updates existing specified API of the API Management service instance. or Updates the specified API of the API Management service instance.", - "displayName": "Create API or Update API", - "name": "Microsoft.ApiManagement/service/workspaces/apis/write", + "description": "Lists a collection of properties defined within a service instance. or Gets the details of the Notification specified by its identifier.", + "displayName": "Get all publisher notifications or Get publisher notification details", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes the specified API of the API Management service instance.", - "displayName": "Remove API", - "name": "Microsoft.ApiManagement/service/workspaces/apis/delete", + "description": "Lists all Documentations of the API Management service instance. or Gets the details of the documentation specified by its identifier.", + "displayName": "Get documentations list or Get documentation details", + "name": "Microsoft.ApiManagement/service/workspaces/documentations/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of the operations for the specified API. or Gets the details of the API Operation specified by its identifier.", - "displayName": "Get API operations or Get API operation details", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/read", + "description": "Lists a collection of all certificates in the specified workspace or Gets the details of the certificate specified by its identifier.", + "displayName": "Get certificates list or Get cerificate details", + "name": "Microsoft.ApiManagement/service/workspaces/certificates/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates a new operation in the API or updates an existing one. or Updates the details of the operation in the API specified by its identifier.", - "displayName": "Create API operation or Update API operation", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/write", + "description": "Lists a collection of loggers in the specified workspace. or Gets the details of the logger specified by its identifier.", + "displayName": "Get loggers list or Get logger details", + "name": "Microsoft.ApiManagement/service/workspaces/loggers/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes the specified operation in the API.", - "displayName": "Remove API operation", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/delete", + "description": "Lists all diagnostics of an API. or Gets the details of the Diagnostic for an API specified by its identifier.", + "displayName": "Get diagnostics list or Get diagnostic details", + "name": "Microsoft.ApiManagement/service/workspaces/apis/diagnostics/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Get the list of policy configuration at the API Operation level. or Get the policy configuration at the API Operation level.", - "displayName": "Get API Operation policies or Get API operation policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/policies/read", + "description": "Lists a collection of backed in the specified service instance. or Gets the details of the backend specified by its identifier.", + "displayName": "Get list of backend or Get backend details", + "name": "Microsoft.ApiManagement/service/workspaces/backends/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or updates policy configuration for the API Operation level.", - "displayName": "Set API operation policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/policies/write", + "description": "Lists all diagnostics of a workspace. or Gets the details of the Diagnostic for a workspace specified by its identifier.", + "displayName": "Get diagnostics list or Get diagnostic details", + "name": "Microsoft.ApiManagement/service/workspaces/diagnostics/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes the policy configuration at the Api Operation.", - "displayName": "Remove API Operation policy configuration from policies", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/policies/delete", + "description": "Lists a collection of products in the specified service instance. or Gets the details of the product specified by its identifier.", + "displayName": "Get product list or Get product details", + "name": "Microsoft.ApiManagement/service/workspaces/products/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Get the policy configuration at the API level. or Get the policy configuration at the API level.", - "displayName": "Get API policies or Get API policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/apis/policies/read", + "description": "Creates or Updates a product. or Update existing product details.", + "displayName": "Create product or Update product", + "name": "Microsoft.ApiManagement/service/workspaces/products/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or updates policy configuration for the API.", - "displayName": "Set API policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/apis/policies/write", + "description": "Delete product.", + "displayName": "Remove product", + "name": "Microsoft.ApiManagement/service/workspaces/products/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes the policy configuration at the Api.", - "displayName": "Remove API policy configuration from policies", - "name": "Microsoft.ApiManagement/service/workspaces/apis/policies/delete", + "description": "Get the policy configuration at the Product level. or Get the policy configuration at the Product level.", + "displayName": "Get Product policies or Get Product policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/products/policies/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Get the schema configuration at the API level. or Get the schema configuration at the API level.", - "displayName": "Gets the schemas stored for a given API or Gets schemas for the API", - "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/read", + "description": "Creates or updates policy configuration for the Product.", + "displayName": "Set Product policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/products/policies/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or updates schema configuration for the API.", - "displayName": "Sets schema used by the API", - "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/write", + "description": "Deletes the policy configuration at the Product.", + "displayName": "Remove Product policy configuration from policies", + "name": "Microsoft.ApiManagement/service/workspaces/products/policies/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes the schema configuration at the Api.", - "displayName": "Removes schema for the API", - "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/delete", + "description": "Lists a collection of product-group links in the specified service instance. or Get product-group details.", + "displayName": "Get links or Get product-group details", + "name": "Microsoft.ApiManagement/service/workspaces/products/groupLinks/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Get the document describing the Schema", - "displayName": "Get the document for the schema", - "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/document/read", + "description": "Creates or Updates a product-group link.", + "displayName": "Create product-group link", + "name": "Microsoft.ApiManagement/service/workspaces/products/groupLinks/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Update the document describing the Schema", - "displayName": "Update the document for the schema", - "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/document/write", + "description": "Delete product-group link.", + "displayName": "Remove product-group link", + "name": "Microsoft.ApiManagement/service/workspaces/products/groupLinks/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of API Version Sets in the specified service instance. or Gets the details of the Api Version Set specified by its identifier.", - "displayName": "Get version set list or Get versionSet details", - "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/read", + "description": "Lists a collection of product-API links in the specified service instance. or Get product-API details.", + "displayName": "Get links or Get product-API details", + "name": "Microsoft.ApiManagement/service/workspaces/products/apiLinks/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a Api Version Set. or Updates the details of the Api VersionSet specified by its identifier.", - "displayName": "Create VersionSet or Update VersionSet", - "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/write", + "description": "Creates or Updates a product-API link.", + "displayName": "Create product-API link", + "name": "Microsoft.ApiManagement/service/workspaces/products/apiLinks/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes specific Api Version Set.", - "displayName": "Remove VersionSet", - "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/delete", + "description": "Delete product-API link.", + "displayName": "Remove product-API link", + "name": "Microsoft.ApiManagement/service/workspaces/products/apiLinks/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Get list of version entities", - "displayName": "Get VersionSet version entity list", - "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/versions/read", + "description": "Lists a collection of the APIs associated with a product.", + "displayName": "Get product APIs list", + "name": "Microsoft.ApiManagement/service/workspaces/products/apis/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists all subscriptions of the API Management service instance. or Gets the specified Subscription entity (without keys).", - "displayName": "Get subscriptions list or Get subscripiton details", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/read", + "description": "Adds an API to the specified product.", + "displayName": "Add API to product", + "name": "Microsoft.ApiManagement/service/workspaces/products/apis/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or updates the subscription of specified user to the specified product. or Updates the details of a subscription specified by its identifier.", - "displayName": "Subscribe to product or Update subscription", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/write", + "description": "Deletes the specified API from the specified product.", + "displayName": "Remove API from product", + "name": "Microsoft.ApiManagement/service/workspaces/products/apis/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes the specified subscription.", - "displayName": "Delete subscription", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/delete", + "description": "Lists the collection of developer groups associated with the specified product.", + "displayName": "Get product groups list", + "name": "Microsoft.ApiManagement/service/workspaces/products/groups/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Regenerates primary key of existing subscription of the API Management service instance.", - "displayName": "Regenerate subscription PK", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/regeneratePrimaryKey/action", + "description": "Adds the association between the specified developer group with the specified product.", + "displayName": "Associate group with product", + "name": "Microsoft.ApiManagement/service/workspaces/products/groups/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Regenerates secondary key of existing subscription of the API Management service instance.", - "displayName": "Regenerate subscription SK", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/regenerateSecondaryKey/action", + "description": "Deletes the association between the specified group and product.", + "displayName": "Delete group with product association", + "name": "Microsoft.ApiManagement/service/workspaces/products/groups/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Gets the specified Subscription keys.", - "displayName": "Get subscripiton keys", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/listSecrets/action", + "description": "Lists the collection of subscriptions to the specified product.", + "displayName": "Get product subscriptions list", + "name": "Microsoft.ApiManagement/service/workspaces/products/subscriptions/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of products in the specified service instance. or Gets the details of the product specified by its identifier.", - "displayName": "Get product list or Get product details", - "name": "Microsoft.ApiManagement/service/workspaces/products/read", + "description": "Lists all Tags associated with the Product. or Get tag associated with the Product.", + "displayName": "Get product tags or Tag details", + "name": "Microsoft.ApiManagement/service/workspaces/products/tags/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a product. or Update existing product details.", - "displayName": "Create product or Update product", - "name": "Microsoft.ApiManagement/service/workspaces/products/write", + "description": "Assign tag to the Product.", + "displayName": "Associate Tag with Product", + "name": "Microsoft.ApiManagement/service/workspaces/products/tags/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Delete product.", - "displayName": "Remove product", - "name": "Microsoft.ApiManagement/service/workspaces/products/delete", + "description": "Detach the tag from the Product.", + "displayName": "Delete Tag with Product association", + "name": "Microsoft.ApiManagement/service/workspaces/products/tags/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Get the policy configuration at the Product level. or Get the policy configuration at the Product level.", - "displayName": "Get Product policies or Get Product policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/products/policies/read", + "description": "Lists all subscriptions of the API Management service instance. or Gets the specified Subscription entity (without keys).", + "displayName": "Get subscriptions list or Get subscripiton details", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or updates policy configuration for the Product.", - "displayName": "Set Product policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/products/policies/write", + "description": "Creates or updates the subscription of specified user to the specified product. or Updates the details of a subscription specified by its identifier.", + "displayName": "Subscribe to product or Update subscription", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes the policy configuration at the Product.", - "displayName": "Remove Product policy configuration from policies", - "name": "Microsoft.ApiManagement/service/workspaces/products/policies/delete", + "description": "Deletes the specified subscription.", + "displayName": "Delete subscription", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Get the policy configuration at the Workspace level. or Get the policy configuration at the Workspace level.", - "displayName": "Get Workspace policies or Get Workspace policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/policies/read", + "description": "Regenerates primary key of existing subscription of the API Management service instance.", + "displayName": "Regenerate subscription PK", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/regeneratePrimaryKey/action", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or updates policy configuration for the Workspace.", - "displayName": "Set Workspace policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/policies/write", + "description": "Regenerates secondary key of existing subscription of the API Management service instance.", + "displayName": "Regenerate subscription SK", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/regenerateSecondaryKey/action", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes the policy configuration at the Workspace.", - "displayName": "Remove Workspace policy configuration from policies", - "name": "Microsoft.ApiManagement/service/workspaces/policies/delete", + "description": "Gets the specified Subscription keys.", + "displayName": "Get subscripiton keys", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/listSecrets/action", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of product-group links in the specified service instance. or Get product-group details.", - "displayName": "Get links or Get product-group details", - "name": "Microsoft.ApiManagement/service/workspaces/products/groupLinks/read", + "description": "Lists a collection of groups defined within a service instance. or Gets the details of the group specified by its identifier.", + "displayName": "Get groups list or Get group details", + "name": "Microsoft.ApiManagement/service/workspaces/groups/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a product-group link.", - "displayName": "Create product-group link", - "name": "Microsoft.ApiManagement/service/workspaces/products/groupLinks/write", + "description": "Creates or Updates a group. or Updates the details of the group specified by its identifier.", + "displayName": "Create group or Update group", + "name": "Microsoft.ApiManagement/service/workspaces/groups/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Delete product-group link.", - "displayName": "Remove product-group link", - "name": "Microsoft.ApiManagement/service/workspaces/products/groupLinks/delete", + "description": "Deletes specific group of the API Management service instance.", + "displayName": "Remove group", + "name": "Microsoft.ApiManagement/service/workspaces/groups/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of product-API links in the specified service instance. or Get product-API details.", - "displayName": "Get links or Get product-API details", - "name": "Microsoft.ApiManagement/service/workspaces/products/apiLinks/read", + "description": "Lists a collection of user entities associated with the group.", + "displayName": "Get group users list", + "name": "Microsoft.ApiManagement/service/workspaces/groups/users/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a product-API link.", - "displayName": "Create product-API link", - "name": "Microsoft.ApiManagement/service/workspaces/products/apiLinks/write", + "description": "Add existing user to existing group", + "displayName": "Add user to group", + "name": "Microsoft.ApiManagement/service/workspaces/groups/users/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Delete product-API link.", - "displayName": "Remove product-API link", - "name": "Microsoft.ApiManagement/service/workspaces/products/apiLinks/delete", + "description": "Remove existing user from existing group.", + "displayName": "Remove user from group", + "name": "Microsoft.ApiManagement/service/workspaces/groups/users/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, @@ -1044731,6 +1044448,13 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, + { + "description": "Sends notification to a specified user", + "displayName": "Send notification", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/action", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, { "description": "Gets the list of the Notification Recipient User subscribed to the notification.", "displayName": "Get recipient users for the Notification", @@ -1044774,401 +1044498,709 @@ "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of schemas registered. or Gets the details of the Schema specified by its identifier.", - "displayName": "Get schemas list or Get schema details", - "name": "Microsoft.ApiManagement/service/workspaces/schemas/read", + "description": "Lists a collection of properties defined within a service instance. or Gets the details of the Notification specified by its identifier.", + "displayName": "Get all publisher notifications or Get publisher notification details", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or updates an Schema to be used in Api Management instance.", - "displayName": "Create schema", - "name": "Microsoft.ApiManagement/service/workspaces/schemas/write", + "description": "Create or Update API Management publisher notification.", + "displayName": "Create publisher notification", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes specific Schema.", - "displayName": "Remove schema", - "name": "Microsoft.ApiManagement/service/workspaces/schemas/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Reads the administrators for the subscription.", + "displayName": "Get administrator", + "name": "Microsoft.Authorization/classicAdministrators/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Lists all releases of an API. An API release is created when making an API Revision current. Releases are also used to rollback to previous revisions. Results will be paged and can be constrained by the $top and $skip parameters. or Returns the details of an API release.", - "displayName": "Get revisions for an API or Get API release details", - "name": "Microsoft.ApiManagement/service/workspaces/apis/releases/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Get information about a role assignment.", + "displayName": "Get role assignment", + "name": "Microsoft.Authorization/roleAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Removes all releases of the API or Deletes the specified release in the API.", - "displayName": "Removes all releases of the API or Delete API release", - "name": "Microsoft.ApiManagement/service/workspaces/apis/releases/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Lists all the permissions the caller has at a given scope.", + "displayName": "List permissions", + "name": "Microsoft.Authorization/permissions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Creates a new Release for the API. or Updates the details of the release of the API specified by its identifier.", - "displayName": "Create API release or Update API release", - "name": "Microsoft.ApiManagement/service/workspaces/apis/releases/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Gets locks at the specified scope.", + "displayName": "Get management locks", + "name": "Microsoft.Authorization/locks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Lists all Tags associated with the Operation. or Get tag associated with the Operation.", - "displayName": "Get tags associated with the Operation or Tag details", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/tags/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Get information about a role definition.", + "displayName": "Get role definition", + "name": "Microsoft.Authorization/roleDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Assign tag to the Operation.", - "displayName": "Associate Tag with Operation", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/tags/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Get operations for all resource providers which can be used in role definitions.", + "displayName": "Get operations for resource providers", + "name": "Microsoft.Authorization/providerOperations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Detach the tag from the Operation.", - "displayName": "Delete Tag with Operation association", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/tags/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Get information about a policy set definition.", + "displayName": "Get policy set definition", + "name": "Microsoft.Authorization/policySetDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Lists all revisions of an API.", - "displayName": "Get revisions for an API", - "name": "Microsoft.ApiManagement/service/workspaces/apis/revisions/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Get information about a policy definition.", + "displayName": "Get policy definition", + "name": "Microsoft.Authorization/policyDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Lists all Products, which the API is part of.", - "displayName": "Get products associated with the API", - "name": "Microsoft.ApiManagement/service/workspaces/apis/products/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Get information about a policy assignment.", + "displayName": "Get policy assignment", + "name": "Microsoft.Authorization/policyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Lists all Tags associated with the API. or Get tag associated with the API.", - "displayName": "Get tags associated with the API or Get Tag associated with API", - "name": "Microsoft.ApiManagement/service/workspaces/apis/tags/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Gets the list of operations", + "displayName": "Get operations", + "name": "Microsoft.Authorization/operations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Assign tag to the Api.", - "displayName": "Add Tag", - "name": "Microsoft.ApiManagement/service/workspaces/apis/tags/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Gets the administrator opreation statuses of the subscription.", + "displayName": "Get administrator operation statuses", + "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Detach the tag from the Api.", - "displayName": "Remove Tag", - "name": "Microsoft.ApiManagement/service/workspaces/apis/tags/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Get information about a deny assignment.", + "displayName": "Get deny assignment", + "name": "Microsoft.Authorization/denyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Lists a collection of operations associated with tags.", - "displayName": "Get Operation-Tag associations list", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operationsByTags/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Get information about resource management private link.", + "displayName": "Get Resource Management Private Link", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Lists a collection of the APIs associated with a product.", - "displayName": "Get product APIs list", - "name": "Microsoft.ApiManagement/service/workspaces/products/apis/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Get information about private endpoint connection proxy.", + "displayName": "Get Private Endpoint Connection Proxy", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Adds an API to the specified product.", - "displayName": "Add API to product", - "name": "Microsoft.ApiManagement/service/workspaces/products/apis/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Get information about private endpoint connection.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Deletes the specified API from the specified product.", - "displayName": "Remove API from product", - "name": "Microsoft.ApiManagement/service/workspaces/products/apis/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Get information about private link association.", + "displayName": "Get Private Link Association", + "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Lists the collection of developer groups associated with the specified product.", - "displayName": "Get product groups list", - "name": "Microsoft.ApiManagement/service/workspaces/products/groups/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Get information about a policy exemption.", + "displayName": "Get policy exemption", + "name": "Microsoft.Authorization/policyExemptions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Adds the association between the specified developer group with the specified product.", - "displayName": "Associate group with product", - "name": "Microsoft.ApiManagement/service/workspaces/products/groups/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" + "description": "Gets the role assignment schedule requests at given scope.", + "displayName": "Get Role assignment schedule request", + "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Deletes the association between the specified group and product.", - "displayName": "Delete group with product association", - "name": "Microsoft.ApiManagement/service/workspaces/products/groups/delete", + "description": "Gets the role eligibility schedule requests at given scope.", + "displayName": "Get Role eligibility schedule request", + "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedules at given scope.", + "displayName": "Get Role assignment schedule", + "name": "Microsoft.Authorization/roleAssignmentSchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedules at given scope.", + "displayName": "Get Role eligibility schedule", + "name": "Microsoft.Authorization/roleEligibilitySchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule instances at given scope.", + "displayName": "Get Role assignment schedule instance", + "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule instances at given scope.", + "displayName": "Get Role eligibility schedule instance", + "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get Role management policies", + "displayName": "Get Role management policy", + "name": "Microsoft.Authorization/roleManagementPolicies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get role management policy assignments", + "displayName": "Get Role management policy assignment", + "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Read the information about diagnostics settings", + "displayName": "Get information about diagnostics settings", + "name": "Microsoft.Authorization/diagnosticSettings/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get the information about diagnostic settings categories", + "displayName": "Read the information about diagnostic settings categories", + "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.ApiManagement/service/workspaces/*/read", + "Microsoft.ApiManagement/service/workspaces/products/*", + "Microsoft.ApiManagement/service/workspaces/subscriptions/*", + "Microsoft.ApiManagement/service/workspaces/groups/*", + "Microsoft.ApiManagement/service/workspaces/tags/*", + "Microsoft.ApiManagement/service/workspaces/notifications/*", + "Microsoft.Authorization/*/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Has read access to tags and products and write access to allow: assigning APIs to products, assigning tags to products and APIs. This role should be assigned on the service scope.", + "hasExternal": false, + "hasUnknown": false, + "name": "API Management Service Workspace API Developer", + "permittedActions": [ + { + "description": "Lists a collection of tags defined within a service instance. or Gets the details of the tag specified by its identifier.", + "displayName": "Get Tags list or Tag details", + "name": "Microsoft.ApiManagement/service/tags/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists the collection of subscriptions to the specified product.", - "displayName": "Get product subscriptions list", - "name": "Microsoft.ApiManagement/service/workspaces/products/subscriptions/read", + "description": "Lists a collection of Tag-API links in the specified service instance. or Get Tag-API details.", + "displayName": "Get links or Get Tag-API details", + "name": "Microsoft.ApiManagement/service/tags/apiLinks/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists all Tags associated with the Product. or Get tag associated with the Product.", - "displayName": "Get product tags or Tag details", - "name": "Microsoft.ApiManagement/service/workspaces/products/tags/read", + "description": "Creates or Updates a Tag-API link.", + "displayName": "Create Tag-API link", + "name": "Microsoft.ApiManagement/service/tags/apiLinks/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Assign tag to the Product.", - "displayName": "Associate Tag with Product", - "name": "Microsoft.ApiManagement/service/workspaces/products/tags/write", + "description": "Delete Tag-API link.", + "displayName": "Remove Tag-API link", + "name": "Microsoft.ApiManagement/service/tags/apiLinks/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Detach the tag from the Product.", - "displayName": "Delete Tag with Product association", - "name": "Microsoft.ApiManagement/service/workspaces/products/tags/delete", + "description": "Lists a collection of Tag-operation links in the specified service instance. or Get Tag-operation details.", + "displayName": "Get links or Get Tag-operation details", + "name": "Microsoft.ApiManagement/service/tags/operationLinks/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of groups defined within a service instance. or Gets the details of the group specified by its identifier.", - "displayName": "Get groups list or Get group details", - "name": "Microsoft.ApiManagement/service/workspaces/groups/read", + "description": "Creates or Updates a Tag-operation link.", + "displayName": "Create Tag-operation link", + "name": "Microsoft.ApiManagement/service/tags/operationLinks/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a group. or Updates the details of the group specified by its identifier.", - "displayName": "Create group or Update group", - "name": "Microsoft.ApiManagement/service/workspaces/groups/write", + "description": "Delete Tag-operation link.", + "displayName": "Remove Tag-operation link", + "name": "Microsoft.ApiManagement/service/tags/operationLinks/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes specific group of the API Management service instance.", - "displayName": "Remove group", - "name": "Microsoft.ApiManagement/service/workspaces/groups/delete", + "description": "Lists a collection of Tag-product links in the specified service instance. or Get Tag-product details.", + "displayName": "Get links or Get Tag-product details", + "name": "Microsoft.ApiManagement/service/tags/productLinks/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of user entities associated with the group.", - "displayName": "Get group users list", - "name": "Microsoft.ApiManagement/service/workspaces/groups/users/read", + "description": "Creates or Updates a Tag-product link.", + "displayName": "Create Tag-product link", + "name": "Microsoft.ApiManagement/service/tags/productLinks/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Add existing user to existing group", - "displayName": "Add user to group", - "name": "Microsoft.ApiManagement/service/workspaces/groups/users/write", + "description": "Delete Tag-product link.", + "displayName": "Remove Tag-product link", + "name": "Microsoft.ApiManagement/service/tags/productLinks/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Remove existing user from existing group.", - "displayName": "Remove user from group", - "name": "Microsoft.ApiManagement/service/workspaces/groups/users/delete", + "description": "Lists a collection of products in the specified service instance. or Gets the details of the product specified by its identifier.", + "displayName": "Get product list or Get product details", + "name": "Microsoft.ApiManagement/service/products/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Gets all policy fragments. or Gets a policy fragment.", - "displayName": "Get policy fragments or Get policy fragment", - "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/read", + "description": "Lists a collection of product-API links in the specified service instance. or Get product-API details.", + "displayName": "Get links or Get product-API details", + "name": "Microsoft.ApiManagement/service/products/apiLinks/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or updates a policy fragment.", - "displayName": "Set policy fragment", - "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/write", + "description": "Creates or Updates a product-API link.", + "displayName": "Create product-API link", + "name": "Microsoft.ApiManagement/service/products/apiLinks/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes a policy fragment.", - "displayName": "Delete policy fragment", - "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/delete", + "description": "Delete product-API link.", + "displayName": "Remove product-API link", + "name": "Microsoft.ApiManagement/service/products/apiLinks/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists policy resources that reference the policy fragment.", - "displayName": "List policy fragment references", - "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/listReferences/action", + "description": "Read metadata for an API Management Service instance", + "displayName": "Read metadata for an API Management Service instance", + "name": "Microsoft.ApiManagement/service/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of properties defined within a service instance. or Gets the details of the Notification specified by its identifier.", - "displayName": "Get all publisher notifications or Get publisher notification details", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/read", + "description": "Lists a collection of authorization servers defined within a service instance. or Gets the details of the authorization server without secrets.", + "displayName": "Get authorization service list or Get authorization server details without secrets", + "name": "Microsoft.ApiManagement/service/authorizationServers/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Create or Update API Management publisher notification.", - "displayName": "Create publisher notification", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/write", + "description": "Reads the administrators for the subscription.", + "displayName": "Get administrator", + "name": "Microsoft.Authorization/classicAdministrators/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role assignment.", + "displayName": "Get role assignment", + "name": "Microsoft.Authorization/roleAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Lists all the permissions the caller has at a given scope.", + "displayName": "List permissions", + "name": "Microsoft.Authorization/permissions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets locks at the specified scope.", + "displayName": "Get management locks", + "name": "Microsoft.Authorization/locks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role definition.", + "displayName": "Get role definition", + "name": "Microsoft.Authorization/roleDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get operations for all resource providers which can be used in role definitions.", + "displayName": "Get operations for resource providers", + "name": "Microsoft.Authorization/providerOperations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy set definition.", + "displayName": "Get policy set definition", + "name": "Microsoft.Authorization/policySetDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy definition.", + "displayName": "Get policy definition", + "name": "Microsoft.Authorization/policyDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy assignment.", + "displayName": "Get policy assignment", + "name": "Microsoft.Authorization/policyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the list of operations", + "displayName": "Get operations", + "name": "Microsoft.Authorization/operations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the administrator opreation statuses of the subscription.", + "displayName": "Get administrator operation statuses", + "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a deny assignment.", + "displayName": "Get deny assignment", + "name": "Microsoft.Authorization/denyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about resource management private link.", + "displayName": "Get Resource Management Private Link", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection proxy.", + "displayName": "Get Private Endpoint Connection Proxy", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private link association.", + "displayName": "Get Private Link Association", + "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy exemption.", + "displayName": "Get policy exemption", + "name": "Microsoft.Authorization/policyExemptions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule requests at given scope.", + "displayName": "Get Role assignment schedule request", + "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule requests at given scope.", + "displayName": "Get Role eligibility schedule request", + "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedules at given scope.", + "displayName": "Get Role assignment schedule", + "name": "Microsoft.Authorization/roleAssignmentSchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedules at given scope.", + "displayName": "Get Role eligibility schedule", + "name": "Microsoft.Authorization/roleEligibilitySchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule instances at given scope.", + "displayName": "Get Role assignment schedule instance", + "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule instances at given scope.", + "displayName": "Get Role eligibility schedule instance", + "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get Role management policies", + "displayName": "Get Role management policy", + "name": "Microsoft.Authorization/roleManagementPolicies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get role management policy assignments", + "displayName": "Get Role management policy assignment", + "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Read the information about diagnostics settings", + "displayName": "Get information about diagnostics settings", + "name": "Microsoft.Authorization/diagnosticSettings/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get the information about diagnostic settings categories", + "displayName": "Read the information about diagnostic settings categories", + "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.ApiManagement/service/tags/read", + "Microsoft.ApiManagement/service/tags/apiLinks/*", + "Microsoft.ApiManagement/service/tags/operationLinks/*", + "Microsoft.ApiManagement/service/tags/productLinks/*", + "Microsoft.ApiManagement/service/products/read", + "Microsoft.ApiManagement/service/products/apiLinks/*", + "Microsoft.ApiManagement/service/read", + "Microsoft.ApiManagement/service/authorizationServers/read", + "Microsoft.Authorization/*/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Has the same access as API Management Service Workspace API Developer as well as read access to users and write access to allow assigning users to groups. This role should be assigned on the service scope.", + "hasExternal": false, + "hasUnknown": false, + "name": "API Management Service Workspace API Product Manager", + "permittedActions": [ + { + "description": "Lists a collection of registered users in the specified service instance. or Gets the details of the user specified by its identifier.", + "displayName": "Get users list or Get user details", + "name": "Microsoft.ApiManagement/service/users/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists all Documentations of the API Management service instance. or Gets the details of the documentation specified by its identifier.", - "displayName": "Get documentations list or Get documentation details", - "name": "Microsoft.ApiManagement/service/workspaces/documentations/read", + "description": "Lists a collection of tags defined within a service instance. or Gets the details of the tag specified by its identifier.", + "displayName": "Get Tags list or Tag details", + "name": "Microsoft.ApiManagement/service/tags/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a documentation. or Updates the specified documentation of the API Management service instance.", - "displayName": "Create documentation or Update documentation", - "name": "Microsoft.ApiManagement/service/workspaces/documentations/write", + "description": "Lists a collection of Tag-API links in the specified service instance. or Get Tag-API details.", + "displayName": "Get links or Get Tag-API details", + "name": "Microsoft.ApiManagement/service/tags/apiLinks/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Delete documentation.", - "displayName": "Remove documentation", - "name": "Microsoft.ApiManagement/service/workspaces/documentations/delete", + "description": "Creates or Updates a Tag-API link.", + "displayName": "Create Tag-API link", + "name": "Microsoft.ApiManagement/service/tags/apiLinks/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of all certificates in the specified workspace or Gets the details of the certificate specified by its identifier.", - "displayName": "Get certificates list or Get cerificate details", - "name": "Microsoft.ApiManagement/service/workspaces/certificates/read", + "description": "Delete Tag-API link.", + "displayName": "Remove Tag-API link", + "name": "Microsoft.ApiManagement/service/tags/apiLinks/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or updates the certificate being used for authentication with the backend.", - "displayName": "Add certificate", - "name": "Microsoft.ApiManagement/service/workspaces/certificates/write", + "description": "Lists a collection of Tag-operation links in the specified service instance. or Get Tag-operation details.", + "displayName": "Get links or Get Tag-operation details", + "name": "Microsoft.ApiManagement/service/tags/operationLinks/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes specific certificate.", - "displayName": "Remove certificate", - "name": "Microsoft.ApiManagement/service/workspaces/certificates/delete", + "description": "Creates or Updates a Tag-operation link.", + "displayName": "Create Tag-operation link", + "name": "Microsoft.ApiManagement/service/tags/operationLinks/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Refreshes certificate by fetching it from Key Vault.", - "displayName": "Refresh certificate from KeyVault", - "name": "Microsoft.ApiManagement/service/workspaces/certificates/refreshSecret/action", + "description": "Delete Tag-operation link.", + "displayName": "Remove Tag-operation link", + "name": "Microsoft.ApiManagement/service/tags/operationLinks/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of loggers in the specified workspace. or Gets the details of the logger specified by its identifier.", - "displayName": "Get loggers list or Get logger details", - "name": "Microsoft.ApiManagement/service/workspaces/loggers/read", + "description": "Lists a collection of Tag-product links in the specified service instance. or Get Tag-product details.", + "displayName": "Get links or Get Tag-product details", + "name": "Microsoft.ApiManagement/service/tags/productLinks/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a logger. or Updates an existing logger.", - "displayName": "Add logger or Update logger", - "name": "Microsoft.ApiManagement/service/workspaces/loggers/write", + "description": "Creates or Updates a Tag-product link.", + "displayName": "Create Tag-product link", + "name": "Microsoft.ApiManagement/service/tags/productLinks/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes the specified logger.", - "displayName": "Remove logger", - "name": "Microsoft.ApiManagement/service/workspaces/loggers/delete", + "description": "Delete Tag-product link.", + "displayName": "Remove Tag-product link", + "name": "Microsoft.ApiManagement/service/tags/productLinks/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists all diagnostics of an API. or Gets the details of the Diagnostic for an API specified by its identifier.", - "displayName": "Get diagnostics list or Get diagnostic details", - "name": "Microsoft.ApiManagement/service/workspaces/apis/diagnostics/read", + "description": "Lists a collection of products in the specified service instance. or Gets the details of the product specified by its identifier.", + "displayName": "Get product list or Get product details", + "name": "Microsoft.ApiManagement/service/products/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates a new Diagnostic for an API or updates an existing one. or Updates the details of the Diagnostic for an API specified by its identifier.", - "displayName": "Add diagnostic or Update diagnostic", - "name": "Microsoft.ApiManagement/service/workspaces/apis/diagnostics/write", + "description": "Lists a collection of product-API links in the specified service instance. or Get product-API details.", + "displayName": "Get links or Get product-API details", + "name": "Microsoft.ApiManagement/service/products/apiLinks/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes the specified Diagnostic from an API.", - "displayName": "Remove diagnostic", - "name": "Microsoft.ApiManagement/service/workspaces/apis/diagnostics/delete", + "description": "Creates or Updates a product-API link.", + "displayName": "Create product-API link", + "name": "Microsoft.ApiManagement/service/products/apiLinks/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of backed in the specified service instance. or Gets the details of the backend specified by its identifier.", - "displayName": "Get list of backend or Get backend details", - "name": "Microsoft.ApiManagement/service/workspaces/backends/read", + "description": "Delete product-API link.", + "displayName": "Remove product-API link", + "name": "Microsoft.ApiManagement/service/products/apiLinks/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a Api Version Set. or Updates the details of the backend specified by its identifier.", - "displayName": "Add Backend or Update backend", - "name": "Microsoft.ApiManagement/service/workspaces/backends/write", + "description": "Lists a collection of groups defined within a service instance. or Gets the details of the group specified by its identifier.", + "displayName": "Get groups list or Get group details", + "name": "Microsoft.ApiManagement/service/groups/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes specific Api Version Set.", - "displayName": "Remove backend", - "name": "Microsoft.ApiManagement/service/workspaces/backends/delete", + "description": "Lists a collection of user entities associated with the group.", + "displayName": "Get group users list", + "name": "Microsoft.ApiManagement/service/groups/users/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Notifies the APIM proxy to create a new connection to the backend after the specified timeout. If no timeout was specified, timeout of 2 minutes is used.", - "displayName": "Create Request", - "name": "Microsoft.ApiManagement/service/workspaces/backends/reconnect/action", + "description": "Add existing user to existing group", + "displayName": "Add user to group", + "name": "Microsoft.ApiManagement/service/groups/users/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists all diagnostics of a workspace. or Gets the details of the Diagnostic for a workspace specified by its identifier.", - "displayName": "Get diagnostics list or Get diagnostic details", - "name": "Microsoft.ApiManagement/service/workspaces/diagnostics/read", + "description": "Remove existing user from existing group.", + "displayName": "Remove user from group", + "name": "Microsoft.ApiManagement/service/groups/users/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates a new Diagnostic for a workspace or updates an existing one. or Updates the details of the Diagnostic for a workspace specified by its identifier.", - "displayName": "Add diagnostic or Update diagnostic", - "name": "Microsoft.ApiManagement/service/workspaces/diagnostics/write", + "description": "Read metadata for an API Management Service instance", + "displayName": "Read metadata for an API Management Service instance", + "name": "Microsoft.ApiManagement/service/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes the specified Diagnostic from a workspace.", - "displayName": "Remove diagnostic", - "name": "Microsoft.ApiManagement/service/workspaces/diagnostics/delete", + "description": "Lists a collection of authorization servers defined within a service instance. or Gets the details of the authorization server without secrets.", + "displayName": "Get authorization service list or Get authorization server details without secrets", + "name": "Microsoft.ApiManagement/service/authorizationServers/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, @@ -1045366,7 +1045398,17 @@ "rawPermissions": [ { "actions": [ - "Microsoft.ApiManagement/service/workspaces/*", + "Microsoft.ApiManagement/service/users/read", + "Microsoft.ApiManagement/service/tags/read", + "Microsoft.ApiManagement/service/tags/apiLinks/*", + "Microsoft.ApiManagement/service/tags/operationLinks/*", + "Microsoft.ApiManagement/service/tags/productLinks/*", + "Microsoft.ApiManagement/service/products/read", + "Microsoft.ApiManagement/service/products/apiLinks/*", + "Microsoft.ApiManagement/service/groups/read", + "Microsoft.ApiManagement/service/groups/users/*", + "Microsoft.ApiManagement/service/read", + "Microsoft.ApiManagement/service/authorizationServers/read", "Microsoft.Authorization/*/read" ], "condition": null, @@ -1045377,42 +1045419,6 @@ } ] }, - { - "description": "Customer has read access on Azure Storage file shares.", - "hasExternal": false, - "hasUnknown": false, - "name": "Storage File Data Privileged Reader", - "permittedActions": [], - "permittedDataActions": [ - { - "description": "Returns a file/folder or a list of files/folders", - "displayName": "Read Files", - "name": "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Read File Backup Semantics Privilege", - "displayName": "Read File Backup Semantics Privilege", - "name": "Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - } - ], - "rawPermissions": [ - { - "actions": [], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read", - "Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action" - ], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Customer has read, write, delete and modify NTFS permission access on Azure Storage file shares.", "hasExternal": false, @@ -1045481,6 +1045487,42 @@ } ] }, + { + "description": "Customer has read access on Azure Storage file shares.", + "hasExternal": false, + "hasUnknown": false, + "name": "Storage File Data Privileged Reader", + "permittedActions": [], + "permittedDataActions": [ + { + "description": "Returns a file/folder or a list of files/folders", + "displayName": "Read Files", + "name": "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Read File Backup Semantics Privilege", + "displayName": "Read File Backup Semantics Privilege", + "name": "Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + } + ], + "rawPermissions": [ + { + "actions": [], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.Storage/storageAccounts/fileServices/fileshares/files/read", + "Microsoft.Storage/storageAccounts/fileServices/readFileBackupSemantics/action" + ], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "This role is used by Windows 365 to read virtual networks and join the designated virtual networks.", "hasExternal": false, @@ -1146232,10 +1146274,10 @@ ] }, { - "description": "Allows user to read Azure Sphere resources.", + "description": "Allows user to read and download Azure Sphere resources and upload images.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Sphere Reader", + "name": "Azure Sphere Publisher", "permittedActions": [ { "description": "read operations", @@ -1146335,13 +1146377,6 @@ "providerDisplayName": "Microsoft.AzureSphere", "providerName": "Microsoft.AzureSphere" }, - { - "description": "Lists deployments for catalog.", - "displayName": "Catalogs_ListDeployments", - "name": "Microsoft.AzureSphere/catalogs/listDeployments/action", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, { "description": "Counts devices in product. '.default' and '.unassigned' are system defined values and cannot be used for product name.", "displayName": "Products_CountDevices", @@ -1146356,6 +1146391,13 @@ "providerDisplayName": "Microsoft.AzureSphere", "providerName": "Microsoft.AzureSphere" }, + { + "description": "Gets the proof of possession nonce.", + "displayName": "Certificates_RetrieveProofOfPossessionNonce", + "name": "Microsoft.AzureSphere/catalogs/certificates/retrieveProofOfPossessionNonce/action", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, { "description": "Retrieves cert chain.", "displayName": "Certificates_RetrieveCertChain", @@ -1146363,6 +1146405,20 @@ "providerDisplayName": "Microsoft.AzureSphere", "providerName": "Microsoft.AzureSphere" }, + { + "description": "Create a Image", + "displayName": "Images_CreateOrUpdate", + "name": "Microsoft.AzureSphere/catalogs/images/write", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "Creates an image. Use this action when the image ID is unknown.", + "displayName": "Catalogs_UploadImage", + "name": "Microsoft.AzureSphere/catalogs/uploadImage/action", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1146576,10 +1146632,12 @@ "Microsoft.AzureSphere/catalogs/listDeviceGroups/action", "Microsoft.AzureSphere/catalogs/listDeviceInsights/action", "Microsoft.AzureSphere/catalogs/listDevices/action", - "Microsoft.AzureSphere/catalogs/listDeployments/action", "Microsoft.AzureSphere/catalogs/products/countDevices/action", "Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action", + "Microsoft.AzureSphere/catalogs/certificates/retrieveProofOfPossessionNonce/action", "Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action", + "Microsoft.AzureSphere/catalogs/images/write", + "Microsoft.AzureSphere/catalogs/uploadImage/action", "Microsoft.Authorization/*/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Insights/DiagnosticSettings/Read" @@ -1146593,10 +1146651,10 @@ ] }, { - "description": "Allows user to read and download Azure Sphere resources and upload images.", + "description": "Allows user to read Azure Sphere resources.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Sphere Publisher", + "name": "Azure Sphere Reader", "permittedActions": [ { "description": "read operations", @@ -1146696,6 +1146754,13 @@ "providerDisplayName": "Microsoft.AzureSphere", "providerName": "Microsoft.AzureSphere" }, + { + "description": "Lists deployments for catalog.", + "displayName": "Catalogs_ListDeployments", + "name": "Microsoft.AzureSphere/catalogs/listDeployments/action", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, { "description": "Counts devices in product. '.default' and '.unassigned' are system defined values and cannot be used for product name.", "displayName": "Products_CountDevices", @@ -1146710,13 +1146775,6 @@ "providerDisplayName": "Microsoft.AzureSphere", "providerName": "Microsoft.AzureSphere" }, - { - "description": "Gets the proof of possession nonce.", - "displayName": "Certificates_RetrieveProofOfPossessionNonce", - "name": "Microsoft.AzureSphere/catalogs/certificates/retrieveProofOfPossessionNonce/action", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, { "description": "Retrieves cert chain.", "displayName": "Certificates_RetrieveCertChain", @@ -1146724,20 +1146782,6 @@ "providerDisplayName": "Microsoft.AzureSphere", "providerName": "Microsoft.AzureSphere" }, - { - "description": "Create a Image", - "displayName": "Images_CreateOrUpdate", - "name": "Microsoft.AzureSphere/catalogs/images/write", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "Creates an image. Use this action when the image ID is unknown.", - "displayName": "Catalogs_UploadImage", - "name": "Microsoft.AzureSphere/catalogs/uploadImage/action", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1146951,12 +1146995,10 @@ "Microsoft.AzureSphere/catalogs/listDeviceGroups/action", "Microsoft.AzureSphere/catalogs/listDeviceInsights/action", "Microsoft.AzureSphere/catalogs/listDevices/action", + "Microsoft.AzureSphere/catalogs/listDeployments/action", "Microsoft.AzureSphere/catalogs/products/countDevices/action", "Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action", - "Microsoft.AzureSphere/catalogs/certificates/retrieveProofOfPossessionNonce/action", "Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action", - "Microsoft.AzureSphere/catalogs/images/write", - "Microsoft.AzureSphere/catalogs/uploadImage/action", "Microsoft.Authorization/*/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Insights/DiagnosticSettings/Read" @@ -1147234,7 +1147276,7 @@ "description": "This role has been deprecated", "hasExternal": false, "hasUnknown": true, - "name": "Cognitive Search Serverless Data Contributor (Deprecated)", + "name": "Cognitive Search Serverless Data Reader (Deprecated)", "permittedActions": [], "permittedDataActions": [], "rawPermissions": [ @@ -1147243,8 +1147285,8 @@ "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.CognitiveSearch/indexes/schema/*", - "Microsoft.CognitiveSearch/indexes/documents/*" + "Microsoft.CognitiveSearch/indexes/schema/read", + "Microsoft.CognitiveSearch/indexes/documents/read" ], "notActions": [], "notDataActions": [] @@ -1147255,7 +1147297,7 @@ "description": "This role has been deprecated", "hasExternal": false, "hasUnknown": true, - "name": "Cognitive Search Serverless Data Reader (Deprecated)", + "name": "Cognitive Search Serverless Data Contributor (Deprecated)", "permittedActions": [], "permittedDataActions": [], "rawPermissions": [ @@ -1147264,8 +1147306,8 @@ "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.CognitiveSearch/indexes/schema/read", - "Microsoft.CognitiveSearch/indexes/documents/read" + "Microsoft.CognitiveSearch/indexes/schema/*", + "Microsoft.CognitiveSearch/indexes/documents/*" ], "notActions": [], "notDataActions": [] @@ -1150117,10 +1150159,10 @@ ] }, { - "description": "You can create and edit workflows, connections, and settings for a Standard logic app. You can't make changes outside the workflow scope.", + "description": "You can manage all aspects of a Standard logic app and workflows. You can't change access or ownership.", "hasExternal": false, "hasUnknown": false, - "name": "Logic Apps Standard Developer (Preview)", + "name": "Logic Apps Standard Contributor (Preview)", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1152502,6 +1152544,83 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Get the list of certificates.", + "displayName": "Get Certificates", + "name": "Microsoft.Web/certificates/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Add a new certificate or update an existing one.", + "displayName": "Add or Update Certificate", + "name": "Microsoft.Web/certificates/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete an existing certificate.", + "displayName": "Delete Certificate", + "name": "Microsoft.Web/certificates/Delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Certificates Operation Results.", + "displayName": "Get Certificates Operation Results", + "name": "microsoft.web/certificates/operationresults/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get the list of Connection Gateways.", + "displayName": "Get Connection Gateways", + "name": "Microsoft.Web/connectionGateways/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Creates or updates a Connection Gateway.", + "displayName": "Add or Update Connection Gateways", + "name": "Microsoft.Web/connectionGateways/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Deletes a Connection Gateway.", + "displayName": "Delete Connection Gateway", + "name": "Microsoft.Web/connectionGateways/Delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Moves a Connection Gateway.", + "displayName": "Move Connection Gateway", + "name": "Microsoft.Web/connectionGateways/Move/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Joins a Connection Gateway.", + "displayName": "Join Connection Gateway", + "name": "Microsoft.Web/connectionGateways/Join/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Associates with a Connection Gateway.", + "displayName": "Associate with Connection Gateway", + "name": "Microsoft.Web/connectionGateways/Associate/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Lists status of a Connection Gateway.", + "displayName": "List Connection Gateway Status", + "name": "Microsoft.Web/connectionGateways/ListStatus/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get the list of Connections.", "displayName": "Get Connections", @@ -1152628,597 +1152747,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "List Web App's security sensitive settings, such as publishing credentials, app settings and connection strings", - "displayName": "List Web App Security Sensitive Settings", - "name": "Microsoft.Web/sites/config/list/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Update Web App's configuration settings", - "displayName": "Update Web App Configuration", - "name": "Microsoft.Web/sites/config/Write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps App Setting", - "displayName": "Delete Web Apps App Setting", - "name": "microsoft.web/sites/config/web/appsettings/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Create or Update Web App Single App setting", - "displayName": "Create or Update Web App Single App setting", - "name": "microsoft.web/sites/config/web/appsettings/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Create the artifacts in a Logic App.", - "displayName": "Create the artifacts in a Logic App", - "name": "microsoft.web/sites/deployWorkflowArtifacts/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Function App's master key for admin operations", - "displayName": "Get Function App master key", - "name": "Microsoft.Web/sites/hostruntime/host/_master/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Perform Function App runtime action like sync triggers, add functions, invoke functions, delete functions etc.", - "displayName": "Perform Function App runtime action", - "name": "Microsoft.Web/sites/hostruntime/host/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web Apps Hostruntime Functions Keys.", - "displayName": "Get Web Apps Hostruntime Functions Keys", - "name": "microsoft.web/sites/hostruntime/functions/keys/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web Apps Hostruntime Host.", - "displayName": "Get Web Apps Hostruntime Host", - "name": "microsoft.web/sites/hostruntime/host/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List Web Apps Hostruntime Workflow Triggers.", - "displayName": "List Web Apps Hostruntime Workflow Triggers", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web Apps Hostruntime Workflow Trigger Uri.", - "displayName": "Get Web Apps Hostruntime Workflow Trigger Uri", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Run Web Apps Hostruntime Workflow Trigger.", - "displayName": "Run Web Apps Hostruntime Workflow Trigger", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/run/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List Web Apps Hostruntime Workflow Runs.", - "displayName": "List Web Apps Hostruntime Workflow Runs", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/runs/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List logic app's connections by its ID in a Logic App.", - "displayName": "List logic app's connections by its ID in a Logic App", - "name": "microsoft.web/sites/listworkflowsconnections/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Publish a Web App", - "displayName": "Publish Web App", - "name": "Microsoft.Web/sites/publish/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Create or Update Web App Slot's Single App setting", - "displayName": "Create or Update Web App Slot's Single App setting", - "name": "microsoft.web/sites/slots/config/appsettings/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List Web App Slot's security sensitive settings, such as publishing credentials, app settings and connection strings", - "displayName": "List Web App Slot Security Sensitive Settings", - "name": "Microsoft.Web/sites/slots/config/list/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web App Slot's App Setting", - "displayName": "Delete Web App Slot's App Setting", - "name": "microsoft.web/sites/slots/config/web/appsettings/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Create the artifacts in a deployment slot in a Logic App.", - "displayName": "Create the artifacts in a deployment slot in a Logic App", - "name": "microsoft.web/sites/slots/deployWorkflowArtifacts/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List logic app's connections by its ID in a deployment slot in a Logic App.", - "displayName": "List logic app's connections by its ID in a deployment slot in a Logic App", - "name": "microsoft.web/sites/slots/listworkflowsconnections/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Publish a Web App Slot", - "displayName": "Publish Web App Slot", - "name": "Microsoft.Web/sites/slots/publish/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List the workflows in a Logic App.", - "displayName": "List the workflows in a Logic App", - "name": "microsoft.web/sites/workflows/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get logic app's configuration information by its ID in a Logic App.", - "displayName": "Get logic app's configuration information by its ID in a Logic App", - "name": "microsoft.web/sites/workflowsconfiguration/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/operations/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Support/*", - "Microsoft.Web/*/read", - "Microsoft.Web/connections/*", - "Microsoft.Web/customApis/*", - "Microsoft.Web/sites/config/list/Action", - "microsoft.web/sites/config/Write", - "microsoft.web/sites/config/web/appsettings/delete", - "microsoft.web/sites/config/web/appsettings/write", - "microsoft.web/sites/deployWorkflowArtifacts/action", - "microsoft.web/sites/hostruntime/*", - "microsoft.web/sites/listworkflowsconnections/action", - "Microsoft.Web/sites/publish/Action", - "microsoft.web/sites/slots/config/appsettings/write", - "Microsoft.Web/sites/slots/config/list/Action", - "microsoft.web/sites/slots/config/web/appsettings/delete", - "microsoft.web/sites/slots/deployWorkflowArtifacts/action", - "microsoft.web/sites/slots/listworkflowsconnections/action", - "Microsoft.Web/sites/slots/publish/Action", - "microsoft.web/sites/workflows/*", - "microsoft.web/sites/workflowsconfiguration/*" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "You can manage all aspects of a Standard logic app and workflows. You can't change access or ownership.", - "hasExternal": false, - "hasUnknown": false, - "name": "Logic Apps Standard Contributor (Preview)", - "permittedActions": [ - { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Create or update a classic metric alert", - "displayName": "Create or update classic metric alert", - "name": "Microsoft.Insights/AlertRules/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Delete a classic metric alert", - "displayName": "Delete classic metric alert", - "name": "Microsoft.Insights/AlertRules/Delete", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert", - "displayName": "Read classic metric alert", - "name": "Microsoft.Insights/AlertRules/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert activated", - "displayName": "Classic metric alert activated", - "name": "Microsoft.Insights/AlertRules/Activated/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert resolved", - "displayName": "Classic metric alert resolved", - "name": "Microsoft.Insights/AlertRules/Resolved/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert rule throttled", - "displayName": "Classic metric alert rule throttled", - "name": "Microsoft.Insights/AlertRules/Throttled/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert incident", - "displayName": "Read classic metric alert incidents", - "name": "Microsoft.Insights/AlertRules/Incidents/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Get the subscription operation results.", - "displayName": "Get Subscription Operation Results", - "name": "Microsoft.Resources/subscriptions/operationresults/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Registers Support Resource Provider", - "displayName": "Registers Support Resource Provider", - "name": "Microsoft.Support/register/action", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Looks up resource Id for resource type", - "displayName": "Look Up Resource Id", - "name": "Microsoft.Support/lookUpResourceId/action", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Checks that name is valid and not in use for resource type", - "displayName": "Check Name Availability", - "name": "Microsoft.Support/checkNameAvailability/action", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Lists one or all support tickets", - "displayName": "Reads Support Ticket", - "name": "Microsoft.Support/supportTickets/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Allows creating and updating a support ticket", - "displayName": "Writes Support Ticket", - "name": "Microsoft.Support/supportTickets/write", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Lists one or all Azure services available for support", - "displayName": "Reads Services", - "name": "Microsoft.Support/services/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Lists one or all problem classifications for an Azure service", - "displayName": "Reads Problem Classifications", - "name": "Microsoft.Support/services/problemClassifications/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Gets the result of the asynchronous operation", - "displayName": "Get Operation Result", - "name": "Microsoft.Support/operationresults/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Gets the status of the asynchronous operation", - "displayName": "Get Operation Status", - "name": "Microsoft.Support/operationsstatus/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Lists all operations available on Microsoft.Support resource provider", - "displayName": "Lists operations", - "name": "Microsoft.Support/operations/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Get the properties of a Web App", - "displayName": "Get Web App", - "name": "Microsoft.Web/sites/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get the properties of a Web App deployment slot", - "displayName": "Get Web App Deployment Slot", - "name": "Microsoft.Web/sites/slots/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web App Slot's configuration settings", - "displayName": "Get Web App Slot Configuration", - "name": "Microsoft.Web/sites/slots/config/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web App configuration settings", - "displayName": "Get Web App Configuration", - "name": "Microsoft.Web/sites/config/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web App's source control configuration settings", - "displayName": "Get Web App Source Control Configuration", - "name": "Microsoft.Web/sites/sourcecontrols/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web App Slot's source control configuration settings", - "displayName": "Get Web App Slot Source Control Configuration", - "name": "Microsoft.Web/sites/slots/sourcecontrols/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get the properties of a web app's backup", - "displayName": "Get Web App Backup", - "name": "Microsoft.Web/sites/backups/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get the properties of a web app slots' backup", - "displayName": "List Web App Slot Backups", - "name": "Microsoft.Web/sites/slots/backups/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get the properties on an App Service Plan", "displayName": "Get App Service Plan", @@ -1153227,289 +1152755,58 @@ "providerName": "microsoft.web" }, { - "description": "Get the list of certificates.", - "displayName": "Get Certificates", - "name": "Microsoft.Web/certificates/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get the list of Geo regions.", - "displayName": "Get Geo Regions", - "name": "Microsoft.Web/geoRegions/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get names of sites assigned to hostname.", - "displayName": "Get sites assigned to hostname", - "name": "Microsoft.Web/listSitesAssignedToHostName/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get the properties of an App Service Environment", - "displayName": "Get App Service Environment", - "name": "Microsoft.Web/hostingEnvironments/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get the properties of a FrontEnd Pool in an App Service Environment", - "displayName": "Get FrontEnd Pool", - "name": "Microsoft.Web/hostingEnvironments/multiRolePools/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get the properties of a Worker Pool in an App Service Environment", - "displayName": "Get Worker Pool", - "name": "Microsoft.Web/hostingEnvironments/workerPools/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get the list of Connections.", - "displayName": "Get Connections", - "name": "Microsoft.Web/connections/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get the list of Custom API.", - "displayName": "Get Custom API", - "name": "Microsoft.Web/customApis/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get the list of Connection Gateways.", - "displayName": "Get Connection Gateways", - "name": "Microsoft.Web/connectionGateways/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get the list of recommendations for subscriptions.", - "displayName": "Get recommendations", - "name": "Microsoft.Web/recommendations/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get the list of recommendations for web app.", - "displayName": "Get recommendations for web app", - "name": "Microsoft.Web/sites/recommendations/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Available Stacks.", - "displayName": "Get Available Stacks", - "name": "microsoft.web/availablestacks/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Check if resource name is available.", - "displayName": "Get Check Name Availability", - "name": "microsoft.web/checknameavailability/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Classic Mobile Services.", - "displayName": "Get Classic Mobile Services", - "name": "microsoft.web/classicmobileservices/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Deployment Locations.", - "displayName": "Get Deployment Locations", - "name": "microsoft.web/deploymentlocations/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Hosting Environments Capacities.", - "displayName": "Get Hosting Environments Capacities", - "name": "microsoft.web/hostingenvironments/capacities/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Hosting Environments Diagnostics.", - "displayName": "Get Hosting Environments Diagnostics", - "name": "microsoft.web/hostingenvironments/diagnostics/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Hosting Environments Metric Definitions.", - "displayName": "Get Hosting Environments Metric Definitions", - "name": "microsoft.web/hostingenvironments/metricdefinitions/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Hosting Environments MultiRole Pools Metric Definitions.", - "displayName": "Get Hosting Environments MultiRole Pools Metric Definitions", - "name": "microsoft.web/hostingenvironments/multirolepools/metricdefinitions/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Hosting Environments MultiRole Pools Metrics.", - "displayName": "Get Hosting Environments MultiRole Pools Metrics", - "name": "microsoft.web/hostingenvironments/multirolepools/metrics/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Hosting Environments MultiRole Pools SKUs.", - "displayName": "Get Hosting Environments MultiRole Pools SKUs", - "name": "microsoft.web/hostingenvironments/multirolepools/skus/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Hosting Environments MultiRole Pools Usages.", - "displayName": "Get Hosting Environments MultiRole Pools Usages", - "name": "microsoft.web/hostingenvironments/multirolepools/usages/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Hosting Environments Operations.", - "displayName": "Get Hosting Environments Operations", - "name": "microsoft.web/hostingenvironments/operations/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Hosting Environments App Service Plans.", - "displayName": "Get Hosting Environments App Service Plans", - "name": "microsoft.web/hostingenvironments/serverfarms/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Hosting Environments Web Apps.", - "displayName": "Get Hosting Environments Web Apps", - "name": "microsoft.web/hostingenvironments/sites/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Hosting Environments Usages.", - "displayName": "Get Hosting Environments Usages", - "name": "microsoft.web/hostingenvironments/usages/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Hosting Environments Workerpools Metric Definitions.", - "displayName": "Get Hosting Environments Workerpools Metric Definitions", - "name": "microsoft.web/hostingenvironments/workerpools/metricdefinitions/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Hosting Environments Workerpools Metrics.", - "displayName": "Get Hosting Environments Workerpools Metrics", - "name": "microsoft.web/hostingenvironments/workerpools/metrics/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Hosting Environments Workerpools SKUs.", - "displayName": "Get Hosting Environments Workerpools SKUs", - "name": "microsoft.web/hostingenvironments/workerpools/skus/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Hosting Environments Workerpools Usages.", - "displayName": "Get Hosting Environments Workerpools Usages", - "name": "microsoft.web/hostingenvironments/workerpools/usages/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get if Hosting Environment Name is available.", - "displayName": "Check if Hosting Environment Name is available", - "name": "microsoft.web/ishostingenvironmentnameavailable/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Check if Hostname is Available.", - "displayName": "Check if Hostname is Available", - "name": "microsoft.web/ishostnameavailable/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Check if Username is available.", - "displayName": "Check if Username is available", - "name": "microsoft.web/isusernameavailable/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Locations API Operations.", - "displayName": "Get Locations API Operations", - "name": "microsoft.web/locations/apioperations/read", + "description": "Create a new App Service Plan or update an existing one", + "displayName": "Create or Update App Service Plan", + "name": "Microsoft.Web/serverfarms/Write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Locations Connection Gateway Installations.", - "displayName": "Get Locations Connection Gateway Installations", - "name": "microsoft.web/locations/connectiongatewayinstallations/read", + "description": "Delete an existing App Service Plan", + "displayName": "Delete App Service Plan", + "name": "Microsoft.Web/serverfarms/Delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Locations Managed APIs.", - "displayName": "Get Locations Managed APIs", - "name": "microsoft.web/locations/managedapis/read", + "description": "Joins an App Service Plan", + "displayName": "Join App Service Plan", + "name": "Microsoft.Web/serverfarms/Join/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Locations Managed API Operations.", - "displayName": "Get Locations Managed API Operations", - "name": "microsoft.web/locations/managedapis/apioperations/read", + "description": "Restart all Web Apps in an App Service Plan", + "displayName": "Restart Web Apps", + "name": "Microsoft.Web/serverfarms/restartSites/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Operations.", - "displayName": "Get Operations", - "name": "microsoft.web/operations/read", + "description": "Get App Service Plans Capabilities.", + "displayName": "Get App Service Plans Capabilities", + "name": "microsoft.web/serverfarms/capabilities/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Publishing Users.", - "displayName": "Get Publishing Users", - "name": "microsoft.web/publishingusers/read", + "description": "Delete App Service Plans First Party Apps Settings.", + "displayName": "Delete App Service Plans First Party Apps Settings", + "name": "microsoft.web/serverfarms/firstpartyapps/settings/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Capabilities.", - "displayName": "Get App Service Plans Capabilities", - "name": "microsoft.web/serverfarms/capabilities/read", + "description": "Get App Service Plans First Party Apps Settings.", + "displayName": "Get App Service Plans First Party Apps Settings", + "name": "microsoft.web/serverfarms/firstpartyapps/settings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans First Party Apps Settings.", - "displayName": "Get App Service Plans First Party Apps Settings", - "name": "microsoft.web/serverfarms/firstpartyapps/settings/read", + "description": "Update App Service Plans First Party Apps Settings.", + "displayName": "Update App Service Plans First Party Apps Settings", + "name": "microsoft.web/serverfarms/firstpartyapps/settings/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1153576,6 +1152873,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update App Service Plans Virtual Network Connections Gateways.", + "displayName": "Update App Service Plans Virtual Network Connections Gateways", + "name": "microsoft.web/serverfarms/virtualnetworkconnections/gateways/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get App Service Plans Virtual Network Connections.", "displayName": "Get App Service Plans Virtual Network Connections", @@ -1153583,6 +1152887,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete App Service Plans Virtual Network Connections Routes.", + "displayName": "Delete App Service Plans Virtual Network Connections Routes", + "name": "microsoft.web/serverfarms/virtualnetworkconnections/routes/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get App Service Plans Virtual Network Connections Routes.", "displayName": "Get App Service Plans Virtual Network Connections Routes", @@ -1153590,6 +1152901,720 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update App Service Plans Virtual Network Connections Routes.", + "displayName": "Update App Service Plans Virtual Network Connections Routes", + "name": "microsoft.web/serverfarms/virtualnetworkconnections/routes/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Reboot App Service Plans Workers.", + "displayName": "Reboot App Service Plans Workers", + "name": "microsoft.web/serverfarms/workers/reboot/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get App Service Plans Hybrid Connection Namespaces Relays.", + "displayName": "Get App Service Plans Hybrid Connection Namespaces Relays", + "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete App Service Plans Hybrid Connection Namespaces Relays.", + "displayName": "Delete App Service Plans Hybrid Connection Namespaces Relays", + "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Gets the diagnostic setting for the resource", + "displayName": "Read diagnostic setting", + "name": "microsoft.web/serverfarms/providers/Microsoft.Insights/diagnosticSettings/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Creates or updates the diagnostic setting for the resource", + "displayName": "Write diagnostic setting", + "name": "microsoft.web/serverfarms/providers/Microsoft.Insights/diagnosticSettings/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Gets the available metrics for App Service Plan", + "displayName": "Read App Service Plan metric definitions", + "name": "Microsoft.Web/serverfarms/providers/Microsoft.Insights/metricDefinitions/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Event Grid Filter on server farm.", + "displayName": "Delete Event Grid Filter on server farm", + "name": "Microsoft.Web/serverfarms/eventGridFilters/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Event Grid Filter on server farm.", + "displayName": "Get Event Grid Filter on server farm", + "name": "Microsoft.Web/serverfarms/eventGridFilters/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Put Event Grid Filter on server farm.", + "displayName": "Put Event Grid Filter on server farm", + "name": "Microsoft.Web/serverfarms/eventGridFilters/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get the list of recommendations for App Service Plan.", + "displayName": "Get recommendations for App Service Plan", + "name": "Microsoft.Web/serverfarms/recommendations/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get first party Azure Key vault referenced settings for App Service Plan.", + "displayName": "Get App Service Plan Key Vault first party settings", + "name": "microsoft.web/serverfarms/firstpartyapps/keyvaultsettings/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Create or Update first party Azure Key vault referenced settings for App Service Plan.", + "displayName": "Create or Update App Service Plan Key Vault first party settings", + "name": "microsoft.web/serverfarms/firstpartyapps/keyvaultsettings/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get the properties of a Web App", + "displayName": "Get Web App", + "name": "Microsoft.Web/sites/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Create a new Web App or update an existing one", + "displayName": "Create or Update Web App", + "name": "Microsoft.Web/sites/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete an existing Web App", + "displayName": "Delete Web App", + "name": "Microsoft.Web/sites/Delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Create a new web app backup", + "displayName": "Create Web App Backup", + "name": "Microsoft.Web/sites/backup/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get publishing profile xml for a Web App", + "displayName": "Get Web App Publishing Profile", + "name": "Microsoft.Web/sites/publishxml/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Publish a Web App", + "displayName": "Publish Web App", + "name": "Microsoft.Web/sites/publish/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Restart a Web App", + "displayName": "Restart Web App", + "name": "Microsoft.Web/sites/restart/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Start a Web App", + "displayName": "Start Web App", + "name": "Microsoft.Web/sites/start/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Start Dev Session for a Web App", + "displayName": "Start Dev Session for a Web App", + "name": "Microsoft.Web/sites/startDevSession/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Stop a Web App", + "displayName": "Stop Web App", + "name": "Microsoft.Web/sites/stop/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Swap Web App deployment slots", + "displayName": "Swap Web App Slots", + "name": "Microsoft.Web/sites/slotsswap/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get differences in configuration between web app and slots", + "displayName": "Get Web App Slots Differences", + "name": "Microsoft.Web/sites/slotsdiffs/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Apply web app slot configuration from target slot to the current web app", + "displayName": "Apply Web App Configuration", + "name": "Microsoft.Web/sites/applySlotConfig/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Reset web app configuration", + "displayName": "Reset Web App Configuration", + "name": "Microsoft.Web/sites/resetSlotConfig/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Approve Private Endpoint Connections", + "displayName": "Approve Private Endpoint Connections", + "name": "Microsoft.Web/sites/PrivateEndpointConnectionsApproval/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Create the artifacts in a Logic App.", + "displayName": "Create the artifacts in a Logic App", + "name": "microsoft.web/sites/deployWorkflowArtifacts/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List logic app's connections by its ID in a Logic App.", + "displayName": "List logic app's connections by its ID in a Logic App", + "name": "microsoft.web/sites/listworkflowsconnections/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Functions Web Apps.", + "displayName": "Functions Web Apps", + "name": "microsoft.web/sites/functions/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Sync Function Trigger Status.", + "displayName": "List Web Apps Sync Function Trigger Status", + "name": "microsoft.web/sites/listsyncfunctiontriggerstatus/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Network Trace Web Apps.", + "displayName": "Network Trace Web Apps", + "name": "microsoft.web/sites/networktrace/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Newpassword Web Apps.", + "displayName": "Newpassword Web Apps", + "name": "microsoft.web/sites/newpassword/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Sync Web Apps.", + "displayName": "Sync Web Apps", + "name": "microsoft.web/sites/sync/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Migrate MySql Web Apps.", + "displayName": "Migrate MySql Web Apps", + "name": "microsoft.web/sites/migratemysql/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Recover Web Apps.", + "displayName": "Recover Web Apps", + "name": "microsoft.web/sites/recover/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Restore Web Apps Snapshots.", + "displayName": "Restore Web Apps Snapshots", + "name": "microsoft.web/sites/restoresnapshot/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Restore Web Apps From Deleted App.", + "displayName": "Restore Web Apps From Deleted App", + "name": "microsoft.web/sites/restorefromdeletedapp/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Sync Function Triggers.", + "displayName": "Sync Web Apps Function Triggers", + "name": "microsoft.web/sites/syncfunctiontriggers/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Discovers an existing app backup that can be restored from a blob in Azure storage.", + "displayName": "Discovers an existing app backup", + "name": "microsoft.web/sites/backups/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Zipped Container Logs for Web App.", + "displayName": "Get Zipped Container Logs for Web App", + "name": "microsoft.web/sites/containerlogs/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Restore Web App From Backup Blob.", + "displayName": "Restore Web App From Backup Blob", + "name": "microsoft.web/sites/restorefrombackupblob/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Web App backups.", + "displayName": "List Web App backups", + "name": "microsoft.web/sites/listbackups/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Copy content from deployment slot.", + "displayName": "Copy content from deployment slot", + "name": "microsoft.web/sites/slotcopy/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Reconcile Web App Network Security Perimeter Configurations.", + "displayName": "Reconcile Web App Network Security Perimeter Configurations", + "name": "Microsoft.Web/Sites/networkSecurityPerimeterConfigurations/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Determines if a user is allowed to associate an Azure Web App with a Network Security Perimeter.", + "displayName": "Join Network Security Perimeter", + "name": "Microsoft.Web/Sites/joinPerimeter/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Create a new Web App Slot or update an existing one", + "displayName": "Create or Update Web App Slot", + "name": "Microsoft.Web/sites/slots/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete an existing Web App Slot", + "displayName": "Delete Web App Slot", + "name": "Microsoft.Web/sites/slots/Delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Create new Web App Slot backup.", + "displayName": "Create Web App Slot Backup", + "name": "Microsoft.Web/sites/slots/backup/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get publishing profile xml for Web App Slot", + "displayName": "Get Web App Slot Publishing Profile", + "name": "Microsoft.Web/sites/slots/publishxml/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Publish a Web App Slot", + "displayName": "Publish Web App Slot", + "name": "Microsoft.Web/sites/slots/publish/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Restart a Web App Slot", + "displayName": "Restart Web App Slot", + "name": "Microsoft.Web/sites/slots/restart/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Start a Web App Slot", + "displayName": "Start Web App Slot", + "name": "Microsoft.Web/sites/slots/start/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Start Dev Session for Web App Slot", + "displayName": "Start Dev Session for Web App Slot", + "name": "Microsoft.Web/sites/slots/startDevSession/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Stop a Web App Slot", + "displayName": "Stop Web App Slot", + "name": "Microsoft.Web/sites/slots/stop/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Swap Web App deployment slots", + "displayName": "Swap Web App Slots", + "name": "Microsoft.Web/sites/slots/slotsswap/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get differences in configuration between web app and slots", + "displayName": "Get Web App Slots Differences", + "name": "Microsoft.Web/sites/slots/slotsdiffs/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Apply web app slot configuration from target slot to the current slot.", + "displayName": "Apply Web App Slot Configuration", + "name": "Microsoft.Web/sites/slots/applySlotConfig/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Reset web app slot configuration", + "displayName": "Reset Web App Slot Configuration", + "name": "Microsoft.Web/sites/slots/resetSlotConfig/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get the properties of a Web App deployment slot", + "displayName": "Get Web App Deployment Slot", + "name": "Microsoft.Web/sites/slots/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Create the artifacts in a deployment slot in a Logic App.", + "displayName": "Create the artifacts in a deployment slot in a Logic App", + "name": "microsoft.web/sites/slots/deployWorkflowArtifacts/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List logic app's connections by its ID in a deployment slot in a Logic App.", + "displayName": "List logic app's connections by its ID in a deployment slot in a Logic App", + "name": "microsoft.web/sites/slots/listworkflowsconnections/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Sync Function Trigger Status for deployment slot.", + "displayName": "List Web Apps Sync Function Trigger Status for deployment slot", + "name": "microsoft.web/sites/slots/listsyncfunctiontriggerstatus/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Newpassword Web Apps Slots.", + "displayName": "Newpassword Web Apps Slots", + "name": "microsoft.web/sites/slots/newpassword/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Sync Web Apps Slots.", + "displayName": "Sync Web Apps Slots", + "name": "microsoft.web/sites/slots/sync/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Sync Function Triggers for deployment slot.", + "displayName": "Sync Web Apps Function Triggers for deployment slot", + "name": "microsoft.web/sites/slots/syncfunctiontriggers/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Network Trace Web Apps Slots.", + "displayName": "Network Trace Web Apps Slots", + "name": "microsoft.web/sites/slots/networktrace/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Recover Web Apps Slots.", + "displayName": "Recover Web Apps Slots", + "name": "microsoft.web/sites/slots/recover/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Restore Web Apps Slots Snapshots.", + "displayName": "Restore Web Apps Slots Snapshots", + "name": "microsoft.web/sites/slots/restoresnapshot/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Restore Web App Slots From Deleted App.", + "displayName": "Restore Web App Slots From Deleted App", + "name": "microsoft.web/sites/slots/restorefromdeletedapp/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Discover Web Apps Slots Backups.", + "displayName": "Discover Web Apps Slots Backups", + "name": "microsoft.web/sites/slots/backups/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Zipped Container Logs for Web App Slot.", + "displayName": "Get Zipped Container Logs for Web App Slot", + "name": "microsoft.web/sites/slots/containerlogs/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Restore Web Apps Slot From Backup Blob.", + "displayName": "Restore Web Apps Slot From Backup Blob", + "name": "microsoft.web/sites/slots/restorefrombackupblob/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Web App Slot backups.", + "displayName": "List Web App Slot backups", + "name": "microsoft.web/sites/slots/listbackups/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Copy content from one deployment slot to another.", + "displayName": "Copy content from one deployment slot to another", + "name": "microsoft.web/sites/slots/slotcopy/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Web App Slot's configuration settings", + "displayName": "Get Web App Slot Configuration", + "name": "Microsoft.Web/sites/slots/config/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Web App Slot's security sensitive settings, such as publishing credentials, app settings and connection strings", + "displayName": "List Web App Slot Security Sensitive Settings", + "name": "Microsoft.Web/sites/slots/config/list/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Update Web App Slot's configuration settings", + "displayName": "Update Web App Slot Configuration", + "name": "Microsoft.Web/sites/slots/config/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Slots Config.", + "displayName": "Delete Web Apps Slots Config", + "name": "microsoft.web/sites/slots/config/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Validate upgrade path for Web App.", + "displayName": "Validate upgrade path for Web App", + "name": "microsoft.web/sites/slots/config/validateupgradepath/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Web App configuration settings", + "displayName": "Get Web App Configuration", + "name": "Microsoft.Web/sites/config/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Web App's security sensitive settings, such as publishing credentials, app settings and connection strings", + "displayName": "List Web App Security Sensitive Settings", + "name": "Microsoft.Web/sites/config/list/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Update Web App's configuration settings", + "displayName": "Update Web App Configuration", + "name": "Microsoft.Web/sites/config/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Config.", + "displayName": "Delete Web Apps Config", + "name": "microsoft.web/sites/config/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Web App's source control configuration settings", + "displayName": "Get Web App Source Control Configuration", + "name": "Microsoft.Web/sites/sourcecontrols/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Update Web App's source control configuration settings", + "displayName": "Update Web App Source Control Configuration", + "name": "Microsoft.Web/sites/sourcecontrols/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web App's source control configuration settings", + "displayName": "Delete Web App Source Control Configuration", + "name": "Microsoft.Web/sites/sourcecontrols/Delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Web App Slot's source control configuration settings", + "displayName": "Get Web App Slot Source Control Configuration", + "name": "Microsoft.Web/sites/slots/sourcecontrols/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Update Web App Slot's source control configuration settings", + "displayName": "Update Web App Slot Source Control Configuration", + "name": "Microsoft.Web/sites/slots/sourcecontrols/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web App Slot's source control configuration settings", + "displayName": "Delete Web App Slot Source Control Configuration", + "name": "Microsoft.Web/sites/slots/sourcecontrols/Delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get the properties of a web app's backup", + "displayName": "Get Web App Backup", + "name": "Microsoft.Web/sites/backups/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Web Apps Backups.", + "displayName": "List Web Apps Backups", + "name": "microsoft.web/sites/backups/list/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Restore Web Apps Backups.", + "displayName": "Restore Web Apps Backups", + "name": "microsoft.web/sites/backups/restore/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Backups.", + "displayName": "Delete Web Apps Backups", + "name": "microsoft.web/sites/backups/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Update Web Apps Backups.", + "displayName": "Update Web Apps Backups", + "name": "microsoft.web/sites/backups/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get the properties of a web app slots' backup", + "displayName": "List Web App Slot Backups", + "name": "Microsoft.Web/sites/slots/backups/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Web Apps Slots Backups.", + "displayName": "List Web Apps Slots Backups", + "name": "microsoft.web/sites/slots/backups/list/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Restore Web Apps Slots Backups.", + "displayName": "Restore Web Apps Slots Backups", + "name": "microsoft.web/sites/slots/backups/restore/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Slots Backups.", + "displayName": "Delete Web Apps Slots Backups", + "name": "microsoft.web/sites/slots/backups/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get the list of recommendations for web app.", + "displayName": "Get recommendations for web app", + "name": "Microsoft.Web/sites/recommendations/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Disable Web Apps Recommendations.", + "displayName": "Disable Web Apps Recommendations", + "name": "microsoft.web/sites/recommendations/disable/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Analyze Custom Hostname.", "displayName": "Analyze Custom Hostname", @@ -1153604,6 +1153629,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Backup.", + "displayName": "Update Web Apps Backup", + "name": "microsoft.web/sites/backup/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Continuous Web Jobs.", + "displayName": "Delete Web Apps Continuous Web Jobs", + "name": "microsoft.web/sites/continuouswebjobs/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Continuous Web Jobs.", "displayName": "Get Web Apps Continuous Web Jobs", @@ -1153611,6 +1153650,27 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Start Web Apps Continuous Web Jobs.", + "displayName": "Start Web Apps Continuous Web Jobs", + "name": "microsoft.web/sites/continuouswebjobs/start/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Stop Web Apps Continuous Web Jobs.", + "displayName": "Stop Web Apps Continuous Web Jobs", + "name": "microsoft.web/sites/continuouswebjobs/stop/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Deployments.", + "displayName": "Delete Web Apps Deployments", + "name": "microsoft.web/sites/deployments/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Deployments.", "displayName": "Get Web Apps Deployments", @@ -1153618,6 +1153678,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Deployments.", + "displayName": "Update Web Apps Deployments", + "name": "microsoft.web/sites/deployments/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Deployments Log.", "displayName": "Get Web Apps Deployments Log", @@ -1153709,6 +1153776,41 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Domain Ownership Identifiers.", + "displayName": "Update Web Apps Domain Ownership Identifiers", + "name": "microsoft.web/sites/domainownershipidentifiers/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Domain Ownership Identifiers.", + "displayName": "Delete Web Apps Domain Ownership Identifiers", + "name": "microsoft.web/sites/domainownershipidentifiers/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Functions.", + "displayName": "Delete Web Apps Functions", + "name": "microsoft.web/sites/functions/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Function secrets.", + "displayName": "List Web Apps Functions Secrets", + "name": "microsoft.web/sites/functions/listsecrets/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Function keys.", + "displayName": "List Web Apps Functions Keys", + "name": "microsoft.web/sites/functions/listkeys/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Functions.", "displayName": "Get Web Apps Functions", @@ -1153716,6 +1153818,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Functions.", + "displayName": "Update Web Apps Functions", + "name": "microsoft.web/sites/functions/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Hostname Bindings.", + "displayName": "Delete Web Apps Hostname Bindings", + "name": "microsoft.web/sites/hostnamebindings/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Hostname Bindings.", "displayName": "Get Web Apps Hostname Bindings", @@ -1153723,6 +1153839,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Hostname Bindings.", + "displayName": "Update Web Apps Hostname Bindings", + "name": "microsoft.web/sites/hostnamebindings/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Hybrid Connection.", + "displayName": "Delete Web Apps Hybrid Connection", + "name": "microsoft.web/sites/hybridconnection/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Hybrid Connection.", "displayName": "Get Web Apps Hybrid Connection", @@ -1153730,6 +1153860,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Hybrid Connection.", + "displayName": "Update Web Apps Hybrid Connection", + "name": "microsoft.web/sites/hybridconnection/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Hybrid Connection Relays.", "displayName": "Get Web Apps Hybrid Connection Relays", @@ -1153744,6 +1153881,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Instances Deployments.", + "displayName": "Delete Web Apps Instances Deployments", + "name": "microsoft.web/sites/instances/deployments/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Instances Processes.", + "displayName": "Delete Web Apps Instances Processes", + "name": "microsoft.web/sites/instances/processes/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Instances Processes.", "displayName": "Get Web Apps Instances Processes", @@ -1153751,6 +1153902,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Stop Web Apps Instances Processes.", + "displayName": "Stop Web Apps Instances Processes", + "name": "microsoft.web/sites/instances/processes/stop/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Instances.", "displayName": "Get Web Apps Instances", @@ -1153786,6 +1153944,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Premier Addons.", + "displayName": "Delete Web Apps Premier Addons", + "name": "microsoft.web/sites/premieraddons/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Premier Addons.", "displayName": "Get Web Apps Premier Addons", @@ -1153793,6 +1153958,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Premier Addons.", + "displayName": "Update Web Apps Premier Addons", + "name": "microsoft.web/sites/premieraddons/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Publishing XML.", "displayName": "Get Web Apps Publishing XML", @@ -1153814,6 +1153986,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Restore Web Apps.", + "displayName": "Restore Web Apps", + "name": "microsoft.web/sites/restore/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Analyze Custom Hostname.", "displayName": "Get Web Apps Slots Analyze Custom Hostname", @@ -1153821,6 +1154000,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Slots Backup.", + "displayName": "Update Web Apps Slots Backup", + "name": "microsoft.web/sites/slots/backup/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Backup.", "displayName": "Get Web Apps Slots Backup", @@ -1153828,6 +1154014,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Slots Continuous Web Jobs.", + "displayName": "Delete Web Apps Slots Continuous Web Jobs", + "name": "microsoft.web/sites/slots/continuouswebjobs/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Continuous Web Jobs.", "displayName": "Get Web Apps Slots Continuous Web Jobs", @@ -1153835,6 +1154028,27 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Start Web Apps Slots Continuous Web Jobs.", + "displayName": "Start Web Apps Slots Continuous Web Jobs", + "name": "microsoft.web/sites/slots/continuouswebjobs/start/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Stop Web Apps Slots Continuous Web Jobs.", + "displayName": "Stop Web Apps Slots Continuous Web Jobs", + "name": "microsoft.web/sites/slots/continuouswebjobs/stop/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Slots Deployments.", + "displayName": "Delete Web Apps Slots Deployments", + "name": "microsoft.web/sites/slots/deployments/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Deployments.", "displayName": "Get Web Apps Slots Deployments", @@ -1153842,6 +1154056,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Slots Deployments.", + "displayName": "Update Web Apps Slots Deployments", + "name": "microsoft.web/sites/slots/deployments/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Deployments Log.", "displayName": "Get Web Apps Slots Deployments Log", @@ -1153849,6 +1154070,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Slots Hostname Bindings.", + "displayName": "Delete Web Apps Slots Hostname Bindings", + "name": "microsoft.web/sites/slots/hostnamebindings/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Hostname Bindings.", "displayName": "Get Web Apps Slots Hostname Bindings", @@ -1153856,6 +1154084,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Slots Hostname Bindings.", + "displayName": "Update Web Apps Slots Hostname Bindings", + "name": "microsoft.web/sites/slots/hostnamebindings/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Slots Hybrid Connection.", + "displayName": "Delete Web Apps Slots Hybrid Connection", + "name": "microsoft.web/sites/slots/hybridconnection/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Hybrid Connection.", "displayName": "Get Web Apps Slots Hybrid Connection", @@ -1153863,6 +1154105,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Slots Hybrid Connection.", + "displayName": "Update Web Apps Slots Hybrid Connection", + "name": "microsoft.web/sites/slots/hybridconnection/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Instances Deployments.", "displayName": "Get Web Apps Slots Instances Deployments", @@ -1153877,6 +1154126,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Stop Web Apps Slots Instances Processes.", + "displayName": "Stop Web Apps Slots Instances Processes", + "name": "microsoft.web/sites/slots/instances/processes/stop/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Slots Instances Processes.", + "displayName": "Delete Web Apps Slots Instances Processes", + "name": "microsoft.web/sites/slots/instances/processes/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Instances.", "displayName": "Get Web Apps Slots Instances", @@ -1153912,6 +1154175,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Slots Premier Addons.", + "displayName": "Delete Web Apps Slots Premier Addons", + "name": "microsoft.web/sites/slots/premieraddons/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Premier Addons.", "displayName": "Get Web Apps Slots Premier Addons", @@ -1153919,6 +1154189,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Slots Premier Addons.", + "displayName": "Update Web Apps Slots Premier Addons", + "name": "microsoft.web/sites/slots/premieraddons/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Restore.", "displayName": "Get Web Apps Slots Restore", @@ -1153926,6 +1154203,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Restore Web Apps Slots.", + "displayName": "Restore Web Apps Slots", + "name": "microsoft.web/sites/slots/restore/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Slots Triggered WebJobs.", + "displayName": "Delete Web Apps Slots Triggered WebJobs", + "name": "microsoft.web/sites/slots/triggeredwebjobs/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Triggered WebJobs.", "displayName": "Get Web Apps Slots Triggered WebJobs", @@ -1153933,6 +1154224,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Run Web Apps Slots Triggered WebJobs.", + "displayName": "Run Web Apps Slots Triggered WebJobs", + "name": "microsoft.web/sites/slots/triggeredwebjobs/run/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Usages.", "displayName": "Get Web Apps Slots Usages", @@ -1153940,6 +1154238,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Slots Virtual Network Connections.", + "displayName": "Delete Web Apps Slots Virtual Network Connections", + "name": "microsoft.web/sites/slots/virtualnetworkconnections/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Virtual Network Connections.", "displayName": "Get Web Apps Slots Virtual Network Connections", @@ -1153947,6 +1154252,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Slots Virtual Network Connections.", + "displayName": "Update Web Apps Slots Virtual Network Connections", + "name": "microsoft.web/sites/slots/virtualnetworkconnections/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Update Web Apps Slots Virtual Network Connections Gateways.", + "displayName": "Update Web Apps Slots Virtual Network Connections Gateways", + "name": "microsoft.web/sites/slots/virtualnetworkconnections/gateways/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots WebJobs.", "displayName": "Get Web Apps Slots WebJobs", @@ -1153961,6 +1154280,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Triggered WebJobs.", + "displayName": "Delete Web Apps Triggered WebJobs", + "name": "microsoft.web/sites/triggeredwebjobs/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Triggered WebJobs.", "displayName": "Get Web Apps Triggered WebJobs", @@ -1153968,6 +1154294,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Run Web Apps Triggered WebJobs.", + "displayName": "Run Web Apps Triggered WebJobs", + "name": "microsoft.web/sites/triggeredwebjobs/run/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Usages.", "displayName": "Get Web Apps Usages", @@ -1153975,6 +1154308,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Virtual Network Connections.", + "displayName": "Delete Web Apps Virtual Network Connections", + "name": "microsoft.web/sites/virtualnetworkconnections/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Virtual Network Connections.", "displayName": "Get Web Apps Virtual Network Connections", @@ -1153982,6 +1154322,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Virtual Network Connections.", + "displayName": "Update Web Apps Virtual Network Connections", + "name": "microsoft.web/sites/virtualnetworkconnections/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Virtual Network Connections Gateways.", "displayName": "Get Web Apps Virtual Network Connections Gateways", @@ -1153989,6 +1154336,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Virtual Network Connections Gateways.", + "displayName": "Update Web Apps Virtual Network Connections Gateways", + "name": "microsoft.web/sites/virtualnetworkconnections/gateways/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps WebJobs.", "displayName": "Get Web Apps WebJobs", @@ -1153997,23 +1154351,23 @@ "providerName": "microsoft.web" }, { - "description": "Get SKUs.", - "displayName": "Get SKUs", - "name": "microsoft.web/skus/read", + "description": "Delete Web Apps Hybrid Connection Namespaces Relays.", + "displayName": "Delete Web Apps Hybrid Connection Namespaces Relays", + "name": "microsoft.web/sites/hybridconnectionnamespaces/relays/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Source Controls.", - "displayName": "Get Source Controls", - "name": "microsoft.web/sourcecontrols/read", + "description": "List Keys Web Apps Hybrid Connection Namespaces Relays.", + "displayName": "List Keys Web Apps Hybrid Connection Namespaces Relays", + "name": "microsoft.web/sites/hybridconnectionnamespaces/relays/listkeys/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Hybrid Connection Namespaces Relays.", - "displayName": "Get App Service Plans Hybrid Connection Namespaces Relays", - "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/read", + "description": "Update Web Apps Hybrid Connection Namespaces Relays.", + "displayName": "Update Web Apps Hybrid Connection Namespaces Relays", + "name": "microsoft.web/sites/hybridconnectionnamespaces/relays/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1154039,9 +1154393,9 @@ "providerName": "microsoft.web" }, { - "description": "Get the properties of a Deleted Web App", - "displayName": "Get Deleted Web App", - "name": "Microsoft.Web/deletedSites/Read", + "description": "Delete Web Apps Site Extensions.", + "displayName": "Delete Web Apps Site Extensions", + "name": "microsoft.web/sites/siteextensions/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1154052,6 +1154406,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Site Extensions.", + "displayName": "Update Web Apps Site Extensions", + "name": "microsoft.web/sites/siteextensions/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Hybrid Connection Relays.", "displayName": "Get Web Apps Slots Hybrid Connection Relays", @@ -1154059,6 +1154420,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Slots Site Extensions.", + "displayName": "Delete Web Apps Slots Site Extensions", + "name": "microsoft.web/sites/slots/siteextensions/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Site Extensions.", "displayName": "Get Web Apps Slots Site Extensions", @@ -1154066,6 +1154434,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Slots Site Extensions.", + "displayName": "Update Web Apps Slots Site Extensions", + "name": "microsoft.web/sites/slots/siteextensions/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Snapshots.", "displayName": "Get Web Apps Slots Snapshots", @@ -1154179,79 +1154554,51 @@ "providerName": "microsoft.web" }, { - "description": "Get Web Apps Slots Operations.", - "displayName": "Get Web Apps Slots Operations", - "name": "microsoft.web/sites/slots/operations/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web Apps Slots Performance Counters.", - "displayName": "Get Web Apps Slots Performance Counters", - "name": "microsoft.web/sites/slots/perfcounters/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web Apps Slots Resource Health Metadata.", - "displayName": "Get Web Apps Slots Resource Health Metadata", - "name": "microsoft.web/sites/slots/resourcehealthmetadata/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Api Management Accounts Apiacls.", - "displayName": "Get Api Management Accounts Apiacls", - "name": "microsoft.web/apimanagementaccounts/apiacls/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Api Management Accounts APIs Connections.", - "displayName": "Get Api Management Accounts APIs Connections", - "name": "microsoft.web/apimanagementaccounts/apis/connections/read", + "description": "Update Web App Slots Domain Ownership Identifiers.", + "displayName": "Update Web App Slots Domain Ownership Identifiers", + "name": "microsoft.web/sites/slots/domainownershipidentifiers/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Api Management Accounts APIs.", - "displayName": "Get Api Management Accounts APIs", - "name": "microsoft.web/apimanagementaccounts/apis/read", + "description": "Delete Web App Slots Domain Ownership Identifiers.", + "displayName": "Delete Web App Slots Ownership Identifiers", + "name": "microsoft.web/sites/slots/domainownershipidentifiers/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Api Management Accounts Connectionacls.", - "displayName": "Get Api Management Accounts Connectionacls", - "name": "microsoft.web/apimanagementaccounts/connectionacls/read", + "description": "Delete Web Apps Slots Hybrid Connection Namespaces Relays.", + "displayName": "Delete Web Apps Slots Hybrid Connection Namespaces Relays", + "name": "microsoft.web/sites/slots/hybridconnectionnamespaces/relays/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Api Management Accounts APIs Apiacls.", - "displayName": "Get Api Management Accounts APIs Apiacls", - "name": "microsoft.web/apimanagementaccounts/apis/apiacls/read", + "description": "Update Web Apps Slots Hybrid Connection Namespaces Relays.", + "displayName": "Update Web Apps Slots Hybrid Connection Namespaces Relays", + "name": "microsoft.web/sites/slots/hybridconnectionnamespaces/relays/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Api Management Accounts APIs Connectionacls.", - "displayName": "Get Api Management Accounts APIs Connectionacls", - "name": "microsoft.web/apimanagementaccounts/apis/connectionacls/read", + "description": "Get Web Apps Slots Operations.", + "displayName": "Get Web Apps Slots Operations", + "name": "microsoft.web/sites/slots/operations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Api Management Accounts APIs Connections Connectionacls.", - "displayName": "Get Api Management Accounts APIs Connections Connectionacls", - "name": "microsoft.web/apimanagementaccounts/apis/connections/connectionacls/read", + "description": "Get Web Apps Slots Performance Counters.", + "displayName": "Get Web Apps Slots Performance Counters", + "name": "microsoft.web/sites/slots/perfcounters/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Api Management Accounts APIs Localized Definitions.", - "displayName": "Get Api Management Accounts APIs Localized Definitions", - "name": "microsoft.web/apimanagementaccounts/apis/localizeddefinitions/read", + "description": "Get Web Apps Slots Resource Health Metadata.", + "displayName": "Get Web Apps Slots Resource Health Metadata", + "name": "microsoft.web/sites/slots/resourcehealthmetadata/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1154353,6 +1154700,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Public Certificates.", + "displayName": "Delete Web Apps Public Certificates", + "name": "microsoft.web/sites/publiccertificates/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Public Certificates.", "displayName": "Get Web Apps Public Certificates", @@ -1154360,6 +1154714,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Public Certificates.", + "displayName": "Update Web Apps Public Certificates", + "name": "microsoft.web/sites/publiccertificates/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Diagnostics Autoheal.", "displayName": "Get Web Apps Diagnostics Autoheal", @@ -1154410,30 +1154771,23 @@ "providerName": "microsoft.web" }, { - "description": "Gets the diagnostic setting for the resource", - "displayName": "Read diagnostic setting", - "name": "microsoft.web/sites/slots/providers/Microsoft.Insights/diagnosticSettings/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Gets the diagnostic setting for the resource", - "displayName": "Read diagnostic setting", - "name": "microsoft.web/serverfarms/providers/Microsoft.Insights/diagnosticSettings/read", + "description": "Creates or updates the diagnostic setting for the resource", + "displayName": "Write diagnostic setting", + "name": "microsoft.web/sites/providers/Microsoft.Insights/diagnosticSettings/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { "description": "Gets the diagnostic setting for the resource", "displayName": "Read diagnostic setting", - "name": "microsoft.web/hostingenvironments/providers/Microsoft.Insights/diagnosticSettings/read", + "name": "microsoft.web/sites/slots/providers/Microsoft.Insights/diagnosticSettings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get list of billing meters.", - "displayName": "Read billing meters", - "name": "microsoft.web/billingmeters/read", + "description": "Creates or updates the diagnostic setting for the resource", + "displayName": "Write diagnostic setting", + "name": "microsoft.web/sites/slots/providers/Microsoft.Insights/diagnosticSettings/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1154451,6 +1154805,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Run Web Apps Diagnostics Detector.", + "displayName": "Run Web Apps Diagnostics Detector", + "name": "microsoft.web/sites/diagnostics/detectors/execute/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Diagnostics Analysis.", "displayName": "Get Web Apps Diagnostics Analysis", @@ -1154458,6 +1154819,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Run Web Apps Diagnostics Analysis.", + "displayName": "Run Web Apps Diagnostics Analysis", + "name": "microsoft.web/sites/diagnostics/analyses/execute/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Diagnostics Analysis.", "displayName": "Get Web Apps Slots Diagnostics Analysis", @@ -1154465,6 +1154833,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Run Web Apps Slots Diagnostics Analysis.", + "displayName": "Run Web Apps Slots Diagnostics Analysis", + "name": "microsoft.web/sites/slots/diagnostics/analyses/execute/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Diagnostics Detector.", "displayName": "Get Web Apps Slots Diagnostics Detector", @@ -1154473,9 +1154848,9 @@ "providerName": "microsoft.web" }, { - "description": "Get Resource Health Metadata.", - "displayName": "Get Resource Health Metadata", - "name": "microsoft.web/resourcehealthmetadata/read", + "description": "Run Web Apps Slots Diagnostics Detector.", + "displayName": "Run Web Apps Slots Diagnostics Detector", + "name": "microsoft.web/sites/slots/diagnostics/detectors/execute/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1154487,16 +1154862,16 @@ "providerName": "microsoft.web" }, { - "description": "Get the network endpoints of all inbound dependencies.", - "displayName": "Get the network endpoints of all inbound dependencies", - "name": "microsoft.web/hostingenvironments/inboundnetworkdependenciesendpoints/read", + "description": "Create or Update Web Apps Slots Public Certificates.", + "displayName": "Write Web Apps Slots Public Certificates", + "name": "microsoft.web/sites/slots/publiccertificates/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the network endpoints of all outbound dependencies.", - "displayName": "Get the network endpoints of all outbound dependencies", - "name": "microsoft.web/hostingenvironments/outboundnetworkdependenciesendpoints/read", + "description": "Delete Web Apps Slots Public Certificates.", + "displayName": "Delete Web Apps Slots Public Certificates", + "name": "microsoft.web/sites/slots/publiccertificates/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1154514,13 +1154889,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Get Hosting Environments Detectors.", - "displayName": "Get Hosting Environments Detectors", - "name": "microsoft.web/hostingenvironments/detectors/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Detectors.", "displayName": "Get Web Apps Detectors", @@ -1154528,13 +1154896,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Gets the available metrics for App Service Plan", - "displayName": "Read App Service Plan metric definitions", - "name": "Microsoft.Web/serverfarms/providers/Microsoft.Insights/metricDefinitions/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Gets the available metrics for Web App", "displayName": "Read Web App metric definitions", @@ -1154549,20 +1154910,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Gets the available metrics for App Service Environment MultiRole", - "displayName": "Read App Service Environment MultiRole metric definitions", - "name": "Microsoft.Web/hostingEnvironments/multiRolePools/providers/Microsoft.Insights/metricDefinitions/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Gets the available metrics for App Service Environment WorkerPool", - "displayName": "Read App Service Environment WorkerPool metric definitions", - "name": "Microsoft.Web/hostingEnvironments/workerPools/providers/Microsoft.Insights/metricDefinitions/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Instances Processes Threads.", "displayName": "Get Web Apps Instances Processes Threads", @@ -1154591,6 +1154938,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Perform Function App runtime action like sync triggers, add functions, invoke functions, delete functions etc.", + "displayName": "Perform Function App runtime action", + "name": "Microsoft.Web/sites/hostruntime/host/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Config Snapshots.", "displayName": "Get Web Apps Config Snapshots", @@ -1154598,6 +1154952,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Web Apps List Secrets From Snapshot.", + "displayName": "Web Apps List Secrets From Snapshot", + "name": "microsoft.web/sites/config/snapshots/listsecrets/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Function keys.", + "displayName": "List Web Apps Functions Keys", + "name": "microsoft.web/sites/slots/functions/listkeys/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Functions.", "displayName": "Get Web Apps Slots Functions", @@ -1154605,6 +1154973,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "List Secrets Web Apps Slots Functions.", + "displayName": "List Secrets Web Apps Slots Functions", + "name": "microsoft.web/sites/slots/functions/listsecrets/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Download Web Apps Container Logs.", + "displayName": "Download Web Apps Container Logs", + "name": "microsoft.web/sites/containerlogs/download/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Hostruntime Functions Keys.", "displayName": "Get Web Apps Hostruntime Functions Keys", @@ -1154626,6 +1155008,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Download Web Apps Slots Container Logs.", + "displayName": "Download Web Apps Slots Container Logs", + "name": "microsoft.web/sites/slots/containerlogs/download/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Processes.", "displayName": "Get Web Apps Slots Processes", @@ -1154661,6 +1155050,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Site Extensions.", + "displayName": "Delete Web Apps Site Extensions", + "name": "microsoft.web/sites/extensions/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Site Extensions.", "displayName": "Get Web Apps Site Extensions", @@ -1154668,6 +1155064,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Site Extensions.", + "displayName": "Update Web Apps Site Extensions", + "name": "microsoft.web/sites/extensions/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Invoke App Service Extensions APIs.", + "displayName": "Invoke App Service Extensions APIs", + "name": "microsoft.web/sites/extensions/api/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Instances Extensions.", "displayName": "Get Web Apps Instances Extensions", @@ -1154689,13 +1155099,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Read hosting environments log definitions", - "displayName": "Read hosting environments log definitions", - "name": "microsoft.web/hostingenvironments/providers/Microsoft.Insights/logDefinitions/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Read Private Endpoint Connection Proxies", "displayName": "Read Private Endpoint Connection Proxies", @@ -1154704,37 +1155107,37 @@ "providerName": "microsoft.web" }, { - "description": "Read Private Endpoint Connection Proxies", - "displayName": "Read Private Endpoint Connection Proxies", - "name": "Microsoft.Web/hostingEnvironments/privateEndpointConnectionProxies/Read", + "description": "Create or Update Private Endpoint Connection Proxies", + "displayName": "Create or Update Private Endpoint Connection Proxies", + "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/Write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Read Private Endpoint Connection Proxy Operations", - "displayName": "Read Private Endpoint Connection Proxy Operations", - "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/operations/Read", + "description": "Delete Private Endpoint Connection Proxies", + "displayName": "Delete Private Endpoint Connection Proxies", + "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/Delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Read Private Endpoint Connection Proxy Operations", - "displayName": "Read Private Endpoint Connection Proxy Operations", - "name": "Microsoft.Web/hostingEnvironments/privateEndpointConnectionProxies/operations/Read", + "description": "Validate Private Endpoint Connection Proxies", + "displayName": "Validate Private Endpoint Connection Proxies", + "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/validate/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Operations.", - "displayName": "Get Operations", - "name": "microsoft.web/locations/operationResults/read", + "description": "Read Private Endpoint Connection Proxy Operations", + "displayName": "Read Private Endpoint Connection Proxy Operations", + "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/operations/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Operations.", - "displayName": "Get Operations", - "name": "microsoft.web/locations/operations/read", + "description": "Delete Event Grid Filter on web app.", + "displayName": "Delete Event Grid Filter on web app", + "name": "Microsoft.Web/sites/eventGridFilters/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1154746,289 +1155149,289 @@ "providerName": "microsoft.web" }, { - "description": "Get Event Grid Filter on server farm.", - "displayName": "Get Event Grid Filter on server farm", - "name": "Microsoft.Web/serverfarms/eventGridFilters/read", + "description": "Put Event Grid Filter on web app.", + "displayName": "Put Event Grid Filter on web app", + "name": "Microsoft.Web/sites/eventGridFilters/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Event Grid Filter on hosting environment.", - "displayName": "Get Event Grid Filter on hosting environment", - "name": "Microsoft.Web/hostingEnvironments/eventGridFilters/read", + "description": "Update Function keys.", + "displayName": "Update Web Apps Functions Keys", + "name": "microsoft.web/sites/functions/keys/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web Apps Slots Extensions.", - "displayName": "Get Web Apps Slots Extensions", - "name": "microsoft.web/sites/slots/extensions/read", + "description": "Delete Function keys.", + "displayName": "Delete Web Apps Functions Keys", + "name": "microsoft.web/sites/functions/keys/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the health details of an App Service Environment.", - "displayName": "Get the health details of an App Service Environment", - "name": "microsoft.web/hostingenvironments/health/read", + "description": "List Functions Host keys.", + "displayName": "List Web Apps Functions Host Keys", + "name": "microsoft.web/sites/host/listkeys/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of a Static Site", - "displayName": "Get Static Site", - "name": "Microsoft.Web/staticSites/Read", + "description": "Sync Function Triggers.", + "displayName": "Sync Web Apps Function Triggers", + "name": "microsoft.web/sites/host/sync/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List the custom domains for a Static Site", - "displayName": "List Static Site Custom Domains", - "name": "Microsoft.Web/staticSites/customdomains/Read", + "description": "List Sync Function Triggers Status.", + "displayName": "List Web Apps Sync Function Triggers Status", + "name": "microsoft.web/sites/host/listsyncstatus/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get a build for a Static Site", - "displayName": "Get Static Site Build", - "name": "Microsoft.Web/staticSites/build/Read", + "description": "Update Functions Host Function keys.", + "displayName": "Update Web Apps Functions Host Function Keys", + "name": "microsoft.web/sites/host/functionkeys/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List the functions for a Static Site", - "displayName": "List Static Site Functions", - "name": "Microsoft.Web/staticSites/functions/Read", + "description": "Delete Functions Host Function keys.", + "displayName": "Delete Web Apps Functions Host Function Keys", + "name": "microsoft.web/sites/host/functionkeys/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Network Configuration.", - "displayName": "Get App Service Network Configuration", - "name": "microsoft.web/sites/networkConfig/read", + "description": "Update Functions Host System keys.", + "displayName": "Update Web Apps Functions Host System Keys", + "name": "microsoft.web/sites/host/systemkeys/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List which publishing methods are allowed for a Web App", - "displayName": "List Web App Publishing Credentials Policies", - "name": "Microsoft.Web/sites/basicPublishingCredentialsPolicies/Read", + "description": "Delete Functions Host System keys.", + "displayName": "Delete Web Apps Functions Host System Keys", + "name": "microsoft.web/sites/host/systemkeys/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List which publishing credentials are allowed for a Web App Slot", - "displayName": "List Web App Slot Publishing Credentials Policies", - "name": "Microsoft.Web/sites/slots/basicPublishingCredentialsPolicies/Read", + "description": "Get Web Apps Slots Extensions.", + "displayName": "Get Web Apps Slots Extensions", + "name": "microsoft.web/sites/slots/extensions/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get a Private Endpoint Connection or the list of Private Endpoint Connections.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Web/sites/privateEndpointConnections/Read", + "description": "Update Web Apps Slots Extensions.", + "displayName": "Update Web Apps Slots Extensions", + "name": "microsoft.web/sites/slots/extensions/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Private Link Resources.", - "displayName": "Get Private Link Resources", - "name": "Microsoft.Web/sites/privateLinkResources/Read", + "description": "Invoke App Service Slots Extensions APIs.", + "displayName": "Invoke App Service Slots Extensions APIs.", + "name": "microsoft.web/sites/slots/extensions/api/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Gets the available metrics for Static Site", - "displayName": "Read Static Site metric definitions", - "name": "Microsoft.Web/staticSites/providers/Microsoft.Insights/metricDefinitions/Read", + "description": "Update Function keys.", + "displayName": "Update Web Apps Functions Keys", + "name": "microsoft.web/sites/slots/functions/keys/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Private Endpoint Connection Proxies for a Static Site", - "displayName": "Get Private Endpoint Connection Proxies", - "name": "Microsoft.Web/staticSites/privateEndpointConnectionProxies/Read", + "description": "Delete Function keys.", + "displayName": "Delete Web Apps Functions Keys", + "name": "microsoft.web/sites/slots/functions/keys/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Read Private Endpoint Connection Proxy Operations for a Static Site", - "displayName": "Read Private Endpoint Connection Proxy Operations", - "name": "Microsoft.Web/staticSites/privateEndpointConnectionProxies/operations/Read", + "description": "List Functions Host keys.", + "displayName": "List Web Apps Functions Host Keys", + "name": "microsoft.web/sites/slots/host/listkeys/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get a private endpoint connection or the list of private endpoint connections for a static site", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Web/staticSites/privateEndpointConnections/Read", + "description": "Sync Function Triggers.", + "displayName": "Sync Web Apps Function Triggers", + "name": "microsoft.web/sites/slots/host/sync/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Private Link Resources", - "displayName": "Get Private Link Resources", - "name": "Microsoft.Web/staticSites/privateLinkResources/Read", + "description": "Update Functions Host Function keys.", + "displayName": "Update Web Apps Functions Host Function Keys", + "name": "microsoft.web/sites/slots/host/functionkeys/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get a private endpoint connection or the list of private endpoint connections.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Web/hostingEnvironments/privateEndpointConnections/Read", + "description": "Delete Functions Host Function keys.", + "displayName": "Delete Web Apps Functions Host Function Keys", + "name": "microsoft.web/sites/slots/host/functionkeys/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Private Link Resources.", - "displayName": "Get Private Link Resources", - "name": "Microsoft.Web/hostingEnvironments/privateLinkResources/Read", + "description": "Update Functions Host System keys.", + "displayName": "Update Web Apps Functions Host System Keys", + "name": "microsoft.web/sites/slots/host/systemkeys/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of a Kubernetes Environment", - "displayName": "Get Kubernetes Environment", - "name": "Microsoft.Web/kubeEnvironments/read", + "description": "Delete Functions Host System keys.", + "displayName": "Delete Web Apps Functions Host System Keys", + "name": "microsoft.web/sites/slots/host/systemkeys/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the operations for a Kubernetes Environment", - "displayName": "Get Kubernetes Environment Operations", - "name": "Microsoft.Web/kubeEnvironments/operations/read", + "description": "Get App Service Network Configuration.", + "displayName": "Get App Service Network Configuration", + "name": "microsoft.web/sites/networkConfig/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get networking configuration of an App Service Environment", - "displayName": "Get Networking Configuration", - "name": "Microsoft.Web/hostingEnvironments/configurations/networking/Read", + "description": "Update App Service Network Configuration.", + "displayName": "Update App Service Network Configuration", + "name": "microsoft.web/sites/networkConfig/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Static Site User Provided Function Apps", - "displayName": "Get Static Site User Provided Function Apps", - "name": "Microsoft.Web/staticSites/userProvidedFunctionApps/Read", + "description": "Delete App Service Network Configuration.", + "displayName": "Delete App Service Network Configuration", + "name": "microsoft.web/sites/networkConfig/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Static Site Build User Provided Function Apps", - "displayName": "Get Static Site Build User Provided Function Apps", - "name": "Microsoft.Web/staticSites/builds/userProvidedFunctionApps/Read", + "description": "List which publishing methods are allowed for a Web App", + "displayName": "List Web App Publishing Credentials Policies", + "name": "Microsoft.Web/sites/basicPublishingCredentialsPolicies/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Slots Config Snapshots.", - "displayName": "Get Web App Slots Config Snapshots", - "name": "microsoft.web/sites/slots/config/snapshots/read", + "description": "List which publishing methods are allowed for a Web App", + "displayName": "List Web App Publishing Credentials Policies", + "name": "Microsoft.Web/sites/basicPublishingCredentialsPolicies/Write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Gets the available metrics for App Service Environment", - "displayName": "Read App Service Environment metric definitions", - "name": "Microsoft.Web/hostingEnvironments/providers/Microsoft.Insights/metricDefinitions/Read", + "description": "List which publishing credentials are allowed for a Web App Slot", + "displayName": "List Web App Slot Publishing Credentials Policies", + "name": "Microsoft.Web/sites/slots/basicPublishingCredentialsPolicies/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List the functions for a Static Site Build", - "displayName": "List Static Site Build Functions", - "name": "Microsoft.Web/staticSites/builds/functions/Read", + "description": "List which publishing credentials are allowed for a Web App Slot", + "displayName": "List Web App Slot Publishing Credentials Policies", + "name": "Microsoft.Web/sites/slots/basicPublishingCredentialsPolicies/Write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties for a Worker App", - "displayName": "Get Worker App", - "name": "Microsoft.Web/workerApps/read", + "description": "Approve or Reject a private endpoint connection.", + "displayName": "Approve or Reject Private Endpoint Connection", + "name": "Microsoft.Web/sites/privateEndpointConnections/Write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the results of a Worker App operation", - "displayName": "Get Worker App Operation", - "name": "Microsoft.Web/workerApps/operationResults/read", + "description": "Get a Private Endpoint Connection or the list of Private Endpoint Connections.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Web/sites/privateEndpointConnections/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Slots Network Configuration.", - "displayName": "Get App Service Slots Network Configuration", - "name": "microsoft.web/sites/slots/networkConfig/read", + "description": "Delete a Private Endpoint Connection.", + "displayName": "Delete Private Endpoint Connection", + "name": "Microsoft.Web/sites/privateEndpointConnections/Delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Gets the available metrics for API Connections", - "displayName": "Read API Connections metric definitions", - "name": "Microsoft.Web/connections/providers/Microsoft.Insights/metricDefinitions/Read", + "description": "Get Private Link Resources.", + "displayName": "Get Private Link Resources", + "name": "Microsoft.Web/sites/privateLinkResources/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties for a Container App", - "displayName": "Get container App", - "name": "Microsoft.Web/containerApps/read", + "description": "Get Web App Slots Config Snapshots.", + "displayName": "Get Web App Slots Config Snapshots", + "name": "microsoft.web/sites/slots/config/snapshots/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the results of a Container App operation", - "displayName": "Get Container App Operation", - "name": "Microsoft.Web/containerApps/operationResults/read", + "description": "Web Apps List Slot Secrets From Snapshot.", + "displayName": "Web Apps List Slot Secrets From Snapshot", + "name": "microsoft.web/sites/slots/config/snapshots/listsecrets/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get a Container App Revision", - "displayName": "Get Container App Revision", - "name": "Microsoft.Web/containerApps/revisions/read", + "description": "Get App Service Slots Network Configuration.", + "displayName": "Get App Service Slots Network Configuration", + "name": "microsoft.web/sites/slots/networkConfig/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get a Container App Source Control", - "displayName": "Get Container App Source Control", - "name": "Microsoft.Web/containerApps/sourcecontrols/read", + "description": "Update App Service Slots Network Configuration.", + "displayName": "Update App Service Slots Network Configuration", + "name": "microsoft.web/sites/slots/networkConfig/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web Apps Hostruntime Workflow Triggers.", - "displayName": "List Web Apps Hostruntime Workflow Triggers", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/read", + "description": "Delete App Service Slots Network Configuration.", + "displayName": "Delete App Service Slots Network Configuration", + "name": "microsoft.web/sites/slots/networkConfig/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web Apps Hostruntime Workflow Runs.", - "displayName": "List Web Apps Hostruntime Workflow Runs", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/runs/read", + "description": "List Web Apps Hostruntime Workflow Triggers.", + "displayName": "List Web Apps Hostruntime Workflow Triggers", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get info about custom hostnames under subscription.", - "displayName": "Get custom hostnames under subscription", - "name": "Microsoft.Web/customhostnameSites/Read", + "description": "Get Web Apps Hostruntime Workflow Trigger Uri.", + "displayName": "Get Web Apps Hostruntime Workflow Trigger Uri", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the list of recommendations for App Service Plan.", - "displayName": "Get recommendations for App Service Plan", - "name": "Microsoft.Web/serverfarms/recommendations/Read", + "description": "Run Web Apps Hostruntime Workflow Trigger.", + "displayName": "Run Web Apps Hostruntime Workflow Trigger", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/run/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of a Deleted Web App at location", - "displayName": "Get Deleted Web App at location", - "name": "Microsoft.Web/locations/deletedSites/Read", + "description": "List Web Apps Hostruntime Workflow Runs.", + "displayName": "List Web Apps Hostruntime Workflow Runs", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/runs/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1155040,114 +1155443,107 @@ "providerName": "microsoft.web" }, { - "description": "Get Static Site Linked Backends", - "displayName": "Get Static Site Linked Backends", - "name": "Microsoft.Web/staticSites/linkedBackends/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Static Site Build Linked Backends", - "displayName": "Get Static Site Build Linked Backends", - "name": "Microsoft.Web/staticSites/builds/linkedBackends/Read", + "description": "Get Web App settings.", + "displayName": "Get Web App settings", + "name": "microsoft.web/sites/config/appsettings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Certificates Operation Results.", - "displayName": "Get Certificates Operation Results", - "name": "microsoft.web/certificates/operationresults/read", + "description": "Get Web App Features.", + "displayName": "Get Web App Network Features", + "name": "microsoft.web/sites/networkfeatures/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Function App Stacks.", - "displayName": "Get Function App Stacks", - "name": "microsoft.web/functionappstacks/read", + "description": "Get Web App Slot Features.", + "displayName": "Get Web App Slot Network Features", + "name": "microsoft.web/sites/slots/networkfeatures/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Function App Stacks for location.", - "displayName": "Get Function App Stacks for location", - "name": "microsoft.web/locations/functionappstacks/read", + "description": "Get Web App Slot settings.", + "displayName": "Get Web App Slot settings", + "name": "microsoft.web/sites/slots/config/appsettings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Hosting Environment Configurations.", - "displayName": "Get Hosting Environment Configurations", - "name": "microsoft.web/hostingenvironments/configurations/read", + "description": "Create or Update Web App Slot's Single App setting", + "displayName": "Create or Update Web App Slot's Single App setting", + "name": "microsoft.web/sites/slots/config/appsettings/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get first party Azure Key vault referenced settings for App Service Plan.", - "displayName": "Get App Service Plan Key Vault first party settings", - "name": "microsoft.web/serverfarms/firstpartyapps/keyvaultsettings/read", + "description": "Get Web App Single App setting.", + "displayName": "Get Web App Single App setting", + "name": "microsoft.web/sites/config/web/appsettings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Stacks.", - "displayName": "Get Web App Stacks", - "name": "microsoft.web/webappstacks/read", + "description": "Create or Update Web App Single App setting", + "displayName": "Create or Update Web App Single App setting", + "name": "microsoft.web/sites/config/web/appsettings/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Stacks for location.", - "displayName": "Get Web App Stacks for location", - "name": "microsoft.web/locations/webappstacks/read", + "description": "Delete Web Apps App Setting", + "displayName": "Delete Web Apps App Setting", + "name": "microsoft.web/sites/config/web/appsettings/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App settings.", - "displayName": "Get Web App settings", - "name": "microsoft.web/sites/config/appsettings/read", + "description": "Delete Web App Slot's App Setting", + "displayName": "Delete Web App Slot's App Setting", + "name": "microsoft.web/sites/slots/config/web/appsettings/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Features.", - "displayName": "Get Web App Network Features", - "name": "microsoft.web/sites/networkfeatures/read", + "description": "Get Web App single connectionstring", + "displayName": "Get Web App single connection string", + "name": "microsoft.web/sites/config/web/connectionstrings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Slot Features.", - "displayName": "Get Web App Slot Network Features", - "name": "microsoft.web/sites/slots/networkfeatures/read", + "description": "Get Web App single App setting.", + "displayName": "Create or Update Web App single sonnection string", + "name": "microsoft.web/sites/config/web/connectionstrings/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Slot settings.", - "displayName": "Get Web App Slot settings", - "name": "microsoft.web/sites/slots/config/appsettings/read", + "description": "Delete Web App single connection string", + "displayName": "Delete Web App single connection string", + "name": "microsoft.web/sites/config/web/connectionstrings/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Single App setting.", - "displayName": "Get Web App Single App setting", - "name": "microsoft.web/sites/config/web/appsettings/read", + "description": "Get Web App Slot's single connection string", + "displayName": "Get Web App Slot's single connection string", + "name": "microsoft.web/sites/slots/config/web/connectionstrings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App single connectionstring", - "displayName": "Get Web App single connection string", - "name": "microsoft.web/sites/config/web/connectionstrings/read", + "description": "Create or Update Web App Slot's single sonnection string", + "displayName": "Create or Update Web App Slot's single sonnection string", + "name": "microsoft.web/sites/slots/config/web/connectionstrings/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Slot's single connection string", - "displayName": "Get Web App Slot's single connection string", - "name": "microsoft.web/sites/slots/config/web/connectionstrings/read", + "description": "Delete Web App slot's single connection string", + "displayName": "Delete Web App slot's single connection string", + "name": "microsoft.web/sites/slots/config/web/connectionstrings/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1155180,23 +1155576,9 @@ "providerName": "microsoft.web" }, { - "description": "Get Static Site Database Connection", - "displayName": "Get Static Site Database Connections", - "name": "Microsoft.Web/staticSites/databaseConnections/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Static Site Build Database Connections", - "displayName": "Get Static Site Build Database Connections", - "name": "Microsoft.Web/staticSites/builds/databaseConnections/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Lists free trial static web apps.", - "displayName": "List free trial static web apps", - "name": "Microsoft.Web/freeTrialStaticWebApps/read", + "description": "Create or Update Web App Network Security Perimeter Association Proxies.", + "displayName": "Create or Update Web App Network Security Perimeter Association Proxies", + "name": "Microsoft.Web/Sites/networkSecurityPerimeterAssociationProxies/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1155208,459 +1155590,380 @@ "providerName": "microsoft.web" }, { - "description": "Get Web App Network Security Perimeter Configurations.", - "displayName": "Get Web App Network Security Perimeter Configurations", - "name": "Microsoft.Web/Sites/networkSecurityPerimeterConfigurations/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get the list of certificates.", - "displayName": "Get Certificates", - "name": "Microsoft.Web/certificates/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Add a new certificate or update an existing one.", - "displayName": "Add or Update Certificate", - "name": "Microsoft.Web/certificates/Write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete an existing certificate.", - "displayName": "Delete Certificate", - "name": "Microsoft.Web/certificates/Delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Certificates Operation Results.", - "displayName": "Get Certificates Operation Results", - "name": "microsoft.web/certificates/operationresults/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get the list of Connection Gateways.", - "displayName": "Get Connection Gateways", - "name": "Microsoft.Web/connectionGateways/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Creates or updates a Connection Gateway.", - "displayName": "Add or Update Connection Gateways", - "name": "Microsoft.Web/connectionGateways/Write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Deletes a Connection Gateway.", - "displayName": "Delete Connection Gateway", - "name": "Microsoft.Web/connectionGateways/Delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Moves a Connection Gateway.", - "displayName": "Move Connection Gateway", - "name": "Microsoft.Web/connectionGateways/Move/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Joins a Connection Gateway.", - "displayName": "Join Connection Gateway", - "name": "Microsoft.Web/connectionGateways/Join/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Associates with a Connection Gateway.", - "displayName": "Associate with Connection Gateway", - "name": "Microsoft.Web/connectionGateways/Associate/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Lists status of a Connection Gateway.", - "displayName": "List Connection Gateway Status", - "name": "Microsoft.Web/connectionGateways/ListStatus/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get the list of Connections.", - "displayName": "Get Connections", - "name": "Microsoft.Web/connections/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Creates or updates a Connection.", - "displayName": "Add or Update Connection", - "name": "Microsoft.Web/connections/Write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Deletes a Connection.", - "displayName": "Delete Connection", - "name": "Microsoft.Web/connections/Delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Moves a Connection.", - "displayName": "Move Connection", - "name": "Microsoft.Web/connections/Move/Action", + "description": "Delete Web App Network Security Perimeter Association Proxies.", + "displayName": "Delete Web App Network Security Perimeter Association Proxies", + "name": "Microsoft.Web/Sites/networkSecurityPerimeterAssociationProxies/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Joins a Connection.", - "displayName": "Join Connection", - "name": "Microsoft.Web/connections/Join/Action", + "description": "Get Web App Network Security Perimeter Configurations.", + "displayName": "Get Web App Network Security Perimeter Configurations", + "name": "Microsoft.Web/Sites/networkSecurityPerimeterConfigurations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" - }, + } + ], + "permittedDataActions": [], + "rawPermissions": [ { - "description": "Confirm Connections Consent Code.", - "displayName": "Confirm Connections Consent Code", - "name": "microsoft.web/connections/confirmconsentcode/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, + "actions": [ + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/operations/read", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Support/*", + "Microsoft.Web/*/read", + "Microsoft.Web/certificates/*", + "Microsoft.Web/connectionGateways/*", + "Microsoft.Web/connections/*", + "Microsoft.Web/customApis/*", + "Microsoft.Web/serverFarms/*", + "Microsoft.Web/sites/*" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "You can enable and disable the logic app, resubmit workflow runs, as well as create connections. You can't edit workflows or settings.", + "hasExternal": false, + "hasUnknown": false, + "name": "Logic Apps Standard Operator (Preview)", + "permittedActions": [ { - "description": "List Consent Links for Connections.", - "displayName": "List Consent Links for Connections", - "name": "microsoft.web/connections/listconsentlinks/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Reads the administrators for the subscription.", + "displayName": "Get administrator", + "name": "Microsoft.Authorization/classicAdministrators/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Lists API Connections Keys.", - "displayName": "List API Connections Keys", - "name": "microsoft.web/connections/listConnectionKeys/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about a role assignment.", + "displayName": "Get role assignment", + "name": "Microsoft.Authorization/roleAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Revokes API Connections Keys.", - "displayName": "Revokes API Connections Keys", - "name": "microsoft.web/connections/revokeConnectionKeys/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Lists all the permissions the caller has at a given scope.", + "displayName": "List permissions", + "name": "Microsoft.Authorization/permissions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Dynamic Invoke a Connection.", - "displayName": "Dynamic Invoke Connection.", - "name": "microsoft.web/connections/dynamicInvoke/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets locks at the specified scope.", + "displayName": "Get management locks", + "name": "Microsoft.Authorization/locks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Gets the available metrics for API Connections", - "displayName": "Read API Connections metric definitions", - "name": "Microsoft.Web/connections/providers/Microsoft.Insights/metricDefinitions/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about a role definition.", + "displayName": "Get role definition", + "name": "Microsoft.Authorization/roleDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Get the list of Custom API.", - "displayName": "Get Custom API", - "name": "Microsoft.Web/customApis/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get operations for all resource providers which can be used in role definitions.", + "displayName": "Get operations for resource providers", + "name": "Microsoft.Authorization/providerOperations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Creates or updates a Custom API.", - "displayName": "Add or Update Custom API", - "name": "Microsoft.Web/customApis/Write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about a policy set definition.", + "displayName": "Get policy set definition", + "name": "Microsoft.Authorization/policySetDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Deletes a Custom API.", - "displayName": "Delete Custom API", - "name": "Microsoft.Web/customApis/Delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about a policy definition.", + "displayName": "Get policy definition", + "name": "Microsoft.Authorization/policyDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Moves a Custom API.", - "displayName": "Move Custom API", - "name": "Microsoft.Web/customApis/Move/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about a policy assignment.", + "displayName": "Get policy assignment", + "name": "Microsoft.Authorization/policyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Joins a Custom API.", - "displayName": "Join Custom API", - "name": "Microsoft.Web/customApis/Join/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the list of operations", + "displayName": "Get operations", + "name": "Microsoft.Authorization/operations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Extracts API definition from a WSDL.", - "displayName": "Extract API definition from WSDL", - "name": "Microsoft.Web/customApis/extractApiDefinitionFromWsdl/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the administrator opreation statuses of the subscription.", + "displayName": "Get administrator operation statuses", + "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Lists WSDL interfaces for a Custom API.", - "displayName": "List Custom API WSDL interfaces", - "name": "Microsoft.Web/customApis/listWsdlInterfaces/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about a deny assignment.", + "displayName": "Get deny assignment", + "name": "Microsoft.Authorization/denyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Get the properties on an App Service Plan", - "displayName": "Get App Service Plan", - "name": "Microsoft.Web/serverfarms/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about resource management private link.", + "displayName": "Get Resource Management Private Link", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Create a new App Service Plan or update an existing one", - "displayName": "Create or Update App Service Plan", - "name": "Microsoft.Web/serverfarms/Write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about private endpoint connection proxy.", + "displayName": "Get Private Endpoint Connection Proxy", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Delete an existing App Service Plan", - "displayName": "Delete App Service Plan", - "name": "Microsoft.Web/serverfarms/Delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about private endpoint connection.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Joins an App Service Plan", - "displayName": "Join App Service Plan", - "name": "Microsoft.Web/serverfarms/Join/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about private link association.", + "displayName": "Get Private Link Association", + "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Restart all Web Apps in an App Service Plan", - "displayName": "Restart Web Apps", - "name": "Microsoft.Web/serverfarms/restartSites/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about a policy exemption.", + "displayName": "Get policy exemption", + "name": "Microsoft.Authorization/policyExemptions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Get App Service Plans Capabilities.", - "displayName": "Get App Service Plans Capabilities", - "name": "microsoft.web/serverfarms/capabilities/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the role assignment schedule requests at given scope.", + "displayName": "Get Role assignment schedule request", + "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Delete App Service Plans First Party Apps Settings.", - "displayName": "Delete App Service Plans First Party Apps Settings", - "name": "microsoft.web/serverfarms/firstpartyapps/settings/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the role eligibility schedule requests at given scope.", + "displayName": "Get Role eligibility schedule request", + "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Get App Service Plans First Party Apps Settings.", - "displayName": "Get App Service Plans First Party Apps Settings", - "name": "microsoft.web/serverfarms/firstpartyapps/settings/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the role assignment schedules at given scope.", + "displayName": "Get Role assignment schedule", + "name": "Microsoft.Authorization/roleAssignmentSchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Update App Service Plans First Party Apps Settings.", - "displayName": "Update App Service Plans First Party Apps Settings", - "name": "microsoft.web/serverfarms/firstpartyapps/settings/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the role eligibility schedules at given scope.", + "displayName": "Get Role eligibility schedule", + "name": "Microsoft.Authorization/roleEligibilitySchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Get App Service Plans Hybrid Connection Namespaces Relays Web Apps.", - "displayName": "Get App Service Plans Hybrid Connection Namespaces Relays Web Apps", - "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/sites/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the role assignment schedule instances at given scope.", + "displayName": "Get Role assignment schedule instance", + "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Get App Service Plans Hybrid Connection Plan Limits.", - "displayName": "Get App Service Plans Hybrid Connection Plan Limits", - "name": "microsoft.web/serverfarms/hybridconnectionplanlimits/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the role eligibility schedule instances at given scope.", + "displayName": "Get Role eligibility schedule instance", + "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Get App Service Plans Hybrid Connection Relays.", - "displayName": "Get App Service Plans Hybrid Connection Relays", - "name": "microsoft.web/serverfarms/hybridconnectionrelays/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get Role management policies", + "displayName": "Get Role management policy", + "name": "Microsoft.Authorization/roleManagementPolicies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Get App Service Plans Metric Definitions.", - "displayName": "Get App Service Plans Metric Definitions", - "name": "microsoft.web/serverfarms/metricdefinitions/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get role management policy assignments", + "displayName": "Get Role management policy assignment", + "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Get App Service Plans Metrics.", - "displayName": "Get App Service Plans Metrics", - "name": "microsoft.web/serverfarms/metrics/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Read the information about diagnostics settings", + "displayName": "Get information about diagnostics settings", + "name": "Microsoft.Authorization/diagnosticSettings/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Get App Service Plans Operation Results.", - "displayName": "Get App Service Plans Operation Results", - "name": "microsoft.web/serverfarms/operationresults/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get the information about diagnostic settings categories", + "displayName": "Read the information about diagnostic settings categories", + "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Get App Service Plans Web Apps.", - "displayName": "Get App Service Plans Web Apps", - "name": "microsoft.web/serverfarms/sites/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Create or update a classic metric alert", + "displayName": "Create or update classic metric alert", + "name": "Microsoft.Insights/AlertRules/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" }, { - "description": "Get App Service Plans SKUs.", - "displayName": "Get App Service Plans SKUs", - "name": "microsoft.web/serverfarms/skus/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Delete a classic metric alert", + "displayName": "Delete classic metric alert", + "name": "Microsoft.Insights/AlertRules/Delete", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" }, { - "description": "Get App Service Plans Usages.", - "displayName": "Get App Service Plans Usages", - "name": "microsoft.web/serverfarms/usages/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Read a classic metric alert", + "displayName": "Read classic metric alert", + "name": "Microsoft.Insights/AlertRules/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" }, { - "description": "Update App Service Plans Virtual Network Connections Gateways.", - "displayName": "Update App Service Plans Virtual Network Connections Gateways", - "name": "microsoft.web/serverfarms/virtualnetworkconnections/gateways/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Classic metric alert activated", + "displayName": "Classic metric alert activated", + "name": "Microsoft.Insights/AlertRules/Activated/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" }, { - "description": "Get App Service Plans Virtual Network Connections.", - "displayName": "Get App Service Plans Virtual Network Connections", - "name": "microsoft.web/serverfarms/virtualnetworkconnections/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Classic metric alert resolved", + "displayName": "Classic metric alert resolved", + "name": "Microsoft.Insights/AlertRules/Resolved/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" }, { - "description": "Delete App Service Plans Virtual Network Connections Routes.", - "displayName": "Delete App Service Plans Virtual Network Connections Routes", - "name": "microsoft.web/serverfarms/virtualnetworkconnections/routes/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Classic metric alert rule throttled", + "displayName": "Classic metric alert rule throttled", + "name": "Microsoft.Insights/AlertRules/Throttled/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" }, { - "description": "Get App Service Plans Virtual Network Connections Routes.", - "displayName": "Get App Service Plans Virtual Network Connections Routes", - "name": "microsoft.web/serverfarms/virtualnetworkconnections/routes/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Read a classic metric alert incident", + "displayName": "Read classic metric alert incidents", + "name": "Microsoft.Insights/AlertRules/Incidents/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" }, { - "description": "Update App Service Plans Virtual Network Connections Routes.", - "displayName": "Update App Service Plans Virtual Network Connections Routes", - "name": "microsoft.web/serverfarms/virtualnetworkconnections/routes/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Reboot App Service Plans Workers.", - "displayName": "Reboot App Service Plans Workers", - "name": "microsoft.web/serverfarms/workers/reboot/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get the subscription operation results.", + "displayName": "Get Subscription Operation Results", + "name": "Microsoft.Resources/subscriptions/operationresults/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Get App Service Plans Hybrid Connection Namespaces Relays.", - "displayName": "Get App Service Plans Hybrid Connection Namespaces Relays", - "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Delete App Service Plans Hybrid Connection Namespaces Relays.", - "displayName": "Delete App Service Plans Hybrid Connection Namespaces Relays", - "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Registers Support Resource Provider", + "displayName": "Registers Support Resource Provider", + "name": "Microsoft.Support/register/action", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Gets the diagnostic setting for the resource", - "displayName": "Read diagnostic setting", - "name": "microsoft.web/serverfarms/providers/Microsoft.Insights/diagnosticSettings/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Looks up resource Id for resource type", + "displayName": "Look Up Resource Id", + "name": "Microsoft.Support/lookUpResourceId/action", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Creates or updates the diagnostic setting for the resource", - "displayName": "Write diagnostic setting", - "name": "microsoft.web/serverfarms/providers/Microsoft.Insights/diagnosticSettings/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Checks that name is valid and not in use for resource type", + "displayName": "Check Name Availability", + "name": "Microsoft.Support/checkNameAvailability/action", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Gets the available metrics for App Service Plan", - "displayName": "Read App Service Plan metric definitions", - "name": "Microsoft.Web/serverfarms/providers/Microsoft.Insights/metricDefinitions/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Lists one or all support tickets", + "displayName": "Reads Support Ticket", + "name": "Microsoft.Support/supportTickets/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Delete Event Grid Filter on server farm.", - "displayName": "Delete Event Grid Filter on server farm", - "name": "Microsoft.Web/serverfarms/eventGridFilters/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Allows creating and updating a support ticket", + "displayName": "Writes Support Ticket", + "name": "Microsoft.Support/supportTickets/write", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Get Event Grid Filter on server farm.", - "displayName": "Get Event Grid Filter on server farm", - "name": "Microsoft.Web/serverfarms/eventGridFilters/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Lists one or all Azure services available for support", + "displayName": "Reads Services", + "name": "Microsoft.Support/services/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Put Event Grid Filter on server farm.", - "displayName": "Put Event Grid Filter on server farm", - "name": "Microsoft.Web/serverfarms/eventGridFilters/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Lists one or all problem classifications for an Azure service", + "displayName": "Reads Problem Classifications", + "name": "Microsoft.Support/services/problemClassifications/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Get the list of recommendations for App Service Plan.", - "displayName": "Get recommendations for App Service Plan", - "name": "Microsoft.Web/serverfarms/recommendations/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the result of the asynchronous operation", + "displayName": "Get Operation Result", + "name": "Microsoft.Support/operationresults/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Get first party Azure Key vault referenced settings for App Service Plan.", - "displayName": "Get App Service Plan Key Vault first party settings", - "name": "microsoft.web/serverfarms/firstpartyapps/keyvaultsettings/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the status of the asynchronous operation", + "displayName": "Get Operation Status", + "name": "Microsoft.Support/operationsstatus/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Create or Update first party Azure Key vault referenced settings for App Service Plan.", - "displayName": "Create or Update App Service Plan Key Vault first party settings", - "name": "microsoft.web/serverfarms/firstpartyapps/keyvaultsettings/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Lists all operations available on Microsoft.Support resource provider", + "displayName": "Lists operations", + "name": "Microsoft.Support/operations/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { "description": "Get the properties of a Web App", @@ -1155670,618 +1155973,422 @@ "providerName": "microsoft.web" }, { - "description": "Create a new Web App or update an existing one", - "displayName": "Create or Update Web App", - "name": "Microsoft.Web/sites/Write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete an existing Web App", - "displayName": "Delete Web App", - "name": "Microsoft.Web/sites/Delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Create a new web app backup", - "displayName": "Create Web App Backup", - "name": "Microsoft.Web/sites/backup/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get publishing profile xml for a Web App", - "displayName": "Get Web App Publishing Profile", - "name": "Microsoft.Web/sites/publishxml/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Publish a Web App", - "displayName": "Publish Web App", - "name": "Microsoft.Web/sites/publish/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Restart a Web App", - "displayName": "Restart Web App", - "name": "Microsoft.Web/sites/restart/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Start a Web App", - "displayName": "Start Web App", - "name": "Microsoft.Web/sites/start/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Start Dev Session for a Web App", - "displayName": "Start Dev Session for a Web App", - "name": "Microsoft.Web/sites/startDevSession/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Stop a Web App", - "displayName": "Stop Web App", - "name": "Microsoft.Web/sites/stop/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Swap Web App deployment slots", - "displayName": "Swap Web App Slots", - "name": "Microsoft.Web/sites/slotsswap/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get differences in configuration between web app and slots", - "displayName": "Get Web App Slots Differences", - "name": "Microsoft.Web/sites/slotsdiffs/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Apply web app slot configuration from target slot to the current web app", - "displayName": "Apply Web App Configuration", - "name": "Microsoft.Web/sites/applySlotConfig/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Reset web app configuration", - "displayName": "Reset Web App Configuration", - "name": "Microsoft.Web/sites/resetSlotConfig/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Approve Private Endpoint Connections", - "displayName": "Approve Private Endpoint Connections", - "name": "Microsoft.Web/sites/PrivateEndpointConnectionsApproval/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Create the artifacts in a Logic App.", - "displayName": "Create the artifacts in a Logic App", - "name": "microsoft.web/sites/deployWorkflowArtifacts/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List logic app's connections by its ID in a Logic App.", - "displayName": "List logic app's connections by its ID in a Logic App", - "name": "microsoft.web/sites/listworkflowsconnections/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Functions Web Apps.", - "displayName": "Functions Web Apps", - "name": "microsoft.web/sites/functions/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List Sync Function Trigger Status.", - "displayName": "List Web Apps Sync Function Trigger Status", - "name": "microsoft.web/sites/listsyncfunctiontriggerstatus/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Network Trace Web Apps.", - "displayName": "Network Trace Web Apps", - "name": "microsoft.web/sites/networktrace/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Newpassword Web Apps.", - "displayName": "Newpassword Web Apps", - "name": "microsoft.web/sites/newpassword/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Sync Web Apps.", - "displayName": "Sync Web Apps", - "name": "microsoft.web/sites/sync/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Migrate MySql Web Apps.", - "displayName": "Migrate MySql Web Apps", - "name": "microsoft.web/sites/migratemysql/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Recover Web Apps.", - "displayName": "Recover Web Apps", - "name": "microsoft.web/sites/recover/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Restore Web Apps Snapshots.", - "displayName": "Restore Web Apps Snapshots", - "name": "microsoft.web/sites/restoresnapshot/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Restore Web Apps From Deleted App.", - "displayName": "Restore Web Apps From Deleted App", - "name": "microsoft.web/sites/restorefromdeletedapp/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Sync Function Triggers.", - "displayName": "Sync Web Apps Function Triggers", - "name": "microsoft.web/sites/syncfunctiontriggers/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Discovers an existing app backup that can be restored from a blob in Azure storage.", - "displayName": "Discovers an existing app backup", - "name": "microsoft.web/sites/backups/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Zipped Container Logs for Web App.", - "displayName": "Get Zipped Container Logs for Web App", - "name": "microsoft.web/sites/containerlogs/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Restore Web App From Backup Blob.", - "displayName": "Restore Web App From Backup Blob", - "name": "microsoft.web/sites/restorefrombackupblob/action", + "description": "Get the properties of a Web App deployment slot", + "displayName": "Get Web App Deployment Slot", + "name": "Microsoft.Web/sites/slots/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web App backups.", - "displayName": "List Web App backups", - "name": "microsoft.web/sites/listbackups/action", + "description": "Get Web App Slot's configuration settings", + "displayName": "Get Web App Slot Configuration", + "name": "Microsoft.Web/sites/slots/config/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Copy content from deployment slot.", - "displayName": "Copy content from deployment slot", - "name": "microsoft.web/sites/slotcopy/action", + "description": "Get Web App configuration settings", + "displayName": "Get Web App Configuration", + "name": "Microsoft.Web/sites/config/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Reconcile Web App Network Security Perimeter Configurations.", - "displayName": "Reconcile Web App Network Security Perimeter Configurations", - "name": "Microsoft.Web/Sites/networkSecurityPerimeterConfigurations/action", + "description": "Get Web App's source control configuration settings", + "displayName": "Get Web App Source Control Configuration", + "name": "Microsoft.Web/sites/sourcecontrols/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Determines if a user is allowed to associate an Azure Web App with a Network Security Perimeter.", - "displayName": "Join Network Security Perimeter", - "name": "Microsoft.Web/Sites/joinPerimeter/action", + "description": "Get Web App Slot's source control configuration settings", + "displayName": "Get Web App Slot Source Control Configuration", + "name": "Microsoft.Web/sites/slots/sourcecontrols/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Create a new Web App Slot or update an existing one", - "displayName": "Create or Update Web App Slot", - "name": "Microsoft.Web/sites/slots/Write", + "description": "Get the properties of a web app's backup", + "displayName": "Get Web App Backup", + "name": "Microsoft.Web/sites/backups/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete an existing Web App Slot", - "displayName": "Delete Web App Slot", - "name": "Microsoft.Web/sites/slots/Delete", + "description": "Get the properties of a web app slots' backup", + "displayName": "List Web App Slot Backups", + "name": "Microsoft.Web/sites/slots/backups/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Create new Web App Slot backup.", - "displayName": "Create Web App Slot Backup", - "name": "Microsoft.Web/sites/slots/backup/Action", + "description": "Get the properties on an App Service Plan", + "displayName": "Get App Service Plan", + "name": "Microsoft.Web/serverfarms/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get publishing profile xml for Web App Slot", - "displayName": "Get Web App Slot Publishing Profile", - "name": "Microsoft.Web/sites/slots/publishxml/Action", + "description": "Get the list of certificates.", + "displayName": "Get Certificates", + "name": "Microsoft.Web/certificates/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Publish a Web App Slot", - "displayName": "Publish Web App Slot", - "name": "Microsoft.Web/sites/slots/publish/Action", + "description": "Get the list of Geo regions.", + "displayName": "Get Geo Regions", + "name": "Microsoft.Web/geoRegions/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Restart a Web App Slot", - "displayName": "Restart Web App Slot", - "name": "Microsoft.Web/sites/slots/restart/Action", + "description": "Get names of sites assigned to hostname.", + "displayName": "Get sites assigned to hostname", + "name": "Microsoft.Web/listSitesAssignedToHostName/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Start a Web App Slot", - "displayName": "Start Web App Slot", - "name": "Microsoft.Web/sites/slots/start/Action", + "description": "Get the properties of an App Service Environment", + "displayName": "Get App Service Environment", + "name": "Microsoft.Web/hostingEnvironments/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Start Dev Session for Web App Slot", - "displayName": "Start Dev Session for Web App Slot", - "name": "Microsoft.Web/sites/slots/startDevSession/Action", + "description": "Get the properties of a FrontEnd Pool in an App Service Environment", + "displayName": "Get FrontEnd Pool", + "name": "Microsoft.Web/hostingEnvironments/multiRolePools/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Stop a Web App Slot", - "displayName": "Stop Web App Slot", - "name": "Microsoft.Web/sites/slots/stop/Action", + "description": "Get the properties of a Worker Pool in an App Service Environment", + "displayName": "Get Worker Pool", + "name": "Microsoft.Web/hostingEnvironments/workerPools/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Swap Web App deployment slots", - "displayName": "Swap Web App Slots", - "name": "Microsoft.Web/sites/slots/slotsswap/Action", + "description": "Get the list of Connections.", + "displayName": "Get Connections", + "name": "Microsoft.Web/connections/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get differences in configuration between web app and slots", - "displayName": "Get Web App Slots Differences", - "name": "Microsoft.Web/sites/slots/slotsdiffs/Action", + "description": "Get the list of Custom API.", + "displayName": "Get Custom API", + "name": "Microsoft.Web/customApis/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Apply web app slot configuration from target slot to the current slot.", - "displayName": "Apply Web App Slot Configuration", - "name": "Microsoft.Web/sites/slots/applySlotConfig/Action", + "description": "Get the list of Connection Gateways.", + "displayName": "Get Connection Gateways", + "name": "Microsoft.Web/connectionGateways/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Reset web app slot configuration", - "displayName": "Reset Web App Slot Configuration", - "name": "Microsoft.Web/sites/slots/resetSlotConfig/Action", + "description": "Get the list of recommendations for subscriptions.", + "displayName": "Get recommendations", + "name": "Microsoft.Web/recommendations/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of a Web App deployment slot", - "displayName": "Get Web App Deployment Slot", - "name": "Microsoft.Web/sites/slots/Read", + "description": "Get the list of recommendations for web app.", + "displayName": "Get recommendations for web app", + "name": "Microsoft.Web/sites/recommendations/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Create the artifacts in a deployment slot in a Logic App.", - "displayName": "Create the artifacts in a deployment slot in a Logic App", - "name": "microsoft.web/sites/slots/deployWorkflowArtifacts/action", + "description": "Get Available Stacks.", + "displayName": "Get Available Stacks", + "name": "microsoft.web/availablestacks/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List logic app's connections by its ID in a deployment slot in a Logic App.", - "displayName": "List logic app's connections by its ID in a deployment slot in a Logic App", - "name": "microsoft.web/sites/slots/listworkflowsconnections/action", + "description": "Check if resource name is available.", + "displayName": "Get Check Name Availability", + "name": "microsoft.web/checknameavailability/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Sync Function Trigger Status for deployment slot.", - "displayName": "List Web Apps Sync Function Trigger Status for deployment slot", - "name": "microsoft.web/sites/slots/listsyncfunctiontriggerstatus/action", + "description": "Get Classic Mobile Services.", + "displayName": "Get Classic Mobile Services", + "name": "microsoft.web/classicmobileservices/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Newpassword Web Apps Slots.", - "displayName": "Newpassword Web Apps Slots", - "name": "microsoft.web/sites/slots/newpassword/action", + "description": "Get Deployment Locations.", + "displayName": "Get Deployment Locations", + "name": "microsoft.web/deploymentlocations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Sync Web Apps Slots.", - "displayName": "Sync Web Apps Slots", - "name": "microsoft.web/sites/slots/sync/action", + "description": "Get Hosting Environments Capacities.", + "displayName": "Get Hosting Environments Capacities", + "name": "microsoft.web/hostingenvironments/capacities/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Sync Function Triggers for deployment slot.", - "displayName": "Sync Web Apps Function Triggers for deployment slot", - "name": "microsoft.web/sites/slots/syncfunctiontriggers/action", + "description": "Get Hosting Environments Diagnostics.", + "displayName": "Get Hosting Environments Diagnostics", + "name": "microsoft.web/hostingenvironments/diagnostics/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Network Trace Web Apps Slots.", - "displayName": "Network Trace Web Apps Slots", - "name": "microsoft.web/sites/slots/networktrace/action", + "description": "Get Hosting Environments Metric Definitions.", + "displayName": "Get Hosting Environments Metric Definitions", + "name": "microsoft.web/hostingenvironments/metricdefinitions/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Recover Web Apps Slots.", - "displayName": "Recover Web Apps Slots", - "name": "microsoft.web/sites/slots/recover/action", + "description": "Get Hosting Environments MultiRole Pools Metric Definitions.", + "displayName": "Get Hosting Environments MultiRole Pools Metric Definitions", + "name": "microsoft.web/hostingenvironments/multirolepools/metricdefinitions/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Restore Web Apps Slots Snapshots.", - "displayName": "Restore Web Apps Slots Snapshots", - "name": "microsoft.web/sites/slots/restoresnapshot/action", + "description": "Get Hosting Environments MultiRole Pools Metrics.", + "displayName": "Get Hosting Environments MultiRole Pools Metrics", + "name": "microsoft.web/hostingenvironments/multirolepools/metrics/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Restore Web App Slots From Deleted App.", - "displayName": "Restore Web App Slots From Deleted App", - "name": "microsoft.web/sites/slots/restorefromdeletedapp/action", + "description": "Get Hosting Environments MultiRole Pools SKUs.", + "displayName": "Get Hosting Environments MultiRole Pools SKUs", + "name": "microsoft.web/hostingenvironments/multirolepools/skus/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Discover Web Apps Slots Backups.", - "displayName": "Discover Web Apps Slots Backups", - "name": "microsoft.web/sites/slots/backups/action", + "description": "Get Hosting Environments MultiRole Pools Usages.", + "displayName": "Get Hosting Environments MultiRole Pools Usages", + "name": "microsoft.web/hostingenvironments/multirolepools/usages/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Zipped Container Logs for Web App Slot.", - "displayName": "Get Zipped Container Logs for Web App Slot", - "name": "microsoft.web/sites/slots/containerlogs/action", + "description": "Get Hosting Environments Operations.", + "displayName": "Get Hosting Environments Operations", + "name": "microsoft.web/hostingenvironments/operations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Restore Web Apps Slot From Backup Blob.", - "displayName": "Restore Web Apps Slot From Backup Blob", - "name": "microsoft.web/sites/slots/restorefrombackupblob/action", + "description": "Get Hosting Environments App Service Plans.", + "displayName": "Get Hosting Environments App Service Plans", + "name": "microsoft.web/hostingenvironments/serverfarms/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web App Slot backups.", - "displayName": "List Web App Slot backups", - "name": "microsoft.web/sites/slots/listbackups/action", + "description": "Get Hosting Environments Web Apps.", + "displayName": "Get Hosting Environments Web Apps", + "name": "microsoft.web/hostingenvironments/sites/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Copy content from one deployment slot to another.", - "displayName": "Copy content from one deployment slot to another", - "name": "microsoft.web/sites/slots/slotcopy/action", + "description": "Get Hosting Environments Usages.", + "displayName": "Get Hosting Environments Usages", + "name": "microsoft.web/hostingenvironments/usages/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Slot's configuration settings", - "displayName": "Get Web App Slot Configuration", - "name": "Microsoft.Web/sites/slots/config/Read", + "description": "Get Hosting Environments Workerpools Metric Definitions.", + "displayName": "Get Hosting Environments Workerpools Metric Definitions", + "name": "microsoft.web/hostingenvironments/workerpools/metricdefinitions/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web App Slot's security sensitive settings, such as publishing credentials, app settings and connection strings", - "displayName": "List Web App Slot Security Sensitive Settings", - "name": "Microsoft.Web/sites/slots/config/list/Action", + "description": "Get Hosting Environments Workerpools Metrics.", + "displayName": "Get Hosting Environments Workerpools Metrics", + "name": "microsoft.web/hostingenvironments/workerpools/metrics/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Web App Slot's configuration settings", - "displayName": "Update Web App Slot Configuration", - "name": "Microsoft.Web/sites/slots/config/Write", + "description": "Get Hosting Environments Workerpools SKUs.", + "displayName": "Get Hosting Environments Workerpools SKUs", + "name": "microsoft.web/hostingenvironments/workerpools/skus/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web Apps Slots Config.", - "displayName": "Delete Web Apps Slots Config", - "name": "microsoft.web/sites/slots/config/delete", + "description": "Get Hosting Environments Workerpools Usages.", + "displayName": "Get Hosting Environments Workerpools Usages", + "name": "microsoft.web/hostingenvironments/workerpools/usages/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Validate upgrade path for Web App.", - "displayName": "Validate upgrade path for Web App", - "name": "microsoft.web/sites/slots/config/validateupgradepath/action", + "description": "Get if Hosting Environment Name is available.", + "displayName": "Check if Hosting Environment Name is available", + "name": "microsoft.web/ishostingenvironmentnameavailable/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App configuration settings", - "displayName": "Get Web App Configuration", - "name": "Microsoft.Web/sites/config/Read", + "description": "Check if Hostname is Available.", + "displayName": "Check if Hostname is Available", + "name": "microsoft.web/ishostnameavailable/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web App's security sensitive settings, such as publishing credentials, app settings and connection strings", - "displayName": "List Web App Security Sensitive Settings", - "name": "Microsoft.Web/sites/config/list/Action", + "description": "Check if Username is available.", + "displayName": "Check if Username is available", + "name": "microsoft.web/isusernameavailable/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Web App's configuration settings", - "displayName": "Update Web App Configuration", - "name": "Microsoft.Web/sites/config/Write", + "description": "Get Locations API Operations.", + "displayName": "Get Locations API Operations", + "name": "microsoft.web/locations/apioperations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web Apps Config.", - "displayName": "Delete Web Apps Config", - "name": "microsoft.web/sites/config/delete", + "description": "Get Locations Connection Gateway Installations.", + "displayName": "Get Locations Connection Gateway Installations", + "name": "microsoft.web/locations/connectiongatewayinstallations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App's source control configuration settings", - "displayName": "Get Web App Source Control Configuration", - "name": "Microsoft.Web/sites/sourcecontrols/Read", + "description": "Get Locations Managed APIs.", + "displayName": "Get Locations Managed APIs", + "name": "microsoft.web/locations/managedapis/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Web App's source control configuration settings", - "displayName": "Update Web App Source Control Configuration", - "name": "Microsoft.Web/sites/sourcecontrols/Write", + "description": "Get Locations Managed API Operations.", + "displayName": "Get Locations Managed API Operations", + "name": "microsoft.web/locations/managedapis/apioperations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web App's source control configuration settings", - "displayName": "Delete Web App Source Control Configuration", - "name": "Microsoft.Web/sites/sourcecontrols/Delete", + "description": "Get Operations.", + "displayName": "Get Operations", + "name": "microsoft.web/operations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Slot's source control configuration settings", - "displayName": "Get Web App Slot Source Control Configuration", - "name": "Microsoft.Web/sites/slots/sourcecontrols/Read", + "description": "Get Publishing Users.", + "displayName": "Get Publishing Users", + "name": "microsoft.web/publishingusers/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Web App Slot's source control configuration settings", - "displayName": "Update Web App Slot Source Control Configuration", - "name": "Microsoft.Web/sites/slots/sourcecontrols/Write", + "description": "Get App Service Plans Capabilities.", + "displayName": "Get App Service Plans Capabilities", + "name": "microsoft.web/serverfarms/capabilities/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web App Slot's source control configuration settings", - "displayName": "Delete Web App Slot Source Control Configuration", - "name": "Microsoft.Web/sites/slots/sourcecontrols/Delete", + "description": "Get App Service Plans First Party Apps Settings.", + "displayName": "Get App Service Plans First Party Apps Settings", + "name": "microsoft.web/serverfarms/firstpartyapps/settings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of a web app's backup", - "displayName": "Get Web App Backup", - "name": "Microsoft.Web/sites/backups/Read", + "description": "Get App Service Plans Hybrid Connection Namespaces Relays Web Apps.", + "displayName": "Get App Service Plans Hybrid Connection Namespaces Relays Web Apps", + "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/sites/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web Apps Backups.", - "displayName": "List Web Apps Backups", - "name": "microsoft.web/sites/backups/list/action", + "description": "Get App Service Plans Hybrid Connection Plan Limits.", + "displayName": "Get App Service Plans Hybrid Connection Plan Limits", + "name": "microsoft.web/serverfarms/hybridconnectionplanlimits/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Restore Web Apps Backups.", - "displayName": "Restore Web Apps Backups", - "name": "microsoft.web/sites/backups/restore/action", + "description": "Get App Service Plans Hybrid Connection Relays.", + "displayName": "Get App Service Plans Hybrid Connection Relays", + "name": "microsoft.web/serverfarms/hybridconnectionrelays/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web Apps Backups.", - "displayName": "Delete Web Apps Backups", - "name": "microsoft.web/sites/backups/delete", + "description": "Get App Service Plans Metric Definitions.", + "displayName": "Get App Service Plans Metric Definitions", + "name": "microsoft.web/serverfarms/metricdefinitions/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Web Apps Backups.", - "displayName": "Update Web Apps Backups", - "name": "microsoft.web/sites/backups/write", + "description": "Get App Service Plans Metrics.", + "displayName": "Get App Service Plans Metrics", + "name": "microsoft.web/serverfarms/metrics/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of a web app slots' backup", - "displayName": "List Web App Slot Backups", - "name": "Microsoft.Web/sites/slots/backups/Read", + "description": "Get App Service Plans Operation Results.", + "displayName": "Get App Service Plans Operation Results", + "name": "microsoft.web/serverfarms/operationresults/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web Apps Slots Backups.", - "displayName": "List Web Apps Slots Backups", - "name": "microsoft.web/sites/slots/backups/list/action", + "description": "Get App Service Plans Web Apps.", + "displayName": "Get App Service Plans Web Apps", + "name": "microsoft.web/serverfarms/sites/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Restore Web Apps Slots Backups.", - "displayName": "Restore Web Apps Slots Backups", - "name": "microsoft.web/sites/slots/backups/restore/action", + "description": "Get App Service Plans SKUs.", + "displayName": "Get App Service Plans SKUs", + "name": "microsoft.web/serverfarms/skus/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web Apps Slots Backups.", - "displayName": "Delete Web Apps Slots Backups", - "name": "microsoft.web/sites/slots/backups/delete", + "description": "Get App Service Plans Usages.", + "displayName": "Get App Service Plans Usages", + "name": "microsoft.web/serverfarms/usages/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the list of recommendations for web app.", - "displayName": "Get recommendations for web app", - "name": "Microsoft.Web/sites/recommendations/Read", + "description": "Get App Service Plans Virtual Network Connections.", + "displayName": "Get App Service Plans Virtual Network Connections", + "name": "microsoft.web/serverfarms/virtualnetworkconnections/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Disable Web Apps Recommendations.", - "displayName": "Disable Web Apps Recommendations", - "name": "microsoft.web/sites/recommendations/disable/action", + "description": "Get App Service Plans Virtual Network Connections Routes.", + "displayName": "Get App Service Plans Virtual Network Connections Routes", + "name": "microsoft.web/serverfarms/virtualnetworkconnections/routes/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1156299,20 +1156406,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Backup.", - "displayName": "Update Web Apps Backup", - "name": "microsoft.web/sites/backup/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Continuous Web Jobs.", - "displayName": "Delete Web Apps Continuous Web Jobs", - "name": "microsoft.web/sites/continuouswebjobs/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Continuous Web Jobs.", "displayName": "Get Web Apps Continuous Web Jobs", @@ -1156320,27 +1156413,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Start Web Apps Continuous Web Jobs.", - "displayName": "Start Web Apps Continuous Web Jobs", - "name": "microsoft.web/sites/continuouswebjobs/start/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Stop Web Apps Continuous Web Jobs.", - "displayName": "Stop Web Apps Continuous Web Jobs", - "name": "microsoft.web/sites/continuouswebjobs/stop/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Deployments.", - "displayName": "Delete Web Apps Deployments", - "name": "microsoft.web/sites/deployments/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Deployments.", "displayName": "Get Web Apps Deployments", @@ -1156348,13 +1156420,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Deployments.", - "displayName": "Update Web Apps Deployments", - "name": "microsoft.web/sites/deployments/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Deployments Log.", "displayName": "Get Web Apps Deployments Log", @@ -1156446,41 +1156511,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Domain Ownership Identifiers.", - "displayName": "Update Web Apps Domain Ownership Identifiers", - "name": "microsoft.web/sites/domainownershipidentifiers/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Domain Ownership Identifiers.", - "displayName": "Delete Web Apps Domain Ownership Identifiers", - "name": "microsoft.web/sites/domainownershipidentifiers/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Functions.", - "displayName": "Delete Web Apps Functions", - "name": "microsoft.web/sites/functions/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List Function secrets.", - "displayName": "List Web Apps Functions Secrets", - "name": "microsoft.web/sites/functions/listsecrets/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List Function keys.", - "displayName": "List Web Apps Functions Keys", - "name": "microsoft.web/sites/functions/listkeys/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Functions.", "displayName": "Get Web Apps Functions", @@ -1156488,20 +1156518,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Functions.", - "displayName": "Update Web Apps Functions", - "name": "microsoft.web/sites/functions/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Hostname Bindings.", - "displayName": "Delete Web Apps Hostname Bindings", - "name": "microsoft.web/sites/hostnamebindings/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Hostname Bindings.", "displayName": "Get Web Apps Hostname Bindings", @@ -1156509,20 +1156525,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Hostname Bindings.", - "displayName": "Update Web Apps Hostname Bindings", - "name": "microsoft.web/sites/hostnamebindings/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Hybrid Connection.", - "displayName": "Delete Web Apps Hybrid Connection", - "name": "microsoft.web/sites/hybridconnection/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Hybrid Connection.", "displayName": "Get Web Apps Hybrid Connection", @@ -1156530,13 +1156532,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Hybrid Connection.", - "displayName": "Update Web Apps Hybrid Connection", - "name": "microsoft.web/sites/hybridconnection/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Hybrid Connection Relays.", "displayName": "Get Web Apps Hybrid Connection Relays", @@ -1156551,20 +1156546,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Instances Deployments.", - "displayName": "Delete Web Apps Instances Deployments", - "name": "microsoft.web/sites/instances/deployments/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Instances Processes.", - "displayName": "Delete Web Apps Instances Processes", - "name": "microsoft.web/sites/instances/processes/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Instances Processes.", "displayName": "Get Web Apps Instances Processes", @@ -1156572,13 +1156553,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Stop Web Apps Instances Processes.", - "displayName": "Stop Web Apps Instances Processes", - "name": "microsoft.web/sites/instances/processes/stop/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Instances.", "displayName": "Get Web Apps Instances", @@ -1156614,13 +1156588,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Premier Addons.", - "displayName": "Delete Web Apps Premier Addons", - "name": "microsoft.web/sites/premieraddons/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Premier Addons.", "displayName": "Get Web Apps Premier Addons", @@ -1156628,13 +1156595,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Premier Addons.", - "displayName": "Update Web Apps Premier Addons", - "name": "microsoft.web/sites/premieraddons/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Publishing XML.", "displayName": "Get Web Apps Publishing XML", @@ -1156656,13 +1156616,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Restore Web Apps.", - "displayName": "Restore Web Apps", - "name": "microsoft.web/sites/restore/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Analyze Custom Hostname.", "displayName": "Get Web Apps Slots Analyze Custom Hostname", @@ -1156670,13 +1156623,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Slots Backup.", - "displayName": "Update Web Apps Slots Backup", - "name": "microsoft.web/sites/slots/backup/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Backup.", "displayName": "Get Web Apps Slots Backup", @@ -1156684,13 +1156630,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Slots Continuous Web Jobs.", - "displayName": "Delete Web Apps Slots Continuous Web Jobs", - "name": "microsoft.web/sites/slots/continuouswebjobs/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Continuous Web Jobs.", "displayName": "Get Web Apps Slots Continuous Web Jobs", @@ -1156698,27 +1156637,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Start Web Apps Slots Continuous Web Jobs.", - "displayName": "Start Web Apps Slots Continuous Web Jobs", - "name": "microsoft.web/sites/slots/continuouswebjobs/start/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Stop Web Apps Slots Continuous Web Jobs.", - "displayName": "Stop Web Apps Slots Continuous Web Jobs", - "name": "microsoft.web/sites/slots/continuouswebjobs/stop/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Slots Deployments.", - "displayName": "Delete Web Apps Slots Deployments", - "name": "microsoft.web/sites/slots/deployments/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Deployments.", "displayName": "Get Web Apps Slots Deployments", @@ -1156726,13 +1156644,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Slots Deployments.", - "displayName": "Update Web Apps Slots Deployments", - "name": "microsoft.web/sites/slots/deployments/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Deployments Log.", "displayName": "Get Web Apps Slots Deployments Log", @@ -1156740,13 +1156651,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Slots Hostname Bindings.", - "displayName": "Delete Web Apps Slots Hostname Bindings", - "name": "microsoft.web/sites/slots/hostnamebindings/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Hostname Bindings.", "displayName": "Get Web Apps Slots Hostname Bindings", @@ -1156754,20 +1156658,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Slots Hostname Bindings.", - "displayName": "Update Web Apps Slots Hostname Bindings", - "name": "microsoft.web/sites/slots/hostnamebindings/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Slots Hybrid Connection.", - "displayName": "Delete Web Apps Slots Hybrid Connection", - "name": "microsoft.web/sites/slots/hybridconnection/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Hybrid Connection.", "displayName": "Get Web Apps Slots Hybrid Connection", @@ -1156775,13 +1156665,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Slots Hybrid Connection.", - "displayName": "Update Web Apps Slots Hybrid Connection", - "name": "microsoft.web/sites/slots/hybridconnection/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Instances Deployments.", "displayName": "Get Web Apps Slots Instances Deployments", @@ -1156796,20 +1156679,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Stop Web Apps Slots Instances Processes.", - "displayName": "Stop Web Apps Slots Instances Processes", - "name": "microsoft.web/sites/slots/instances/processes/stop/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Slots Instances Processes.", - "displayName": "Delete Web Apps Slots Instances Processes", - "name": "microsoft.web/sites/slots/instances/processes/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Instances.", "displayName": "Get Web Apps Slots Instances", @@ -1156845,13 +1156714,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Slots Premier Addons.", - "displayName": "Delete Web Apps Slots Premier Addons", - "name": "microsoft.web/sites/slots/premieraddons/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Premier Addons.", "displayName": "Get Web Apps Slots Premier Addons", @@ -1156859,13 +1156721,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Slots Premier Addons.", - "displayName": "Update Web Apps Slots Premier Addons", - "name": "microsoft.web/sites/slots/premieraddons/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Restore.", "displayName": "Get Web Apps Slots Restore", @@ -1156873,20 +1156728,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Restore Web Apps Slots.", - "displayName": "Restore Web Apps Slots", - "name": "microsoft.web/sites/slots/restore/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Slots Triggered WebJobs.", - "displayName": "Delete Web Apps Slots Triggered WebJobs", - "name": "microsoft.web/sites/slots/triggeredwebjobs/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Triggered WebJobs.", "displayName": "Get Web Apps Slots Triggered WebJobs", @@ -1156894,13 +1156735,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Run Web Apps Slots Triggered WebJobs.", - "displayName": "Run Web Apps Slots Triggered WebJobs", - "name": "microsoft.web/sites/slots/triggeredwebjobs/run/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Usages.", "displayName": "Get Web Apps Slots Usages", @@ -1156908,13 +1156742,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Slots Virtual Network Connections.", - "displayName": "Delete Web Apps Slots Virtual Network Connections", - "name": "microsoft.web/sites/slots/virtualnetworkconnections/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Virtual Network Connections.", "displayName": "Get Web Apps Slots Virtual Network Connections", @@ -1156922,20 +1156749,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Slots Virtual Network Connections.", - "displayName": "Update Web Apps Slots Virtual Network Connections", - "name": "microsoft.web/sites/slots/virtualnetworkconnections/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Update Web Apps Slots Virtual Network Connections Gateways.", - "displayName": "Update Web Apps Slots Virtual Network Connections Gateways", - "name": "microsoft.web/sites/slots/virtualnetworkconnections/gateways/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots WebJobs.", "displayName": "Get Web Apps Slots WebJobs", @@ -1156950,13 +1156763,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Triggered WebJobs.", - "displayName": "Delete Web Apps Triggered WebJobs", - "name": "microsoft.web/sites/triggeredwebjobs/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Triggered WebJobs.", "displayName": "Get Web Apps Triggered WebJobs", @@ -1156964,13 +1156770,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Run Web Apps Triggered WebJobs.", - "displayName": "Run Web Apps Triggered WebJobs", - "name": "microsoft.web/sites/triggeredwebjobs/run/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Usages.", "displayName": "Get Web Apps Usages", @@ -1156978,13 +1156777,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Virtual Network Connections.", - "displayName": "Delete Web Apps Virtual Network Connections", - "name": "microsoft.web/sites/virtualnetworkconnections/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Virtual Network Connections.", "displayName": "Get Web Apps Virtual Network Connections", @@ -1156992,13 +1156784,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Virtual Network Connections.", - "displayName": "Update Web Apps Virtual Network Connections", - "name": "microsoft.web/sites/virtualnetworkconnections/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Virtual Network Connections Gateways.", "displayName": "Get Web Apps Virtual Network Connections Gateways", @@ -1157006,13 +1156791,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Virtual Network Connections Gateways.", - "displayName": "Update Web Apps Virtual Network Connections Gateways", - "name": "microsoft.web/sites/virtualnetworkconnections/gateways/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps WebJobs.", "displayName": "Get Web Apps WebJobs", @@ -1157021,23 +1156799,23 @@ "providerName": "microsoft.web" }, { - "description": "Delete Web Apps Hybrid Connection Namespaces Relays.", - "displayName": "Delete Web Apps Hybrid Connection Namespaces Relays", - "name": "microsoft.web/sites/hybridconnectionnamespaces/relays/delete", + "description": "Get SKUs.", + "displayName": "Get SKUs", + "name": "microsoft.web/skus/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Keys Web Apps Hybrid Connection Namespaces Relays.", - "displayName": "List Keys Web Apps Hybrid Connection Namespaces Relays", - "name": "microsoft.web/sites/hybridconnectionnamespaces/relays/listkeys/action", + "description": "Get Source Controls.", + "displayName": "Get Source Controls", + "name": "microsoft.web/sourcecontrols/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Web Apps Hybrid Connection Namespaces Relays.", - "displayName": "Update Web Apps Hybrid Connection Namespaces Relays", - "name": "microsoft.web/sites/hybridconnectionnamespaces/relays/write", + "description": "Get App Service Plans Hybrid Connection Namespaces Relays.", + "displayName": "Get App Service Plans Hybrid Connection Namespaces Relays", + "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1157063,9 +1156841,9 @@ "providerName": "microsoft.web" }, { - "description": "Delete Web Apps Site Extensions.", - "displayName": "Delete Web Apps Site Extensions", - "name": "microsoft.web/sites/siteextensions/delete", + "description": "Get the properties of a Deleted Web App", + "displayName": "Get Deleted Web App", + "name": "Microsoft.Web/deletedSites/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1157076,13 +1156854,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Site Extensions.", - "displayName": "Update Web Apps Site Extensions", - "name": "microsoft.web/sites/siteextensions/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Hybrid Connection Relays.", "displayName": "Get Web Apps Slots Hybrid Connection Relays", @@ -1157090,13 +1156861,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Slots Site Extensions.", - "displayName": "Delete Web Apps Slots Site Extensions", - "name": "microsoft.web/sites/slots/siteextensions/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Site Extensions.", "displayName": "Get Web Apps Slots Site Extensions", @@ -1157104,13 +1156868,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Slots Site Extensions.", - "displayName": "Update Web Apps Slots Site Extensions", - "name": "microsoft.web/sites/slots/siteextensions/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Snapshots.", "displayName": "Get Web Apps Slots Snapshots", @@ -1157224,51 +1156981,79 @@ "providerName": "microsoft.web" }, { - "description": "Update Web App Slots Domain Ownership Identifiers.", - "displayName": "Update Web App Slots Domain Ownership Identifiers", - "name": "microsoft.web/sites/slots/domainownershipidentifiers/write", + "description": "Get Web Apps Slots Operations.", + "displayName": "Get Web Apps Slots Operations", + "name": "microsoft.web/sites/slots/operations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web App Slots Domain Ownership Identifiers.", - "displayName": "Delete Web App Slots Ownership Identifiers", - "name": "microsoft.web/sites/slots/domainownershipidentifiers/delete", + "description": "Get Web Apps Slots Performance Counters.", + "displayName": "Get Web Apps Slots Performance Counters", + "name": "microsoft.web/sites/slots/perfcounters/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web Apps Slots Hybrid Connection Namespaces Relays.", - "displayName": "Delete Web Apps Slots Hybrid Connection Namespaces Relays", - "name": "microsoft.web/sites/slots/hybridconnectionnamespaces/relays/delete", + "description": "Get Web Apps Slots Resource Health Metadata.", + "displayName": "Get Web Apps Slots Resource Health Metadata", + "name": "microsoft.web/sites/slots/resourcehealthmetadata/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Web Apps Slots Hybrid Connection Namespaces Relays.", - "displayName": "Update Web Apps Slots Hybrid Connection Namespaces Relays", - "name": "microsoft.web/sites/slots/hybridconnectionnamespaces/relays/write", + "description": "Get Api Management Accounts Apiacls.", + "displayName": "Get Api Management Accounts Apiacls", + "name": "microsoft.web/apimanagementaccounts/apiacls/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web Apps Slots Operations.", - "displayName": "Get Web Apps Slots Operations", - "name": "microsoft.web/sites/slots/operations/read", + "description": "Get Api Management Accounts APIs Connections.", + "displayName": "Get Api Management Accounts APIs Connections", + "name": "microsoft.web/apimanagementaccounts/apis/connections/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web Apps Slots Performance Counters.", - "displayName": "Get Web Apps Slots Performance Counters", - "name": "microsoft.web/sites/slots/perfcounters/read", + "description": "Get Api Management Accounts APIs.", + "displayName": "Get Api Management Accounts APIs", + "name": "microsoft.web/apimanagementaccounts/apis/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web Apps Slots Resource Health Metadata.", - "displayName": "Get Web Apps Slots Resource Health Metadata", - "name": "microsoft.web/sites/slots/resourcehealthmetadata/read", + "description": "Get Api Management Accounts Connectionacls.", + "displayName": "Get Api Management Accounts Connectionacls", + "name": "microsoft.web/apimanagementaccounts/connectionacls/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Api Management Accounts APIs Apiacls.", + "displayName": "Get Api Management Accounts APIs Apiacls", + "name": "microsoft.web/apimanagementaccounts/apis/apiacls/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Api Management Accounts APIs Connectionacls.", + "displayName": "Get Api Management Accounts APIs Connectionacls", + "name": "microsoft.web/apimanagementaccounts/apis/connectionacls/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Api Management Accounts APIs Connections Connectionacls.", + "displayName": "Get Api Management Accounts APIs Connections Connectionacls", + "name": "microsoft.web/apimanagementaccounts/apis/connections/connectionacls/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Api Management Accounts APIs Localized Definitions.", + "displayName": "Get Api Management Accounts APIs Localized Definitions", + "name": "microsoft.web/apimanagementaccounts/apis/localizeddefinitions/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1157370,13 +1157155,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Public Certificates.", - "displayName": "Delete Web Apps Public Certificates", - "name": "microsoft.web/sites/publiccertificates/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Public Certificates.", "displayName": "Get Web Apps Public Certificates", @@ -1157384,13 +1157162,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Public Certificates.", - "displayName": "Update Web Apps Public Certificates", - "name": "microsoft.web/sites/publiccertificates/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Diagnostics Autoheal.", "displayName": "Get Web Apps Diagnostics Autoheal", @@ -1157441,23 +1157212,30 @@ "providerName": "microsoft.web" }, { - "description": "Creates or updates the diagnostic setting for the resource", - "displayName": "Write diagnostic setting", - "name": "microsoft.web/sites/providers/Microsoft.Insights/diagnosticSettings/write", + "description": "Gets the diagnostic setting for the resource", + "displayName": "Read diagnostic setting", + "name": "microsoft.web/sites/slots/providers/Microsoft.Insights/diagnosticSettings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { "description": "Gets the diagnostic setting for the resource", "displayName": "Read diagnostic setting", - "name": "microsoft.web/sites/slots/providers/Microsoft.Insights/diagnosticSettings/read", + "name": "microsoft.web/serverfarms/providers/Microsoft.Insights/diagnosticSettings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Creates or updates the diagnostic setting for the resource", - "displayName": "Write diagnostic setting", - "name": "microsoft.web/sites/slots/providers/Microsoft.Insights/diagnosticSettings/write", + "description": "Gets the diagnostic setting for the resource", + "displayName": "Read diagnostic setting", + "name": "microsoft.web/hostingenvironments/providers/Microsoft.Insights/diagnosticSettings/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get list of billing meters.", + "displayName": "Read billing meters", + "name": "microsoft.web/billingmeters/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1157475,13 +1157253,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Run Web Apps Diagnostics Detector.", - "displayName": "Run Web Apps Diagnostics Detector", - "name": "microsoft.web/sites/diagnostics/detectors/execute/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Diagnostics Analysis.", "displayName": "Get Web Apps Diagnostics Analysis", @@ -1157489,13 +1157260,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Run Web Apps Diagnostics Analysis.", - "displayName": "Run Web Apps Diagnostics Analysis", - "name": "microsoft.web/sites/diagnostics/analyses/execute/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Diagnostics Analysis.", "displayName": "Get Web Apps Slots Diagnostics Analysis", @@ -1157503,13 +1157267,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Run Web Apps Slots Diagnostics Analysis.", - "displayName": "Run Web Apps Slots Diagnostics Analysis", - "name": "microsoft.web/sites/slots/diagnostics/analyses/execute/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Diagnostics Detector.", "displayName": "Get Web Apps Slots Diagnostics Detector", @@ -1157518,9 +1157275,9 @@ "providerName": "microsoft.web" }, { - "description": "Run Web Apps Slots Diagnostics Detector.", - "displayName": "Run Web Apps Slots Diagnostics Detector", - "name": "microsoft.web/sites/slots/diagnostics/detectors/execute/Action", + "description": "Get Resource Health Metadata.", + "displayName": "Get Resource Health Metadata", + "name": "microsoft.web/resourcehealthmetadata/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1157532,16 +1157289,16 @@ "providerName": "microsoft.web" }, { - "description": "Create or Update Web Apps Slots Public Certificates.", - "displayName": "Write Web Apps Slots Public Certificates", - "name": "microsoft.web/sites/slots/publiccertificates/write", + "description": "Get the network endpoints of all inbound dependencies.", + "displayName": "Get the network endpoints of all inbound dependencies", + "name": "microsoft.web/hostingenvironments/inboundnetworkdependenciesendpoints/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web Apps Slots Public Certificates.", - "displayName": "Delete Web Apps Slots Public Certificates", - "name": "microsoft.web/sites/slots/publiccertificates/delete", + "description": "Get the network endpoints of all outbound dependencies.", + "displayName": "Get the network endpoints of all outbound dependencies", + "name": "microsoft.web/hostingenvironments/outboundnetworkdependenciesendpoints/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1157559,6 +1157316,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Get Hosting Environments Detectors.", + "displayName": "Get Hosting Environments Detectors", + "name": "microsoft.web/hostingenvironments/detectors/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Detectors.", "displayName": "Get Web Apps Detectors", @@ -1157566,6 +1157330,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Gets the available metrics for App Service Plan", + "displayName": "Read App Service Plan metric definitions", + "name": "Microsoft.Web/serverfarms/providers/Microsoft.Insights/metricDefinitions/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Gets the available metrics for Web App", "displayName": "Read Web App metric definitions", @@ -1157580,6 +1157351,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Gets the available metrics for App Service Environment MultiRole", + "displayName": "Read App Service Environment MultiRole metric definitions", + "name": "Microsoft.Web/hostingEnvironments/multiRolePools/providers/Microsoft.Insights/metricDefinitions/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Gets the available metrics for App Service Environment WorkerPool", + "displayName": "Read App Service Environment WorkerPool metric definitions", + "name": "Microsoft.Web/hostingEnvironments/workerPools/providers/Microsoft.Insights/metricDefinitions/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Instances Processes Threads.", "displayName": "Get Web Apps Instances Processes Threads", @@ -1157608,13 +1157393,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Perform Function App runtime action like sync triggers, add functions, invoke functions, delete functions etc.", - "displayName": "Perform Function App runtime action", - "name": "Microsoft.Web/sites/hostruntime/host/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Config Snapshots.", "displayName": "Get Web Apps Config Snapshots", @@ -1157622,20 +1157400,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Web Apps List Secrets From Snapshot.", - "displayName": "Web Apps List Secrets From Snapshot", - "name": "microsoft.web/sites/config/snapshots/listsecrets/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List Function keys.", - "displayName": "List Web Apps Functions Keys", - "name": "microsoft.web/sites/slots/functions/listkeys/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Functions.", "displayName": "Get Web Apps Slots Functions", @@ -1157643,20 +1157407,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "List Secrets Web Apps Slots Functions.", - "displayName": "List Secrets Web Apps Slots Functions", - "name": "microsoft.web/sites/slots/functions/listsecrets/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Download Web Apps Container Logs.", - "displayName": "Download Web Apps Container Logs", - "name": "microsoft.web/sites/containerlogs/download/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Hostruntime Functions Keys.", "displayName": "Get Web Apps Hostruntime Functions Keys", @@ -1157678,13 +1157428,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Download Web Apps Slots Container Logs.", - "displayName": "Download Web Apps Slots Container Logs", - "name": "microsoft.web/sites/slots/containerlogs/download/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Processes.", "displayName": "Get Web Apps Slots Processes", @@ -1157720,13 +1157463,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Site Extensions.", - "displayName": "Delete Web Apps Site Extensions", - "name": "microsoft.web/sites/extensions/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Site Extensions.", "displayName": "Get Web Apps Site Extensions", @@ -1157734,20 +1157470,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Site Extensions.", - "displayName": "Update Web Apps Site Extensions", - "name": "microsoft.web/sites/extensions/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Invoke App Service Extensions APIs.", - "displayName": "Invoke App Service Extensions APIs", - "name": "microsoft.web/sites/extensions/api/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Instances Extensions.", "displayName": "Get Web Apps Instances Extensions", @@ -1157769,6 +1157491,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Read hosting environments log definitions", + "displayName": "Read hosting environments log definitions", + "name": "microsoft.web/hostingenvironments/providers/Microsoft.Insights/logDefinitions/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Read Private Endpoint Connection Proxies", "displayName": "Read Private Endpoint Connection Proxies", @@ -1157777,37 +1157506,37 @@ "providerName": "microsoft.web" }, { - "description": "Create or Update Private Endpoint Connection Proxies", - "displayName": "Create or Update Private Endpoint Connection Proxies", - "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/Write", + "description": "Read Private Endpoint Connection Proxies", + "displayName": "Read Private Endpoint Connection Proxies", + "name": "Microsoft.Web/hostingEnvironments/privateEndpointConnectionProxies/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Private Endpoint Connection Proxies", - "displayName": "Delete Private Endpoint Connection Proxies", - "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/Delete", + "description": "Read Private Endpoint Connection Proxy Operations", + "displayName": "Read Private Endpoint Connection Proxy Operations", + "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/operations/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Validate Private Endpoint Connection Proxies", - "displayName": "Validate Private Endpoint Connection Proxies", - "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/validate/action", + "description": "Read Private Endpoint Connection Proxy Operations", + "displayName": "Read Private Endpoint Connection Proxy Operations", + "name": "Microsoft.Web/hostingEnvironments/privateEndpointConnectionProxies/operations/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Read Private Endpoint Connection Proxy Operations", - "displayName": "Read Private Endpoint Connection Proxy Operations", - "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/operations/Read", + "description": "Get Operations.", + "displayName": "Get Operations", + "name": "microsoft.web/locations/operationResults/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Event Grid Filter on web app.", - "displayName": "Delete Event Grid Filter on web app", - "name": "Microsoft.Web/sites/eventGridFilters/delete", + "description": "Get Operations.", + "displayName": "Get Operations", + "name": "microsoft.web/locations/operations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1157819,289 +1157548,289 @@ "providerName": "microsoft.web" }, { - "description": "Put Event Grid Filter on web app.", - "displayName": "Put Event Grid Filter on web app", - "name": "Microsoft.Web/sites/eventGridFilters/write", + "description": "Get Event Grid Filter on server farm.", + "displayName": "Get Event Grid Filter on server farm", + "name": "Microsoft.Web/serverfarms/eventGridFilters/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Function keys.", - "displayName": "Update Web Apps Functions Keys", - "name": "microsoft.web/sites/functions/keys/write", + "description": "Get Event Grid Filter on hosting environment.", + "displayName": "Get Event Grid Filter on hosting environment", + "name": "Microsoft.Web/hostingEnvironments/eventGridFilters/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Function keys.", - "displayName": "Delete Web Apps Functions Keys", - "name": "microsoft.web/sites/functions/keys/delete", + "description": "Get Web Apps Slots Extensions.", + "displayName": "Get Web Apps Slots Extensions", + "name": "microsoft.web/sites/slots/extensions/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Functions Host keys.", - "displayName": "List Web Apps Functions Host Keys", - "name": "microsoft.web/sites/host/listkeys/action", + "description": "Get the health details of an App Service Environment.", + "displayName": "Get the health details of an App Service Environment", + "name": "microsoft.web/hostingenvironments/health/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Sync Function Triggers.", - "displayName": "Sync Web Apps Function Triggers", - "name": "microsoft.web/sites/host/sync/action", + "description": "Get the properties of a Static Site", + "displayName": "Get Static Site", + "name": "Microsoft.Web/staticSites/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Sync Function Triggers Status.", - "displayName": "List Web Apps Sync Function Triggers Status", - "name": "microsoft.web/sites/host/listsyncstatus/action", + "description": "List the custom domains for a Static Site", + "displayName": "List Static Site Custom Domains", + "name": "Microsoft.Web/staticSites/customdomains/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Functions Host Function keys.", - "displayName": "Update Web Apps Functions Host Function Keys", - "name": "microsoft.web/sites/host/functionkeys/write", + "description": "Get a build for a Static Site", + "displayName": "Get Static Site Build", + "name": "Microsoft.Web/staticSites/build/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Functions Host Function keys.", - "displayName": "Delete Web Apps Functions Host Function Keys", - "name": "microsoft.web/sites/host/functionkeys/delete", + "description": "List the functions for a Static Site", + "displayName": "List Static Site Functions", + "name": "Microsoft.Web/staticSites/functions/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Functions Host System keys.", - "displayName": "Update Web Apps Functions Host System Keys", - "name": "microsoft.web/sites/host/systemkeys/write", + "description": "Get App Service Network Configuration.", + "displayName": "Get App Service Network Configuration", + "name": "microsoft.web/sites/networkConfig/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Functions Host System keys.", - "displayName": "Delete Web Apps Functions Host System Keys", - "name": "microsoft.web/sites/host/systemkeys/delete", + "description": "List which publishing methods are allowed for a Web App", + "displayName": "List Web App Publishing Credentials Policies", + "name": "Microsoft.Web/sites/basicPublishingCredentialsPolicies/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web Apps Slots Extensions.", - "displayName": "Get Web Apps Slots Extensions", - "name": "microsoft.web/sites/slots/extensions/read", + "description": "List which publishing credentials are allowed for a Web App Slot", + "displayName": "List Web App Slot Publishing Credentials Policies", + "name": "Microsoft.Web/sites/slots/basicPublishingCredentialsPolicies/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Web Apps Slots Extensions.", - "displayName": "Update Web Apps Slots Extensions", - "name": "microsoft.web/sites/slots/extensions/write", + "description": "Get a Private Endpoint Connection or the list of Private Endpoint Connections.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Web/sites/privateEndpointConnections/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Invoke App Service Slots Extensions APIs.", - "displayName": "Invoke App Service Slots Extensions APIs.", - "name": "microsoft.web/sites/slots/extensions/api/action", + "description": "Get Private Link Resources.", + "displayName": "Get Private Link Resources", + "name": "Microsoft.Web/sites/privateLinkResources/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Function keys.", - "displayName": "Update Web Apps Functions Keys", - "name": "microsoft.web/sites/slots/functions/keys/write", + "description": "Gets the available metrics for Static Site", + "displayName": "Read Static Site metric definitions", + "name": "Microsoft.Web/staticSites/providers/Microsoft.Insights/metricDefinitions/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Function keys.", - "displayName": "Delete Web Apps Functions Keys", - "name": "microsoft.web/sites/slots/functions/keys/delete", + "description": "Get Private Endpoint Connection Proxies for a Static Site", + "displayName": "Get Private Endpoint Connection Proxies", + "name": "Microsoft.Web/staticSites/privateEndpointConnectionProxies/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Functions Host keys.", - "displayName": "List Web Apps Functions Host Keys", - "name": "microsoft.web/sites/slots/host/listkeys/action", + "description": "Read Private Endpoint Connection Proxy Operations for a Static Site", + "displayName": "Read Private Endpoint Connection Proxy Operations", + "name": "Microsoft.Web/staticSites/privateEndpointConnectionProxies/operations/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Sync Function Triggers.", - "displayName": "Sync Web Apps Function Triggers", - "name": "microsoft.web/sites/slots/host/sync/action", + "description": "Get a private endpoint connection or the list of private endpoint connections for a static site", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Web/staticSites/privateEndpointConnections/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Functions Host Function keys.", - "displayName": "Update Web Apps Functions Host Function Keys", - "name": "microsoft.web/sites/slots/host/functionkeys/write", + "description": "Get Private Link Resources", + "displayName": "Get Private Link Resources", + "name": "Microsoft.Web/staticSites/privateLinkResources/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Functions Host Function keys.", - "displayName": "Delete Web Apps Functions Host Function Keys", - "name": "microsoft.web/sites/slots/host/functionkeys/delete", + "description": "Get a private endpoint connection or the list of private endpoint connections.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Web/hostingEnvironments/privateEndpointConnections/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Functions Host System keys.", - "displayName": "Update Web Apps Functions Host System Keys", - "name": "microsoft.web/sites/slots/host/systemkeys/write", + "description": "Get Private Link Resources.", + "displayName": "Get Private Link Resources", + "name": "Microsoft.Web/hostingEnvironments/privateLinkResources/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Functions Host System keys.", - "displayName": "Delete Web Apps Functions Host System Keys", - "name": "microsoft.web/sites/slots/host/systemkeys/delete", + "description": "Get the properties of a Kubernetes Environment", + "displayName": "Get Kubernetes Environment", + "name": "Microsoft.Web/kubeEnvironments/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Network Configuration.", - "displayName": "Get App Service Network Configuration", - "name": "microsoft.web/sites/networkConfig/read", + "description": "Get the operations for a Kubernetes Environment", + "displayName": "Get Kubernetes Environment Operations", + "name": "Microsoft.Web/kubeEnvironments/operations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update App Service Network Configuration.", - "displayName": "Update App Service Network Configuration", - "name": "microsoft.web/sites/networkConfig/write", + "description": "Get networking configuration of an App Service Environment", + "displayName": "Get Networking Configuration", + "name": "Microsoft.Web/hostingEnvironments/configurations/networking/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete App Service Network Configuration.", - "displayName": "Delete App Service Network Configuration", - "name": "microsoft.web/sites/networkConfig/delete", + "description": "Get Static Site User Provided Function Apps", + "displayName": "Get Static Site User Provided Function Apps", + "name": "Microsoft.Web/staticSites/userProvidedFunctionApps/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List which publishing methods are allowed for a Web App", - "displayName": "List Web App Publishing Credentials Policies", - "name": "Microsoft.Web/sites/basicPublishingCredentialsPolicies/Read", + "description": "Get Static Site Build User Provided Function Apps", + "displayName": "Get Static Site Build User Provided Function Apps", + "name": "Microsoft.Web/staticSites/builds/userProvidedFunctionApps/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List which publishing methods are allowed for a Web App", - "displayName": "List Web App Publishing Credentials Policies", - "name": "Microsoft.Web/sites/basicPublishingCredentialsPolicies/Write", + "description": "Get Web App Slots Config Snapshots.", + "displayName": "Get Web App Slots Config Snapshots", + "name": "microsoft.web/sites/slots/config/snapshots/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List which publishing credentials are allowed for a Web App Slot", - "displayName": "List Web App Slot Publishing Credentials Policies", - "name": "Microsoft.Web/sites/slots/basicPublishingCredentialsPolicies/Read", + "description": "Gets the available metrics for App Service Environment", + "displayName": "Read App Service Environment metric definitions", + "name": "Microsoft.Web/hostingEnvironments/providers/Microsoft.Insights/metricDefinitions/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List which publishing credentials are allowed for a Web App Slot", - "displayName": "List Web App Slot Publishing Credentials Policies", - "name": "Microsoft.Web/sites/slots/basicPublishingCredentialsPolicies/Write", + "description": "List the functions for a Static Site Build", + "displayName": "List Static Site Build Functions", + "name": "Microsoft.Web/staticSites/builds/functions/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Approve or Reject a private endpoint connection.", - "displayName": "Approve or Reject Private Endpoint Connection", - "name": "Microsoft.Web/sites/privateEndpointConnections/Write", + "description": "Get the properties for a Worker App", + "displayName": "Get Worker App", + "name": "Microsoft.Web/workerApps/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get a Private Endpoint Connection or the list of Private Endpoint Connections.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Web/sites/privateEndpointConnections/Read", + "description": "Get the results of a Worker App operation", + "displayName": "Get Worker App Operation", + "name": "Microsoft.Web/workerApps/operationResults/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete a Private Endpoint Connection.", - "displayName": "Delete Private Endpoint Connection", - "name": "Microsoft.Web/sites/privateEndpointConnections/Delete", + "description": "Get App Service Slots Network Configuration.", + "displayName": "Get App Service Slots Network Configuration", + "name": "microsoft.web/sites/slots/networkConfig/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Private Link Resources.", - "displayName": "Get Private Link Resources", - "name": "Microsoft.Web/sites/privateLinkResources/Read", + "description": "Gets the available metrics for API Connections", + "displayName": "Read API Connections metric definitions", + "name": "Microsoft.Web/connections/providers/Microsoft.Insights/metricDefinitions/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Slots Config Snapshots.", - "displayName": "Get Web App Slots Config Snapshots", - "name": "microsoft.web/sites/slots/config/snapshots/read", + "description": "Get the properties for a Container App", + "displayName": "Get container App", + "name": "Microsoft.Web/containerApps/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Web Apps List Slot Secrets From Snapshot.", - "displayName": "Web Apps List Slot Secrets From Snapshot", - "name": "microsoft.web/sites/slots/config/snapshots/listsecrets/action", + "description": "Get the results of a Container App operation", + "displayName": "Get Container App Operation", + "name": "Microsoft.Web/containerApps/operationResults/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Slots Network Configuration.", - "displayName": "Get App Service Slots Network Configuration", - "name": "microsoft.web/sites/slots/networkConfig/read", + "description": "Get a Container App Revision", + "displayName": "Get Container App Revision", + "name": "Microsoft.Web/containerApps/revisions/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update App Service Slots Network Configuration.", - "displayName": "Update App Service Slots Network Configuration", - "name": "microsoft.web/sites/slots/networkConfig/write", + "description": "Get a Container App Source Control", + "displayName": "Get Container App Source Control", + "name": "Microsoft.Web/containerApps/sourcecontrols/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete App Service Slots Network Configuration.", - "displayName": "Delete App Service Slots Network Configuration", - "name": "microsoft.web/sites/slots/networkConfig/delete", + "description": "List Web Apps Hostruntime Workflow Triggers.", + "displayName": "List Web Apps Hostruntime Workflow Triggers", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web Apps Hostruntime Workflow Triggers.", - "displayName": "List Web Apps Hostruntime Workflow Triggers", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/read", + "description": "List Web Apps Hostruntime Workflow Runs.", + "displayName": "List Web Apps Hostruntime Workflow Runs", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/runs/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web Apps Hostruntime Workflow Trigger Uri.", - "displayName": "Get Web Apps Hostruntime Workflow Trigger Uri", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action", + "description": "Get info about custom hostnames under subscription.", + "displayName": "Get custom hostnames under subscription", + "name": "Microsoft.Web/customhostnameSites/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Run Web Apps Hostruntime Workflow Trigger.", - "displayName": "Run Web Apps Hostruntime Workflow Trigger", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/run/action", + "description": "Get the list of recommendations for App Service Plan.", + "displayName": "Get recommendations for App Service Plan", + "name": "Microsoft.Web/serverfarms/recommendations/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web Apps Hostruntime Workflow Runs.", - "displayName": "List Web Apps Hostruntime Workflow Runs", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/runs/read", + "description": "Get the properties of a Deleted Web App at location", + "displayName": "Get Deleted Web App at location", + "name": "Microsoft.Web/locations/deletedSites/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1158113,107 +1157842,114 @@ "providerName": "microsoft.web" }, { - "description": "Get Web App settings.", - "displayName": "Get Web App settings", - "name": "microsoft.web/sites/config/appsettings/read", + "description": "Get Static Site Linked Backends", + "displayName": "Get Static Site Linked Backends", + "name": "Microsoft.Web/staticSites/linkedBackends/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Features.", - "displayName": "Get Web App Network Features", - "name": "microsoft.web/sites/networkfeatures/read", + "description": "Get Static Site Build Linked Backends", + "displayName": "Get Static Site Build Linked Backends", + "name": "Microsoft.Web/staticSites/builds/linkedBackends/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Slot Features.", - "displayName": "Get Web App Slot Network Features", - "name": "microsoft.web/sites/slots/networkfeatures/read", + "description": "Get Certificates Operation Results.", + "displayName": "Get Certificates Operation Results", + "name": "microsoft.web/certificates/operationresults/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Slot settings.", - "displayName": "Get Web App Slot settings", - "name": "microsoft.web/sites/slots/config/appsettings/read", + "description": "Get Function App Stacks.", + "displayName": "Get Function App Stacks", + "name": "microsoft.web/functionappstacks/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Create or Update Web App Slot's Single App setting", - "displayName": "Create or Update Web App Slot's Single App setting", - "name": "microsoft.web/sites/slots/config/appsettings/write", + "description": "Get Function App Stacks for location.", + "displayName": "Get Function App Stacks for location", + "name": "microsoft.web/locations/functionappstacks/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Single App setting.", - "displayName": "Get Web App Single App setting", - "name": "microsoft.web/sites/config/web/appsettings/read", + "description": "Get Hosting Environment Configurations.", + "displayName": "Get Hosting Environment Configurations", + "name": "microsoft.web/hostingenvironments/configurations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Create or Update Web App Single App setting", - "displayName": "Create or Update Web App Single App setting", - "name": "microsoft.web/sites/config/web/appsettings/write", + "description": "Get first party Azure Key vault referenced settings for App Service Plan.", + "displayName": "Get App Service Plan Key Vault first party settings", + "name": "microsoft.web/serverfarms/firstpartyapps/keyvaultsettings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web Apps App Setting", - "displayName": "Delete Web Apps App Setting", - "name": "microsoft.web/sites/config/web/appsettings/delete", + "description": "Get Web App Stacks.", + "displayName": "Get Web App Stacks", + "name": "microsoft.web/webappstacks/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web App Slot's App Setting", - "displayName": "Delete Web App Slot's App Setting", - "name": "microsoft.web/sites/slots/config/web/appsettings/delete", + "description": "Get Web App Stacks for location.", + "displayName": "Get Web App Stacks for location", + "name": "microsoft.web/locations/webappstacks/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App single connectionstring", - "displayName": "Get Web App single connection string", - "name": "microsoft.web/sites/config/web/connectionstrings/read", + "description": "Get Web App settings.", + "displayName": "Get Web App settings", + "name": "microsoft.web/sites/config/appsettings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App single App setting.", - "displayName": "Create or Update Web App single sonnection string", - "name": "microsoft.web/sites/config/web/connectionstrings/write", + "description": "Get Web App Features.", + "displayName": "Get Web App Network Features", + "name": "microsoft.web/sites/networkfeatures/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web App single connection string", - "displayName": "Delete Web App single connection string", - "name": "microsoft.web/sites/config/web/connectionstrings/delete", + "description": "Get Web App Slot Features.", + "displayName": "Get Web App Slot Network Features", + "name": "microsoft.web/sites/slots/networkfeatures/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Slot's single connection string", - "displayName": "Get Web App Slot's single connection string", - "name": "microsoft.web/sites/slots/config/web/connectionstrings/read", + "description": "Get Web App Slot settings.", + "displayName": "Get Web App Slot settings", + "name": "microsoft.web/sites/slots/config/appsettings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Create or Update Web App Slot's single sonnection string", - "displayName": "Create or Update Web App Slot's single sonnection string", - "name": "microsoft.web/sites/slots/config/web/connectionstrings/write", + "description": "Get Web App Single App setting.", + "displayName": "Get Web App Single App setting", + "name": "microsoft.web/sites/config/web/appsettings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web App slot's single connection string", - "displayName": "Delete Web App slot's single connection string", - "name": "microsoft.web/sites/slots/config/web/connectionstrings/delete", + "description": "Get Web App single connectionstring", + "displayName": "Get Web App single connection string", + "name": "microsoft.web/sites/config/web/connectionstrings/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Web App Slot's single connection string", + "displayName": "Get Web App Slot's single connection string", + "name": "microsoft.web/sites/slots/config/web/connectionstrings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1158246,23 +1157982,30 @@ "providerName": "microsoft.web" }, { - "description": "Create or Update Web App Network Security Perimeter Association Proxies.", - "displayName": "Create or Update Web App Network Security Perimeter Association Proxies", - "name": "Microsoft.Web/Sites/networkSecurityPerimeterAssociationProxies/write", + "description": "Get Static Site Database Connection", + "displayName": "Get Static Site Database Connections", + "name": "Microsoft.Web/staticSites/databaseConnections/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Network Security Perimeter Association Proxies.", - "displayName": "Get Web App Network Security Perimeter Association Proxies", - "name": "Microsoft.Web/Sites/networkSecurityPerimeterAssociationProxies/read", + "description": "Get Static Site Build Database Connections", + "displayName": "Get Static Site Build Database Connections", + "name": "Microsoft.Web/staticSites/builds/databaseConnections/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web App Network Security Perimeter Association Proxies.", - "displayName": "Delete Web App Network Security Perimeter Association Proxies", - "name": "Microsoft.Web/Sites/networkSecurityPerimeterAssociationProxies/delete", + "description": "Lists free trial static web apps.", + "displayName": "List free trial static web apps", + "name": "Microsoft.Web/freeTrialStaticWebApps/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Web App Network Security Perimeter Association Proxies.", + "displayName": "Get Web App Network Security Perimeter Association Proxies", + "name": "Microsoft.Web/Sites/networkSecurityPerimeterAssociationProxies/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1158272,6 +1158015,139 @@ "name": "Microsoft.Web/Sites/networkSecurityPerimeterConfigurations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" + }, + { + "description": "Apply web app slot configuration from target slot to the current web app", + "displayName": "Apply Web App Configuration", + "name": "Microsoft.Web/sites/applySlotConfig/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Function App's master key for admin operations", + "displayName": "Get Function App master key", + "name": "Microsoft.Web/sites/hostruntime/host/_master/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Perform Function App runtime action like sync triggers, add functions, invoke functions, delete functions etc.", + "displayName": "Perform Function App runtime action", + "name": "Microsoft.Web/sites/hostruntime/host/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Web Apps Hostruntime Functions Keys.", + "displayName": "Get Web Apps Hostruntime Functions Keys", + "name": "microsoft.web/sites/hostruntime/functions/keys/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Web Apps Hostruntime Host.", + "displayName": "Get Web Apps Hostruntime Host", + "name": "microsoft.web/sites/hostruntime/host/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Web Apps Hostruntime Workflow Triggers.", + "displayName": "List Web Apps Hostruntime Workflow Triggers", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Web Apps Hostruntime Workflow Trigger Uri.", + "displayName": "Get Web Apps Hostruntime Workflow Trigger Uri", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Run Web Apps Hostruntime Workflow Trigger.", + "displayName": "Run Web Apps Hostruntime Workflow Trigger", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/run/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Web Apps Hostruntime Workflow Runs.", + "displayName": "List Web Apps Hostruntime Workflow Runs", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/runs/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Restart a Web App", + "displayName": "Restart Web App", + "name": "Microsoft.Web/sites/restart/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Restart a Web App Slot", + "displayName": "Restart Web App Slot", + "name": "Microsoft.Web/sites/slots/restart/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Swap Web App deployment slots", + "displayName": "Swap Web App Slots", + "name": "Microsoft.Web/sites/slots/slotsswap/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Start a Web App Slot", + "displayName": "Start Web App Slot", + "name": "Microsoft.Web/sites/slots/start/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Stop a Web App Slot", + "displayName": "Stop Web App Slot", + "name": "Microsoft.Web/sites/slots/stop/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get differences in configuration between web app and slots", + "displayName": "Get Web App Slots Differences", + "name": "Microsoft.Web/sites/slotsdiffs/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Swap Web App deployment slots", + "displayName": "Swap Web App Slots", + "name": "Microsoft.Web/sites/slotsswap/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Start a Web App", + "displayName": "Start Web App", + "name": "Microsoft.Web/sites/start/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Stop a Web App", + "displayName": "Stop Web App", + "name": "Microsoft.Web/sites/stop/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Create a new Web App or update an existing one", + "displayName": "Create or Update Web App", + "name": "Microsoft.Web/sites/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" } ], "permittedDataActions": [], @@ -1158285,12 +1158161,18 @@ "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Support/*", "Microsoft.Web/*/read", - "Microsoft.Web/certificates/*", - "Microsoft.Web/connectionGateways/*", - "Microsoft.Web/connections/*", - "Microsoft.Web/customApis/*", - "Microsoft.Web/serverFarms/*", - "Microsoft.Web/sites/*" + "Microsoft.Web/sites/applySlotConfig/Action", + "microsoft.web/sites/hostruntime/*", + "Microsoft.Web/sites/restart/Action", + "Microsoft.Web/sites/slots/restart/Action", + "Microsoft.Web/sites/slots/slotsswap/Action", + "Microsoft.Web/sites/slots/start/Action", + "Microsoft.Web/sites/slots/stop/Action", + "Microsoft.Web/sites/slotsdiffs/Action", + "Microsoft.Web/sites/slotsswap/Action", + "Microsoft.Web/sites/start/Action", + "Microsoft.Web/sites/stop/Action", + "Microsoft.Web/sites/write" ], "condition": null, "conditionVersion": null, @@ -1158301,10 +1158183,10 @@ ] }, { - "description": "You can enable and disable the logic app, resubmit workflow runs, as well as create connections. You can't edit workflows or settings.", + "description": "You have read-only access to all resources in a Standard logic app and workflows, including the workflow runs and their history.", "hasExternal": false, "hasUnknown": false, - "name": "Logic Apps Standard Operator (Preview)", + "name": "Logic Apps Standard Reader (Preview)", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1160685,139 +1160567,6 @@ "name": "Microsoft.Web/Sites/networkSecurityPerimeterConfigurations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" - }, - { - "description": "Apply web app slot configuration from target slot to the current web app", - "displayName": "Apply Web App Configuration", - "name": "Microsoft.Web/sites/applySlotConfig/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Function App's master key for admin operations", - "displayName": "Get Function App master key", - "name": "Microsoft.Web/sites/hostruntime/host/_master/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Perform Function App runtime action like sync triggers, add functions, invoke functions, delete functions etc.", - "displayName": "Perform Function App runtime action", - "name": "Microsoft.Web/sites/hostruntime/host/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web Apps Hostruntime Functions Keys.", - "displayName": "Get Web Apps Hostruntime Functions Keys", - "name": "microsoft.web/sites/hostruntime/functions/keys/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web Apps Hostruntime Host.", - "displayName": "Get Web Apps Hostruntime Host", - "name": "microsoft.web/sites/hostruntime/host/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List Web Apps Hostruntime Workflow Triggers.", - "displayName": "List Web Apps Hostruntime Workflow Triggers", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web Apps Hostruntime Workflow Trigger Uri.", - "displayName": "Get Web Apps Hostruntime Workflow Trigger Uri", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Run Web Apps Hostruntime Workflow Trigger.", - "displayName": "Run Web Apps Hostruntime Workflow Trigger", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/run/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List Web Apps Hostruntime Workflow Runs.", - "displayName": "List Web Apps Hostruntime Workflow Runs", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/runs/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Restart a Web App", - "displayName": "Restart Web App", - "name": "Microsoft.Web/sites/restart/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Restart a Web App Slot", - "displayName": "Restart Web App Slot", - "name": "Microsoft.Web/sites/slots/restart/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Swap Web App deployment slots", - "displayName": "Swap Web App Slots", - "name": "Microsoft.Web/sites/slots/slotsswap/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Start a Web App Slot", - "displayName": "Start Web App Slot", - "name": "Microsoft.Web/sites/slots/start/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Stop a Web App Slot", - "displayName": "Stop Web App Slot", - "name": "Microsoft.Web/sites/slots/stop/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get differences in configuration between web app and slots", - "displayName": "Get Web App Slots Differences", - "name": "Microsoft.Web/sites/slotsdiffs/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Swap Web App deployment slots", - "displayName": "Swap Web App Slots", - "name": "Microsoft.Web/sites/slotsswap/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Start a Web App", - "displayName": "Start Web App", - "name": "Microsoft.Web/sites/start/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Stop a Web App", - "displayName": "Stop Web App", - "name": "Microsoft.Web/sites/stop/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Create a new Web App or update an existing one", - "displayName": "Create or Update Web App", - "name": "Microsoft.Web/sites/Write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" } ], "permittedDataActions": [], @@ -1160830,19 +1160579,7 @@ "Microsoft.Resources/subscriptions/operationresults/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Support/*", - "Microsoft.Web/*/read", - "Microsoft.Web/sites/applySlotConfig/Action", - "microsoft.web/sites/hostruntime/*", - "Microsoft.Web/sites/restart/Action", - "Microsoft.Web/sites/slots/restart/Action", - "Microsoft.Web/sites/slots/slotsswap/Action", - "Microsoft.Web/sites/slots/start/Action", - "Microsoft.Web/sites/slots/stop/Action", - "Microsoft.Web/sites/slotsdiffs/Action", - "Microsoft.Web/sites/slotsswap/Action", - "Microsoft.Web/sites/start/Action", - "Microsoft.Web/sites/stop/Action", - "Microsoft.Web/sites/write" + "Microsoft.Web/*/read" ], "condition": null, "conditionVersion": null, @@ -1160853,10 +1160590,10 @@ ] }, { - "description": "You have read-only access to all resources in a Standard logic app and workflows, including the workflow runs and their history.", + "description": "You can create and edit workflows, connections, and settings for a Standard logic app. You can't make changes outside the workflow scope.", "hasExternal": false, "hasUnknown": false, - "name": "Logic Apps Standard Reader (Preview)", + "name": "Logic Apps Standard Developer (Preview)", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1163237,6 +1162974,293 @@ "name": "Microsoft.Web/Sites/networkSecurityPerimeterConfigurations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" + }, + { + "description": "Get the list of Connections.", + "displayName": "Get Connections", + "name": "Microsoft.Web/connections/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Creates or updates a Connection.", + "displayName": "Add or Update Connection", + "name": "Microsoft.Web/connections/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Deletes a Connection.", + "displayName": "Delete Connection", + "name": "Microsoft.Web/connections/Delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Moves a Connection.", + "displayName": "Move Connection", + "name": "Microsoft.Web/connections/Move/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Joins a Connection.", + "displayName": "Join Connection", + "name": "Microsoft.Web/connections/Join/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Confirm Connections Consent Code.", + "displayName": "Confirm Connections Consent Code", + "name": "microsoft.web/connections/confirmconsentcode/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Consent Links for Connections.", + "displayName": "List Consent Links for Connections", + "name": "microsoft.web/connections/listconsentlinks/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Lists API Connections Keys.", + "displayName": "List API Connections Keys", + "name": "microsoft.web/connections/listConnectionKeys/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Revokes API Connections Keys.", + "displayName": "Revokes API Connections Keys", + "name": "microsoft.web/connections/revokeConnectionKeys/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Dynamic Invoke a Connection.", + "displayName": "Dynamic Invoke Connection.", + "name": "microsoft.web/connections/dynamicInvoke/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Gets the available metrics for API Connections", + "displayName": "Read API Connections metric definitions", + "name": "Microsoft.Web/connections/providers/Microsoft.Insights/metricDefinitions/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get the list of Custom API.", + "displayName": "Get Custom API", + "name": "Microsoft.Web/customApis/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Creates or updates a Custom API.", + "displayName": "Add or Update Custom API", + "name": "Microsoft.Web/customApis/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Deletes a Custom API.", + "displayName": "Delete Custom API", + "name": "Microsoft.Web/customApis/Delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Moves a Custom API.", + "displayName": "Move Custom API", + "name": "Microsoft.Web/customApis/Move/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Joins a Custom API.", + "displayName": "Join Custom API", + "name": "Microsoft.Web/customApis/Join/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Extracts API definition from a WSDL.", + "displayName": "Extract API definition from WSDL", + "name": "Microsoft.Web/customApis/extractApiDefinitionFromWsdl/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Lists WSDL interfaces for a Custom API.", + "displayName": "List Custom API WSDL interfaces", + "name": "Microsoft.Web/customApis/listWsdlInterfaces/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Web App's security sensitive settings, such as publishing credentials, app settings and connection strings", + "displayName": "List Web App Security Sensitive Settings", + "name": "Microsoft.Web/sites/config/list/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Update Web App's configuration settings", + "displayName": "Update Web App Configuration", + "name": "Microsoft.Web/sites/config/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps App Setting", + "displayName": "Delete Web Apps App Setting", + "name": "microsoft.web/sites/config/web/appsettings/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Create or Update Web App Single App setting", + "displayName": "Create or Update Web App Single App setting", + "name": "microsoft.web/sites/config/web/appsettings/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Create the artifacts in a Logic App.", + "displayName": "Create the artifacts in a Logic App", + "name": "microsoft.web/sites/deployWorkflowArtifacts/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Function App's master key for admin operations", + "displayName": "Get Function App master key", + "name": "Microsoft.Web/sites/hostruntime/host/_master/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Perform Function App runtime action like sync triggers, add functions, invoke functions, delete functions etc.", + "displayName": "Perform Function App runtime action", + "name": "Microsoft.Web/sites/hostruntime/host/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Web Apps Hostruntime Functions Keys.", + "displayName": "Get Web Apps Hostruntime Functions Keys", + "name": "microsoft.web/sites/hostruntime/functions/keys/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Web Apps Hostruntime Host.", + "displayName": "Get Web Apps Hostruntime Host", + "name": "microsoft.web/sites/hostruntime/host/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Web Apps Hostruntime Workflow Triggers.", + "displayName": "List Web Apps Hostruntime Workflow Triggers", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Web Apps Hostruntime Workflow Trigger Uri.", + "displayName": "Get Web Apps Hostruntime Workflow Trigger Uri", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Run Web Apps Hostruntime Workflow Trigger.", + "displayName": "Run Web Apps Hostruntime Workflow Trigger", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/run/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Web Apps Hostruntime Workflow Runs.", + "displayName": "List Web Apps Hostruntime Workflow Runs", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/runs/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List logic app's connections by its ID in a Logic App.", + "displayName": "List logic app's connections by its ID in a Logic App", + "name": "microsoft.web/sites/listworkflowsconnections/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Publish a Web App", + "displayName": "Publish Web App", + "name": "Microsoft.Web/sites/publish/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Create or Update Web App Slot's Single App setting", + "displayName": "Create or Update Web App Slot's Single App setting", + "name": "microsoft.web/sites/slots/config/appsettings/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Web App Slot's security sensitive settings, such as publishing credentials, app settings and connection strings", + "displayName": "List Web App Slot Security Sensitive Settings", + "name": "Microsoft.Web/sites/slots/config/list/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web App Slot's App Setting", + "displayName": "Delete Web App Slot's App Setting", + "name": "microsoft.web/sites/slots/config/web/appsettings/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Create the artifacts in a deployment slot in a Logic App.", + "displayName": "Create the artifacts in a deployment slot in a Logic App", + "name": "microsoft.web/sites/slots/deployWorkflowArtifacts/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List logic app's connections by its ID in a deployment slot in a Logic App.", + "displayName": "List logic app's connections by its ID in a deployment slot in a Logic App", + "name": "microsoft.web/sites/slots/listworkflowsconnections/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Publish a Web App Slot", + "displayName": "Publish Web App Slot", + "name": "Microsoft.Web/sites/slots/publish/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List the workflows in a Logic App.", + "displayName": "List the workflows in a Logic App", + "name": "microsoft.web/sites/workflows/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get logic app's configuration information by its ID in a Logic App.", + "displayName": "Get logic app's configuration information by its ID in a Logic App", + "name": "microsoft.web/sites/workflowsconfiguration/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" } ], "permittedDataActions": [], @@ -1163249,7 +1163273,25 @@ "Microsoft.Resources/subscriptions/operationresults/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Support/*", - "Microsoft.Web/*/read" + "Microsoft.Web/*/read", + "Microsoft.Web/connections/*", + "Microsoft.Web/customApis/*", + "Microsoft.Web/sites/config/list/Action", + "microsoft.web/sites/config/Write", + "microsoft.web/sites/config/web/appsettings/delete", + "microsoft.web/sites/config/web/appsettings/write", + "microsoft.web/sites/deployWorkflowArtifacts/action", + "microsoft.web/sites/hostruntime/*", + "microsoft.web/sites/listworkflowsconnections/action", + "Microsoft.Web/sites/publish/Action", + "microsoft.web/sites/slots/config/appsettings/write", + "Microsoft.Web/sites/slots/config/list/Action", + "microsoft.web/sites/slots/config/web/appsettings/delete", + "microsoft.web/sites/slots/deployWorkflowArtifacts/action", + "microsoft.web/sites/slots/listworkflowsconnections/action", + "Microsoft.Web/sites/slots/publish/Action", + "microsoft.web/sites/workflows/*", + "microsoft.web/sites/workflowsconfiguration/*" ], "condition": null, "conditionVersion": null, @@ -1165129,10 +1165171,10 @@ ] }, { - "description": "Lets you subscribe messages on topicspaces.", + "description": "Lets you publish messages on topicspaces.", "hasExternal": false, "hasUnknown": false, - "name": "EventGrid TopicSpaces Subscriber", + "name": "EventGrid TopicSpaces Publisher", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1165956,9 +1165998,9 @@ ], "permittedDataActions": [ { - "description": "Subscribe to a topic space", - "displayName": "Topic spaces subscribe", - "name": "Microsoft.EventGrid/topicSpaces/subscribe/action", + "description": "Publish to a topic space", + "displayName": "Topic spaces publish", + "name": "Microsoft.EventGrid/topicSpaces/publish/action", "providerDisplayName": "Microsoft Event Grid", "providerName": "Microsoft.EventGrid" } @@ -1165975,7 +1166017,7 @@ "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.EventGrid/topicSpaces/subscribe/action" + "Microsoft.EventGrid/topicSpaces/publish/action" ], "notActions": [], "notDataActions": [] @@ -1165983,10 +1166025,10 @@ ] }, { - "description": "Lets you publish messages on topicspaces.", + "description": "Lets you subscribe messages on topicspaces.", "hasExternal": false, "hasUnknown": false, - "name": "EventGrid TopicSpaces Publisher", + "name": "EventGrid TopicSpaces Subscriber", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1166810,9 +1166852,9 @@ ], "permittedDataActions": [ { - "description": "Publish to a topic space", - "displayName": "Topic spaces publish", - "name": "Microsoft.EventGrid/topicSpaces/publish/action", + "description": "Subscribe to a topic space", + "displayName": "Topic spaces subscribe", + "name": "Microsoft.EventGrid/topicSpaces/subscribe/action", "providerDisplayName": "Microsoft Event Grid", "providerName": "Microsoft.EventGrid" } @@ -1166829,7 +1166871,7 @@ "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.EventGrid/topicSpaces/publish/action" + "Microsoft.EventGrid/topicSpaces/subscribe/action" ], "notActions": [], "notDataActions": [] @@ -1167155,12 +1167197,26 @@ ] }, { - "description": "Read DeID batch jobs. This role is in preview and subject to change.", + "description": "Create and manage DeID batch jobs. This role is in preview and subject to change.", "hasExternal": false, "hasUnknown": false, - "name": "DeID Batch Data Reader", + "name": "DeID Batch Data Owner", "permittedActions": [], "permittedDataActions": [ + { + "description": "Creates batches", + "displayName": "Creates a new batch operation", + "name": "Microsoft.HealthDataAIServices/DeidServices/Batch/write", + "providerDisplayName": "Microsoft.HealthDataAIServices", + "providerName": "Microsoft.HealthDataAIServices" + }, + { + "description": "Deletes a batch", + "displayName": "Deletes an existing batch operation", + "name": "Microsoft.HealthDataAIServices/DeidServices/Batch/delete", + "providerDisplayName": "Microsoft.HealthDataAIServices", + "providerName": "Microsoft.HealthDataAIServices" + }, { "description": "Reads a batch", "displayName": "Get/List an existing batch operation", @@ -1167175,37 +1167231,22 @@ "condition": null, "conditionVersion": null, "dataActions": [ + "Microsoft.HealthDataAIServices/DeidServices/Batch/write", + "Microsoft.HealthDataAIServices/DeidServices/Batch/delete", "Microsoft.HealthDataAIServices/DeidServices/Batch/read" ], "notActions": [], - "notDataActions": [ - "Microsoft.HealthDataAIServices/DeidServices/Batch/write", - "Microsoft.HealthDataAIServices/DeidServices/Batch/delete" - ] + "notDataActions": [] } ] }, { - "description": "Create and manage DeID batch jobs. This role is in preview and subject to change.", + "description": "Read DeID batch jobs. This role is in preview and subject to change.", "hasExternal": false, "hasUnknown": false, - "name": "DeID Batch Data Owner", + "name": "DeID Batch Data Reader", "permittedActions": [], "permittedDataActions": [ - { - "description": "Creates batches", - "displayName": "Creates a new batch operation", - "name": "Microsoft.HealthDataAIServices/DeidServices/Batch/write", - "providerDisplayName": "Microsoft.HealthDataAIServices", - "providerName": "Microsoft.HealthDataAIServices" - }, - { - "description": "Deletes a batch", - "displayName": "Deletes an existing batch operation", - "name": "Microsoft.HealthDataAIServices/DeidServices/Batch/delete", - "providerDisplayName": "Microsoft.HealthDataAIServices", - "providerName": "Microsoft.HealthDataAIServices" - }, { "description": "Reads a batch", "displayName": "Get/List an existing batch operation", @@ -1167220,12 +1167261,13 @@ "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.HealthDataAIServices/DeidServices/Batch/write", - "Microsoft.HealthDataAIServices/DeidServices/Batch/delete", "Microsoft.HealthDataAIServices/DeidServices/Batch/read" ], "notActions": [], - "notDataActions": [] + "notDataActions": [ + "Microsoft.HealthDataAIServices/DeidServices/Batch/write", + "Microsoft.HealthDataAIServices/DeidServices/Batch/delete" + ] } ] }, @@ -1168410,11 +1168452,46 @@ ] }, { - "description": "Grants permissions to view VMs", + "description": "Grants permissions to perform all VM actions", "hasExternal": false, "hasUnknown": false, - "name": "Azure Stack HCI VM Reader", + "name": "Azure Stack HCI VM Contributor", "permittedActions": [ + { + "description": "Restarts virtual machine resource", + "displayName": "Restarts virtual machine resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/Restart/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Starts virtual machine resource", + "displayName": "Starts virtual machine resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/Start/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Stops virtual machine resource", + "displayName": "Stops virtual machine resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/Stop/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Deletes virtual machine resource", + "displayName": "Deletes virtual machine resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/Delete", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Creates/Updates virtual machine resource", + "displayName": "Creates/Updates virtual machine resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/Write", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, { "description": "Gets/Lists virtual machine resource", "displayName": "Gets/Lists virtual machine resource", @@ -1168423,9 +1168500,9 @@ "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Gets/Lists virtual machine instance resource", - "displayName": "Gets/Lists virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Read", + "description": "Gets/Lists virtual machine hybrid identity metadata proxy resource", + "displayName": "Gets/Lists virtual machine hybrid identity metadata proxy resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/HybridIdentityMetadata/Read", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, @@ -1168437,16 +1168514,100 @@ "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Gets/Lists virtual networks resource", - "displayName": "Gets/Lists virtual networks resource", - "name": "Microsoft.AzureStackHCI/VirtualNetworks/Read", + "description": "Creates/Updates virtual machine extensions resource", + "displayName": "Creates/Updates virtual machine extensions resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Write", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Gets/Lists logical networks resource", - "displayName": "Gets/Lists logical networks resource", - "name": "Microsoft.AzureStackHCI/LogicalNetworks/Read", + "description": "Deletes virtual machine extensions resource", + "displayName": "Deletes virtual machine extensions resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Delete", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Restarts virtual machine instance resource", + "displayName": "Restarts virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Restart/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Starts virtual machine instance resource", + "displayName": "Starts virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Start/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Stops virtual machine instance resource", + "displayName": "Stops virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Stop/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Pauses virtual machine instance resource", + "displayName": "Pauses virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Pause/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Saves virtual machine instance resource", + "displayName": "Saves virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Save/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Deletes virtual machine instance resource", + "displayName": "Deletes virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Delete", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Creates/Updates virtual machine instance resource", + "displayName": "Creates/Updates virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Write", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists virtual machine instance resource", + "displayName": "Gets/Lists virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists virtual machine instance hybrid identity metadata proxy resource", + "displayName": "Gets/Lists virtual machine instance hybrid identity metadata proxy resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/HybridIdentityMetadata/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists virtual machine instance's attestation status", + "displayName": "Gets/Lists virtual machine instance's attestation status", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/attestationStatus/read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Deletes network interfaces resource", + "displayName": "Deletes network interfaces resource", + "name": "Microsoft.AzureStackHCI/NetworkInterfaces/Delete", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Creates/Updates network interfaces resource", + "displayName": "Creates/Updates network interfaces resource", + "name": "Microsoft.AzureStackHCI/NetworkInterfaces/Write", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, @@ -1168458,123 +1168619,123 @@ "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Gets/Lists virtual hard disk resource", - "displayName": "Gets/Lists virtual hard disk resource", - "name": "Microsoft.AzureStackHCI/VirtualHardDisks/Read", + "description": "Deletes virtual hard disk resource", + "displayName": "Deletes virtual hard disk resource", + "name": "Microsoft.AzureStackHCI/VirtualHardDisks/Delete", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Gets/Lists storage containers resource", - "displayName": "Gets/Lists storage containers resource", - "name": "Microsoft.AzureStackHCI/StorageContainers/Read", + "description": "Creates/Updates virtual hard disk resource", + "displayName": "Creates/Updates virtual hard disk resource", + "name": "Microsoft.AzureStackHCI/VirtualHardDisks/Write", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Gets/Lists gallery images resource", - "displayName": "Gets/Lists gallery images resource", - "name": "Microsoft.AzureStackHCI/GalleryImages/Read", + "description": "Gets/Lists virtual hard disk resource", + "displayName": "Gets/Lists virtual hard disk resource", + "name": "Microsoft.AzureStackHCI/VirtualHardDisks/Read", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Gets/Lists market place gallery images resource", - "displayName": "Gets/Lists market place gallery images resource", - "name": "Microsoft.AzureStackHCI/MarketPlaceGalleryImages/Read", + "description": "Gets/Lists virtual networks resource", + "displayName": "Gets/Lists virtual networks resource", + "name": "Microsoft.AzureStackHCI/VirtualNetworks/Read", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Gets/Lists a network security group resource", - "displayName": "Gets/Lists a network security group resource", - "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/Read", + "description": "Joins virtual networks resource", + "displayName": "Joins virtual networks resource", + "name": "Microsoft.AzureStackHCI/VirtualNetworks/join/action", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Gets/Lists security rule resource", - "displayName": "Gets/Lists security rule resource", - "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read", + "description": "Gets/Lists logical networks resource", + "displayName": "Gets/Lists logical networks resource", + "name": "Microsoft.AzureStackHCI/LogicalNetworks/Read", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Reads any Azure Arc licenses", - "displayName": "Read Azure Arc licenses", - "name": "Microsoft.HybridCompute/licenses/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Joins logical networks resource", + "displayName": "Joins logical networks resource", + "name": "Microsoft.AzureStackHCI/LogicalNetworks/join/action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Reads any Azure Arc extensions", - "displayName": "Read Azure Arc extensions", - "name": "Microsoft.HybridCompute/machines/extensions/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Gets/Lists gallery images resource", + "displayName": "Gets/Lists gallery images resource", + "name": "Microsoft.AzureStackHCI/GalleryImages/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Reads any Azure Arc licenseProfiles", - "displayName": "Read Azure Arc licenseProfiles", - "name": "Microsoft.HybridCompute/machines/licenseProfiles/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Deploys gallery images resource", + "displayName": "Deploys gallery images resource", + "name": "Microsoft.AzureStackHCI/GalleryImages/deploy/action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Reads any Azure Arc patchAssessmentResults", - "displayName": "Read Azure Arc patchAssessmentResults", - "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Gets/Lists storage containers resource", + "displayName": "Gets/Lists storage containers resource", + "name": "Microsoft.AzureStackHCI/StorageContainers/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Reads any Azure Arc patchAssessmentResults/softwarePatches", - "displayName": "Read Azure Arc patchAssessmentResults/softwarePatches", - "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Deploys storage containers resource", + "displayName": "Deploys storage containers resource", + "name": "Microsoft.AzureStackHCI/StorageContainers/deploy/action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Reads any Azure Arc patchInstallationResults", - "displayName": "Read Azure Arc patchInstallationResults", - "name": "Microsoft.HybridCompute/machines/patchInstallationResults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Gets/Lists market place gallery images resource", + "displayName": "Gets/Lists market place gallery images resource", + "name": "Microsoft.AzureStackHCI/MarketPlaceGalleryImages/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Reads any Azure Arc patchInstallationResults/softwarePatches", - "displayName": "Read Azure Arc patchInstallationResults/softwarePatches", - "name": "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Deploys market place gallery images resource", + "displayName": "Deploys market place gallery images resource", + "name": "Microsoft.AzureStackHCI/MarketPlaceGalleryImages/deploy/action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Read any Azure Arc machines", - "displayName": "Read Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Gets clusters", + "displayName": "Gets/List cluster resources", + "name": "Microsoft.AzureStackHCI/Clusters/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Reads any Azure Arc networkSecurityPerimeterConfigurations", - "displayName": "Read Azure Arc networkSecurityPerimeterConfigurations", - "name": "Microsoft.HybridCompute/privateLinkScopes/networkSecurityPerimeterConfigurations/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Gets arc resource of HCI cluster", + "displayName": "Gets/List arc resources", + "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Read any Azure Arc privateEndpointConnections", - "displayName": "Read Azure Arc privateEndpointConnections", - "name": "Microsoft.HybridCompute/privateLinkScopes/privateEndpointConnections/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Gets/Lists a network security group resource", + "displayName": "Gets/Lists a network security group resource", + "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Read any Azure Arc privateLinkScopes", - "displayName": "Read Azure Arc privateLinkScopes", - "name": "Microsoft.HybridCompute/privateLinkScopes/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Gets/Lists security rule resource", + "displayName": "Gets/Lists security rule resource", + "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" }, { "description": "Create or update a classic metric alert", @@ -1168632,6 +1168793,41 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, { "description": "Export template for a deployment", "displayName": "Export template for deployment", @@ -1168660,6 +1168856,13 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, { "description": "Gets or lists deployment operations.", "displayName": "Get Deployment Operation", @@ -1168890,35 +1169093,254 @@ "name": "Microsoft.Resources/subscriptions/operationresults/read", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" + }, + { + "description": "Read any Azure Arc machines", + "displayName": "Read Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Writes an Azure Arc machines", + "displayName": "Write Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc machines", + "displayName": "Delete Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Upgrades Extensions on Azure Arc machines", + "displayName": "Upgrade Extensions on Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/UpgradeExtensions/action", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Assesses any Azure Arc machines to get missing software patches", + "displayName": "Assess Azure Arc machines to get missing software patches", + "name": "Microsoft.HybridCompute/machines/assessPatches/action", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs patches on any Azure Arc machines", + "displayName": "Install patches on Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/installPatches/action", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc extensions", + "displayName": "Read Azure Arc extensions", + "name": "Microsoft.HybridCompute/machines/extensions/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs or Updates an Azure Arc extensions", + "displayName": "Install or Update an Azure Arc extensions", + "name": "Microsoft.HybridCompute/machines/extensions/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc extensions", + "displayName": "Delete Azure Arc extensions", + "name": "Microsoft.HybridCompute/machines/extensions/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Read all Operations for Azure Arc for Servers", + "displayName": "Read all Operations", + "name": "Microsoft.HybridCompute/operations/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", + "displayName": "Read Operation Results", + "name": "Microsoft.HybridCompute/locations/operationresults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", + "displayName": "Read Operation Results", + "name": "Microsoft.HybridCompute/locations/operationstatus/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc patchAssessmentResults", + "displayName": "Read Azure Arc patchAssessmentResults", + "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc patchAssessmentResults/softwarePatches", + "displayName": "Read Azure Arc patchAssessmentResults/softwarePatches", + "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc patchInstallationResults", + "displayName": "Read Azure Arc patchInstallationResults", + "name": "Microsoft.HybridCompute/machines/patchInstallationResults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc patchInstallationResults/softwarePatches", + "displayName": "Read Azure Arc patchInstallationResults/softwarePatches", + "name": "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads the status of an update center operation on machines", + "displayName": "Read Update Center Operation Results", + "name": "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Read any Azure Arc machines's Hybrid Identity Metadata", + "displayName": "Read Azure Arc machines's Hybrid Identity Metadata", + "name": "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Read all Azure Connected Machine Agent versions available", + "displayName": "Read all Azure Connected Machine Agent versions available", + "name": "Microsoft.HybridCompute/osType/agentVersions/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Read the latest Azure Connected Machine Agent version", + "displayName": "Read the latest Azure Connected Machine Agent version", + "name": "Microsoft.HybridCompute/osType/agentVersions/latest/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc runcommands", + "displayName": "Read Azure Arc runcommands", + "name": "Microsoft.HybridCompute/machines/runcommands/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs or Updates an Azure Arc runcommands", + "displayName": "Install or Update an Azure Arc runcommands", + "name": "Microsoft.HybridCompute/machines/runcommands/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc runcommands", + "displayName": "Delete Azure Arc runcommands", + "name": "Microsoft.HybridCompute/machines/runcommands/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc licenseProfiles", + "displayName": "Read Azure Arc licenseProfiles", + "name": "Microsoft.HybridCompute/machines/licenseProfiles/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs or Updates an Azure Arc licenseProfiles", + "displayName": "Install or Update an Azure Arc licenseProfiles", + "name": "Microsoft.HybridCompute/machines/licenseProfiles/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc licenseProfiles", + "displayName": "Delete Azure Arc licenseProfiles", + "name": "Microsoft.HybridCompute/machines/licenseProfiles/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc licenses", + "displayName": "Read Azure Arc licenses", + "name": "Microsoft.HybridCompute/licenses/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs or Updates an Azure Arc licenses", + "displayName": "Install or Update an Azure Arc licenses", + "name": "Microsoft.HybridCompute/licenses/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc licenses", + "displayName": "Delete Azure Arc licenses", + "name": "Microsoft.HybridCompute/licenses/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Gets an Custom Location resource", + "displayName": "Get Custom Location", + "name": "Microsoft.ExtendedLocation/customLocations/read", + "providerDisplayName": "Microsoft.ExtendedLocation", + "providerName": "Microsoft.ExtendedLocation" + }, + { + "description": "Deploy permissions to a Custom Location resource", + "displayName": "Deploy permissions to Custom Location", + "name": "Microsoft.ExtendedLocation/customLocations/deploy/action", + "providerDisplayName": "Microsoft.ExtendedLocation", + "providerName": "Microsoft.ExtendedLocation" + }, + { + "description": "Gets extension instance resource.", + "displayName": "Microsoft.KubernetesConfiguration/extensions/read", + "name": "Microsoft.KubernetesConfiguration/extensions/read", + "providerDisplayName": "Microsoft Kubernetes Configuration", + "providerName": "Microsoft.KubernetesConfiguration" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.AzureStackHCI/VirtualMachines/Read", - "Microsoft.AzureStackHCI/virtualMachineInstances/Read", - "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Read", + "Microsoft.AzureStackHCI/VirtualMachines/*", + "Microsoft.AzureStackHCI/virtualMachineInstances/*", + "Microsoft.AzureStackHCI/NetworkInterfaces/*", + "Microsoft.AzureStackHCI/VirtualHardDisks/*", "Microsoft.AzureStackHCI/VirtualNetworks/Read", + "Microsoft.AzureStackHCI/VirtualNetworks/join/action", "Microsoft.AzureStackHCI/LogicalNetworks/Read", - "Microsoft.AzureStackHCI/NetworkInterfaces/Read", - "Microsoft.AzureStackHCI/VirtualHardDisks/Read", - "Microsoft.AzureStackHCI/StorageContainers/Read", + "Microsoft.AzureStackHCI/LogicalNetworks/join/action", "Microsoft.AzureStackHCI/GalleryImages/Read", + "Microsoft.AzureStackHCI/GalleryImages/deploy/action", + "Microsoft.AzureStackHCI/StorageContainers/Read", + "Microsoft.AzureStackHCI/StorageContainers/deploy/action", "Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read", + "Microsoft.AzureStackHCI/MarketPlaceGalleryImages/deploy/action", + "Microsoft.AzureStackHCI/Clusters/Read", + "Microsoft.AzureStackHCI/Clusters/ArcSettings/Read", "Microsoft.AzureStackHCI/NetworkSecurityGroups/Read", "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read", - "Microsoft.HybridCompute/licenses/read", - "Microsoft.HybridCompute/machines/extensions/read", - "Microsoft.HybridCompute/machines/licenseProfiles/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", - "Microsoft.HybridCompute/machines/read", - "Microsoft.HybridCompute/privateLinkScopes/networkSecurityPerimeterConfigurations/read", - "Microsoft.HybridCompute/privateLinkScopes/privateEndpointConnections/read", - "Microsoft.HybridCompute/privateLinkScopes/read", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -1168927,17 +1169349,55 @@ "Microsoft.Insights/AlertRules/Throttled/Action", "Microsoft.Insights/AlertRules/Incidents/Read", "Microsoft.Resources/deployments/read", + "Microsoft.Resources/deployments/write", + "Microsoft.Resources/deployments/delete", + "Microsoft.Resources/deployments/cancel/action", + "Microsoft.Resources/deployments/validate/action", + "Microsoft.Resources/deployments/whatIf/action", "Microsoft.Resources/deployments/exportTemplate/action", "Microsoft.Resources/deployments/operations/read", "Microsoft.Resources/deployments/operationstatuses/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", + "Microsoft.Resources/subscriptions/resourcegroups/deployments/write", "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read", "Microsoft.ResourceHealth/availabilityStatuses/read", "Microsoft.Authorization/*/read", "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/subscriptions/operationresults/read" + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.HybridCompute/machines/read", + "Microsoft.HybridCompute/machines/write", + "Microsoft.HybridCompute/machines/delete", + "Microsoft.HybridCompute/machines/UpgradeExtensions/action", + "Microsoft.HybridCompute/machines/assessPatches/action", + "Microsoft.HybridCompute/machines/installPatches/action", + "Microsoft.HybridCompute/machines/extensions/read", + "Microsoft.HybridCompute/machines/extensions/write", + "Microsoft.HybridCompute/machines/extensions/delete", + "Microsoft.HybridCompute/operations/read", + "Microsoft.HybridCompute/locations/operationresults/read", + "Microsoft.HybridCompute/locations/operationstatus/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", + "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", + "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", + "Microsoft.HybridCompute/osType/agentVersions/read", + "Microsoft.HybridCompute/osType/agentVersions/latest/read", + "Microsoft.HybridCompute/machines/runcommands/read", + "Microsoft.HybridCompute/machines/runcommands/write", + "Microsoft.HybridCompute/machines/runcommands/delete", + "Microsoft.HybridCompute/machines/licenseProfiles/read", + "Microsoft.HybridCompute/machines/licenseProfiles/write", + "Microsoft.HybridCompute/machines/licenseProfiles/delete", + "Microsoft.HybridCompute/licenses/read", + "Microsoft.HybridCompute/licenses/write", + "Microsoft.HybridCompute/licenses/delete", + "Microsoft.ExtendedLocation/customLocations/Read", + "Microsoft.ExtendedLocation/customLocations/deploy/action", + "Microsoft.KubernetesConfiguration/extensions/read" ], "condition": null, "conditionVersion": null, @@ -1172383,46 +1172843,11 @@ ] }, { - "description": "Grants permissions to perform all VM actions", + "description": "Grants permissions to view VMs", "hasExternal": false, "hasUnknown": false, - "name": "Azure Stack HCI VM Contributor", + "name": "Azure Stack HCI VM Reader", "permittedActions": [ - { - "description": "Restarts virtual machine resource", - "displayName": "Restarts virtual machine resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/Restart/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Starts virtual machine resource", - "displayName": "Starts virtual machine resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/Start/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Stops virtual machine resource", - "displayName": "Stops virtual machine resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/Stop/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Deletes virtual machine resource", - "displayName": "Deletes virtual machine resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/Delete", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Creates/Updates virtual machine resource", - "displayName": "Creates/Updates virtual machine resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/Write", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, { "description": "Gets/Lists virtual machine resource", "displayName": "Gets/Lists virtual machine resource", @@ -1172430,83 +1172855,6 @@ "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, - { - "description": "Gets/Lists virtual machine hybrid identity metadata proxy resource", - "displayName": "Gets/Lists virtual machine hybrid identity metadata proxy resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/HybridIdentityMetadata/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets/Lists virtual machine extensions resource", - "displayName": "Gets/Lists virtual machine extensions resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Creates/Updates virtual machine extensions resource", - "displayName": "Creates/Updates virtual machine extensions resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Write", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Deletes virtual machine extensions resource", - "displayName": "Deletes virtual machine extensions resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Delete", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Restarts virtual machine instance resource", - "displayName": "Restarts virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Restart/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Starts virtual machine instance resource", - "displayName": "Starts virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Start/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Stops virtual machine instance resource", - "displayName": "Stops virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Stop/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Pauses virtual machine instance resource", - "displayName": "Pauses virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Pause/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Saves virtual machine instance resource", - "displayName": "Saves virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Save/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Deletes virtual machine instance resource", - "displayName": "Deletes virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Delete", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Creates/Updates virtual machine instance resource", - "displayName": "Creates/Updates virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Write", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, { "description": "Gets/Lists virtual machine instance resource", "displayName": "Gets/Lists virtual machine instance resource", @@ -1172515,30 +1172863,23 @@ "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Gets/Lists virtual machine instance hybrid identity metadata proxy resource", - "displayName": "Gets/Lists virtual machine instance hybrid identity metadata proxy resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/HybridIdentityMetadata/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets/Lists virtual machine instance's attestation status", - "displayName": "Gets/Lists virtual machine instance's attestation status", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/attestationStatus/read", + "description": "Gets/Lists virtual machine extensions resource", + "displayName": "Gets/Lists virtual machine extensions resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Read", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Deletes network interfaces resource", - "displayName": "Deletes network interfaces resource", - "name": "Microsoft.AzureStackHCI/NetworkInterfaces/Delete", + "description": "Gets/Lists virtual networks resource", + "displayName": "Gets/Lists virtual networks resource", + "name": "Microsoft.AzureStackHCI/VirtualNetworks/Read", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Creates/Updates network interfaces resource", - "displayName": "Creates/Updates network interfaces resource", - "name": "Microsoft.AzureStackHCI/NetworkInterfaces/Write", + "description": "Gets/Lists logical networks resource", + "displayName": "Gets/Lists logical networks resource", + "name": "Microsoft.AzureStackHCI/LogicalNetworks/Read", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, @@ -1172550,123 +1172891,123 @@ "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Deletes virtual hard disk resource", - "displayName": "Deletes virtual hard disk resource", - "name": "Microsoft.AzureStackHCI/VirtualHardDisks/Delete", + "description": "Gets/Lists virtual hard disk resource", + "displayName": "Gets/Lists virtual hard disk resource", + "name": "Microsoft.AzureStackHCI/VirtualHardDisks/Read", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Creates/Updates virtual hard disk resource", - "displayName": "Creates/Updates virtual hard disk resource", - "name": "Microsoft.AzureStackHCI/VirtualHardDisks/Write", + "description": "Gets/Lists storage containers resource", + "displayName": "Gets/Lists storage containers resource", + "name": "Microsoft.AzureStackHCI/StorageContainers/Read", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Gets/Lists virtual hard disk resource", - "displayName": "Gets/Lists virtual hard disk resource", - "name": "Microsoft.AzureStackHCI/VirtualHardDisks/Read", + "description": "Gets/Lists gallery images resource", + "displayName": "Gets/Lists gallery images resource", + "name": "Microsoft.AzureStackHCI/GalleryImages/Read", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Gets/Lists virtual networks resource", - "displayName": "Gets/Lists virtual networks resource", - "name": "Microsoft.AzureStackHCI/VirtualNetworks/Read", + "description": "Gets/Lists market place gallery images resource", + "displayName": "Gets/Lists market place gallery images resource", + "name": "Microsoft.AzureStackHCI/MarketPlaceGalleryImages/Read", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Joins virtual networks resource", - "displayName": "Joins virtual networks resource", - "name": "Microsoft.AzureStackHCI/VirtualNetworks/join/action", + "description": "Gets/Lists a network security group resource", + "displayName": "Gets/Lists a network security group resource", + "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/Read", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Gets/Lists logical networks resource", - "displayName": "Gets/Lists logical networks resource", - "name": "Microsoft.AzureStackHCI/LogicalNetworks/Read", + "description": "Gets/Lists security rule resource", + "displayName": "Gets/Lists security rule resource", + "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read", "providerDisplayName": "Microsoft.AzureStackHCI", "providerName": "Microsoft.AzureStackHCI" }, { - "description": "Joins logical networks resource", - "displayName": "Joins logical networks resource", - "name": "Microsoft.AzureStackHCI/LogicalNetworks/join/action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Reads any Azure Arc licenses", + "displayName": "Read Azure Arc licenses", + "name": "Microsoft.HybridCompute/licenses/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Gets/Lists gallery images resource", - "displayName": "Gets/Lists gallery images resource", - "name": "Microsoft.AzureStackHCI/GalleryImages/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Reads any Azure Arc extensions", + "displayName": "Read Azure Arc extensions", + "name": "Microsoft.HybridCompute/machines/extensions/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Deploys gallery images resource", - "displayName": "Deploys gallery images resource", - "name": "Microsoft.AzureStackHCI/GalleryImages/deploy/action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Reads any Azure Arc licenseProfiles", + "displayName": "Read Azure Arc licenseProfiles", + "name": "Microsoft.HybridCompute/machines/licenseProfiles/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Gets/Lists storage containers resource", - "displayName": "Gets/Lists storage containers resource", - "name": "Microsoft.AzureStackHCI/StorageContainers/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Reads any Azure Arc patchAssessmentResults", + "displayName": "Read Azure Arc patchAssessmentResults", + "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Deploys storage containers resource", - "displayName": "Deploys storage containers resource", - "name": "Microsoft.AzureStackHCI/StorageContainers/deploy/action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Reads any Azure Arc patchAssessmentResults/softwarePatches", + "displayName": "Read Azure Arc patchAssessmentResults/softwarePatches", + "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Gets/Lists market place gallery images resource", - "displayName": "Gets/Lists market place gallery images resource", - "name": "Microsoft.AzureStackHCI/MarketPlaceGalleryImages/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Reads any Azure Arc patchInstallationResults", + "displayName": "Read Azure Arc patchInstallationResults", + "name": "Microsoft.HybridCompute/machines/patchInstallationResults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Deploys market place gallery images resource", - "displayName": "Deploys market place gallery images resource", - "name": "Microsoft.AzureStackHCI/MarketPlaceGalleryImages/deploy/action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Reads any Azure Arc patchInstallationResults/softwarePatches", + "displayName": "Read Azure Arc patchInstallationResults/softwarePatches", + "name": "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Gets clusters", - "displayName": "Gets/List cluster resources", - "name": "Microsoft.AzureStackHCI/Clusters/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Read any Azure Arc machines", + "displayName": "Read Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Gets arc resource of HCI cluster", - "displayName": "Gets/List arc resources", - "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Reads any Azure Arc networkSecurityPerimeterConfigurations", + "displayName": "Read Azure Arc networkSecurityPerimeterConfigurations", + "name": "Microsoft.HybridCompute/privateLinkScopes/networkSecurityPerimeterConfigurations/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Gets/Lists a network security group resource", - "displayName": "Gets/Lists a network security group resource", - "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Read any Azure Arc privateEndpointConnections", + "displayName": "Read Azure Arc privateEndpointConnections", + "name": "Microsoft.HybridCompute/privateLinkScopes/privateEndpointConnections/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Gets/Lists security rule resource", - "displayName": "Gets/Lists security rule resource", - "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "Read any Azure Arc privateLinkScopes", + "displayName": "Read Azure Arc privateLinkScopes", + "name": "Microsoft.HybridCompute/privateLinkScopes/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { "description": "Create or update a classic metric alert", @@ -1172724,41 +1173065,6 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, { "description": "Export template for a deployment", "displayName": "Export template for deployment", @@ -1172787,13 +1173093,6 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, { "description": "Gets or lists deployment operations.", "displayName": "Get Deployment Operation", @@ -1173024,254 +1173323,35 @@ "name": "Microsoft.Resources/subscriptions/operationresults/read", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" - }, - { - "description": "Read any Azure Arc machines", - "displayName": "Read Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Writes an Azure Arc machines", - "displayName": "Write Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Deletes an Azure Arc machines", - "displayName": "Delete Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Upgrades Extensions on Azure Arc machines", - "displayName": "Upgrade Extensions on Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/UpgradeExtensions/action", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Assesses any Azure Arc machines to get missing software patches", - "displayName": "Assess Azure Arc machines to get missing software patches", - "name": "Microsoft.HybridCompute/machines/assessPatches/action", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Installs patches on any Azure Arc machines", - "displayName": "Install patches on Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/installPatches/action", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc extensions", - "displayName": "Read Azure Arc extensions", - "name": "Microsoft.HybridCompute/machines/extensions/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Installs or Updates an Azure Arc extensions", - "displayName": "Install or Update an Azure Arc extensions", - "name": "Microsoft.HybridCompute/machines/extensions/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Deletes an Azure Arc extensions", - "displayName": "Delete Azure Arc extensions", - "name": "Microsoft.HybridCompute/machines/extensions/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Read all Operations for Azure Arc for Servers", - "displayName": "Read all Operations", - "name": "Microsoft.HybridCompute/operations/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", - "displayName": "Read Operation Results", - "name": "Microsoft.HybridCompute/locations/operationresults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", - "displayName": "Read Operation Results", - "name": "Microsoft.HybridCompute/locations/operationstatus/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc patchAssessmentResults", - "displayName": "Read Azure Arc patchAssessmentResults", - "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc patchAssessmentResults/softwarePatches", - "displayName": "Read Azure Arc patchAssessmentResults/softwarePatches", - "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc patchInstallationResults", - "displayName": "Read Azure Arc patchInstallationResults", - "name": "Microsoft.HybridCompute/machines/patchInstallationResults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc patchInstallationResults/softwarePatches", - "displayName": "Read Azure Arc patchInstallationResults/softwarePatches", - "name": "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads the status of an update center operation on machines", - "displayName": "Read Update Center Operation Results", - "name": "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Read any Azure Arc machines's Hybrid Identity Metadata", - "displayName": "Read Azure Arc machines's Hybrid Identity Metadata", - "name": "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Read all Azure Connected Machine Agent versions available", - "displayName": "Read all Azure Connected Machine Agent versions available", - "name": "Microsoft.HybridCompute/osType/agentVersions/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Read the latest Azure Connected Machine Agent version", - "displayName": "Read the latest Azure Connected Machine Agent version", - "name": "Microsoft.HybridCompute/osType/agentVersions/latest/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc runcommands", - "displayName": "Read Azure Arc runcommands", - "name": "Microsoft.HybridCompute/machines/runcommands/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Installs or Updates an Azure Arc runcommands", - "displayName": "Install or Update an Azure Arc runcommands", - "name": "Microsoft.HybridCompute/machines/runcommands/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Deletes an Azure Arc runcommands", - "displayName": "Delete Azure Arc runcommands", - "name": "Microsoft.HybridCompute/machines/runcommands/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc licenseProfiles", - "displayName": "Read Azure Arc licenseProfiles", - "name": "Microsoft.HybridCompute/machines/licenseProfiles/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Installs or Updates an Azure Arc licenseProfiles", - "displayName": "Install or Update an Azure Arc licenseProfiles", - "name": "Microsoft.HybridCompute/machines/licenseProfiles/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Deletes an Azure Arc licenseProfiles", - "displayName": "Delete Azure Arc licenseProfiles", - "name": "Microsoft.HybridCompute/machines/licenseProfiles/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc licenses", - "displayName": "Read Azure Arc licenses", - "name": "Microsoft.HybridCompute/licenses/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Installs or Updates an Azure Arc licenses", - "displayName": "Install or Update an Azure Arc licenses", - "name": "Microsoft.HybridCompute/licenses/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Deletes an Azure Arc licenses", - "displayName": "Delete Azure Arc licenses", - "name": "Microsoft.HybridCompute/licenses/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Gets an Custom Location resource", - "displayName": "Get Custom Location", - "name": "Microsoft.ExtendedLocation/customLocations/read", - "providerDisplayName": "Microsoft.ExtendedLocation", - "providerName": "Microsoft.ExtendedLocation" - }, - { - "description": "Deploy permissions to a Custom Location resource", - "displayName": "Deploy permissions to Custom Location", - "name": "Microsoft.ExtendedLocation/customLocations/deploy/action", - "providerDisplayName": "Microsoft.ExtendedLocation", - "providerName": "Microsoft.ExtendedLocation" - }, - { - "description": "Gets extension instance resource.", - "displayName": "Microsoft.KubernetesConfiguration/extensions/read", - "name": "Microsoft.KubernetesConfiguration/extensions/read", - "providerDisplayName": "Microsoft Kubernetes Configuration", - "providerName": "Microsoft.KubernetesConfiguration" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.AzureStackHCI/VirtualMachines/*", - "Microsoft.AzureStackHCI/virtualMachineInstances/*", - "Microsoft.AzureStackHCI/NetworkInterfaces/*", - "Microsoft.AzureStackHCI/VirtualHardDisks/*", + "Microsoft.AzureStackHCI/VirtualMachines/Read", + "Microsoft.AzureStackHCI/virtualMachineInstances/Read", + "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Read", "Microsoft.AzureStackHCI/VirtualNetworks/Read", - "Microsoft.AzureStackHCI/VirtualNetworks/join/action", "Microsoft.AzureStackHCI/LogicalNetworks/Read", - "Microsoft.AzureStackHCI/LogicalNetworks/join/action", - "Microsoft.AzureStackHCI/GalleryImages/Read", - "Microsoft.AzureStackHCI/GalleryImages/deploy/action", + "Microsoft.AzureStackHCI/NetworkInterfaces/Read", + "Microsoft.AzureStackHCI/VirtualHardDisks/Read", "Microsoft.AzureStackHCI/StorageContainers/Read", - "Microsoft.AzureStackHCI/StorageContainers/deploy/action", + "Microsoft.AzureStackHCI/GalleryImages/Read", "Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read", - "Microsoft.AzureStackHCI/MarketPlaceGalleryImages/deploy/action", - "Microsoft.AzureStackHCI/Clusters/Read", - "Microsoft.AzureStackHCI/Clusters/ArcSettings/Read", "Microsoft.AzureStackHCI/NetworkSecurityGroups/Read", "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read", + "Microsoft.HybridCompute/licenses/read", + "Microsoft.HybridCompute/machines/extensions/read", + "Microsoft.HybridCompute/machines/licenseProfiles/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", + "Microsoft.HybridCompute/machines/read", + "Microsoft.HybridCompute/privateLinkScopes/networkSecurityPerimeterConfigurations/read", + "Microsoft.HybridCompute/privateLinkScopes/privateEndpointConnections/read", + "Microsoft.HybridCompute/privateLinkScopes/read", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -1173280,55 +1173360,17 @@ "Microsoft.Insights/AlertRules/Throttled/Action", "Microsoft.Insights/AlertRules/Incidents/Read", "Microsoft.Resources/deployments/read", - "Microsoft.Resources/deployments/write", - "Microsoft.Resources/deployments/delete", - "Microsoft.Resources/deployments/cancel/action", - "Microsoft.Resources/deployments/validate/action", - "Microsoft.Resources/deployments/whatIf/action", "Microsoft.Resources/deployments/exportTemplate/action", "Microsoft.Resources/deployments/operations/read", "Microsoft.Resources/deployments/operationstatuses/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", - "Microsoft.Resources/subscriptions/resourcegroups/deployments/write", "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read", "Microsoft.ResourceHealth/availabilityStatuses/read", "Microsoft.Authorization/*/read", "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.HybridCompute/machines/read", - "Microsoft.HybridCompute/machines/write", - "Microsoft.HybridCompute/machines/delete", - "Microsoft.HybridCompute/machines/UpgradeExtensions/action", - "Microsoft.HybridCompute/machines/assessPatches/action", - "Microsoft.HybridCompute/machines/installPatches/action", - "Microsoft.HybridCompute/machines/extensions/read", - "Microsoft.HybridCompute/machines/extensions/write", - "Microsoft.HybridCompute/machines/extensions/delete", - "Microsoft.HybridCompute/operations/read", - "Microsoft.HybridCompute/locations/operationresults/read", - "Microsoft.HybridCompute/locations/operationstatus/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", - "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", - "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", - "Microsoft.HybridCompute/osType/agentVersions/read", - "Microsoft.HybridCompute/osType/agentVersions/latest/read", - "Microsoft.HybridCompute/machines/runcommands/read", - "Microsoft.HybridCompute/machines/runcommands/write", - "Microsoft.HybridCompute/machines/runcommands/delete", - "Microsoft.HybridCompute/machines/licenseProfiles/read", - "Microsoft.HybridCompute/machines/licenseProfiles/write", - "Microsoft.HybridCompute/machines/licenseProfiles/delete", - "Microsoft.HybridCompute/licenses/read", - "Microsoft.HybridCompute/licenses/write", - "Microsoft.HybridCompute/licenses/delete", - "Microsoft.ExtendedLocation/customLocations/Read", - "Microsoft.ExtendedLocation/customLocations/deploy/action", - "Microsoft.KubernetesConfiguration/extensions/read" + "Microsoft.Resources/subscriptions/operationresults/read" ], "condition": null, "conditionVersion": null, @@ -1173644,10 +1173686,10 @@ ] }, { - "description": "Allows receive access to event grid events.", + "description": "Can perform all actions required to create a resource deployment within a resource group.", "hasExternal": false, "hasUnknown": false, - "name": "EventGrid Data Receiver", + "name": "Azure AI Inference Deployment Operator", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1173839,73 +1173881,87 @@ "providerName": "Microsoft.Authorization" }, { - "description": "Read a eventSubscription", - "displayName": "Read EventSubscription", - "name": "Microsoft.EventGrid/eventSubscriptions/read", - "providerDisplayName": "Microsoft Event Grid", - "providerName": "Microsoft.EventGrid" + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "List global event subscriptions by topic type", - "displayName": "List global event subscriptions by topic type", - "name": "Microsoft.EventGrid/topictypes/eventSubscriptions/read", - "providerDisplayName": "Microsoft Event Grid", - "providerName": "Microsoft.EventGrid" + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "List regional event subscriptions", - "displayName": "List regional event subscriptions", - "name": "Microsoft.EventGrid/locations/eventSubscriptions/read", - "providerDisplayName": "Microsoft Event Grid", - "providerName": "Microsoft.EventGrid" + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "List regional event subscriptions by topictype", - "displayName": "List regional event subscriptions by topictype", - "name": "Microsoft.EventGrid/locations/topictypes/eventSubscriptions/read", - "providerDisplayName": "Microsoft Event Grid", - "providerName": "Microsoft.EventGrid" + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, { - "description": "Read a namespace", - "displayName": "Read Namespace", - "name": "Microsoft.EventGrid/namespaces/read", - "providerDisplayName": "Microsoft Event Grid", - "providerName": "Microsoft.EventGrid" - } - ], - "permittedDataActions": [ + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, { - "description": "Receive events from namespace topics", - "displayName": "Receive events", - "name": "Microsoft.EventGrid/events/receive/action", - "providerDisplayName": "Microsoft Event Grid", - "providerName": "Microsoft.EventGrid" + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Create or update an autoscale setting", + "displayName": "Create or update autoscale setting", + "name": "Microsoft.Insights/AutoscaleSettings/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" } ], + "permittedDataActions": [], "rawPermissions": [ { "actions": [ "Microsoft.Authorization/*/read", - "Microsoft.EventGrid/eventSubscriptions/read", - "Microsoft.EventGrid/topicTypes/eventSubscriptions/read", - "Microsoft.EventGrid/locations/eventSubscriptions/read", - "Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.EventGrid/namespaces/read" + "Microsoft.Resources/deployments/*", + "Microsoft.Insights/AutoscaleSettings/write" ], "condition": null, "conditionVersion": null, - "dataActions": [ - "Microsoft.EventGrid/events/receive/action" - ], + "dataActions": [], "notActions": [], "notDataActions": [] } @@ -1174212,46 +1174268,11 @@ ] }, { - "description": "View reviews for a workload and triage recommendations linked to them.", + "description": "Allows receive access to event grid events.", "hasExternal": false, "hasUnknown": false, - "name": "Advisor Reviews Contributor", + "name": "EventGrid Data Receiver", "permittedActions": [ - { - "description": "Read resiliencyReviews", - "displayName": "Reads resiliencyReviews", - "name": "Microsoft.Advisor/resiliencyReviews/read", - "providerDisplayName": "Microsoft Advisor", - "providerName": "Microsoft.Advisor" - }, - { - "description": "Read triageRecommendations", - "displayName": "Reads triageRecommendations", - "name": "Microsoft.Advisor/triageRecommendations/read", - "providerDisplayName": "Microsoft Advisor", - "providerName": "Microsoft.Advisor" - }, - { - "description": "Approve triageRecommendations", - "displayName": "Approves triageRecommendations", - "name": "Microsoft.Advisor/triageRecommendations/approve/action", - "providerDisplayName": "Microsoft Advisor", - "providerName": "Microsoft.Advisor" - }, - { - "description": "Reject triageRecommendations", - "displayName": "Rejects triageRecommendations", - "name": "Microsoft.Advisor/triageRecommendations/reject/action", - "providerDisplayName": "Microsoft Advisor", - "providerName": "Microsoft.Advisor" - }, - { - "description": "Reset triageRecommendations", - "displayName": "Resets triageRecommendations", - "name": "Microsoft.Advisor/triageRecommendations/reset/action", - "providerDisplayName": "Microsoft Advisor", - "providerName": "Microsoft.Advisor" - }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1174442,116 +1174463,32 @@ "providerName": "Microsoft.Authorization" }, { - "description": "Create or update a classic metric alert", - "displayName": "Create or update classic metric alert", - "name": "Microsoft.Insights/AlertRules/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Delete a classic metric alert", - "displayName": "Delete classic metric alert", - "name": "Microsoft.Insights/AlertRules/Delete", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert", - "displayName": "Read classic metric alert", - "name": "Microsoft.Insights/AlertRules/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert activated", - "displayName": "Classic metric alert activated", - "name": "Microsoft.Insights/AlertRules/Activated/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert resolved", - "displayName": "Classic metric alert resolved", - "name": "Microsoft.Insights/AlertRules/Resolved/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert rule throttled", - "displayName": "Classic metric alert rule throttled", - "name": "Microsoft.Insights/AlertRules/Throttled/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert incident", - "displayName": "Read classic metric alert incidents", - "name": "Microsoft.Insights/AlertRules/Incidents/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Read a eventSubscription", + "displayName": "Read EventSubscription", + "name": "Microsoft.EventGrid/eventSubscriptions/read", + "providerDisplayName": "Microsoft Event Grid", + "providerName": "Microsoft.EventGrid" }, { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "List global event subscriptions by topic type", + "displayName": "List global event subscriptions by topic type", + "name": "Microsoft.EventGrid/topictypes/eventSubscriptions/read", + "providerDisplayName": "Microsoft Event Grid", + "providerName": "Microsoft.EventGrid" }, { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "List regional event subscriptions", + "displayName": "List regional event subscriptions", + "name": "Microsoft.EventGrid/locations/eventSubscriptions/read", + "providerDisplayName": "Microsoft Event Grid", + "providerName": "Microsoft.EventGrid" }, { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "List regional event subscriptions by topictype", + "displayName": "List regional event subscriptions by topictype", + "name": "Microsoft.EventGrid/locations/topictypes/eventSubscriptions/read", + "providerDisplayName": "Microsoft Event Grid", + "providerName": "Microsoft.EventGrid" }, { "description": "Gets or lists resource groups.", @@ -1174559,71 +1174496,50 @@ "name": "Microsoft.Resources/subscriptions/resourceGroups/read", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" - } - ], - "permittedDataActions": [], - "rawPermissions": [ + }, { - "actions": [ - "Microsoft.Advisor/resiliencyReviews/read", - "Microsoft.Advisor/triageRecommendations/read", - "Microsoft.Advisor/triageRecommendations/approve/action", - "Microsoft.Advisor/triageRecommendations/reject/action", - "Microsoft.Advisor/triageRecommendations/reset/action", - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] + "description": "Read a namespace", + "displayName": "Read Namespace", + "name": "Microsoft.EventGrid/namespaces/read", + "providerDisplayName": "Microsoft Event Grid", + "providerName": "Microsoft.EventGrid" } - ] - }, - { - "description": "View reviews for a workload and recommendations linked to them.", - "hasExternal": false, - "hasUnknown": false, - "name": "Advisor Reviews Reader", - "permittedActions": [ - { - "description": "Read resiliencyReviews", - "displayName": "Reads resiliencyReviews", - "name": "Microsoft.Advisor/resiliencyReviews/read", - "providerDisplayName": "Microsoft Advisor", - "providerName": "Microsoft.Advisor" - }, + ], + "permittedDataActions": [ { - "description": "Read triageRecommendations", - "displayName": "Reads triageRecommendations", - "name": "Microsoft.Advisor/triageRecommendations/read", - "providerDisplayName": "Microsoft Advisor", - "providerName": "Microsoft.Advisor" + "description": "Receive events from namespace topics", + "displayName": "Receive events", + "name": "Microsoft.EventGrid/events/receive/action", + "providerDisplayName": "Microsoft Event Grid", + "providerName": "Microsoft.EventGrid" } ], - "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.Advisor/resiliencyReviews/read", - "Microsoft.Advisor/triageRecommendations/read" + "Microsoft.Authorization/*/read", + "Microsoft.EventGrid/eventSubscriptions/read", + "Microsoft.EventGrid/topicTypes/eventSubscriptions/read", + "Microsoft.EventGrid/locations/eventSubscriptions/read", + "Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.EventGrid/namespaces/read" ], "condition": null, "conditionVersion": null, - "dataActions": [], + "dataActions": [ + "Microsoft.EventGrid/events/receive/action" + ], "notActions": [], "notDataActions": [] } ] }, { - "description": "Can perform all actions required to create a resource deployment within a resource group.", + "description": "Built-in role that allows a Connected Cluster managed identity to call the checkAccess API", "hasExternal": false, "hasUnknown": false, - "name": "Azure AI Inference Deployment Operator", + "name": "Connected Cluster Managed Identity CheckAccess Reader", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1174813,85 +1174729,49 @@ "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", "providerDisplayName": "Microsoft Authorization", "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, + } + ], + "permittedDataActions": [], + "rawPermissions": [ { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, + "actions": [ + "Microsoft.Authorization/*/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "View reviews for a workload and recommendations linked to them.", + "hasExternal": false, + "hasUnknown": false, + "name": "Advisor Reviews Reader", + "permittedActions": [ { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Read resiliencyReviews", + "displayName": "Reads resiliencyReviews", + "name": "Microsoft.Advisor/resiliencyReviews/read", + "providerDisplayName": "Microsoft Advisor", + "providerName": "Microsoft.Advisor" }, { - "description": "Create or update an autoscale setting", - "displayName": "Create or update autoscale setting", - "name": "Microsoft.Insights/AutoscaleSettings/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Read triageRecommendations", + "displayName": "Reads triageRecommendations", + "name": "Microsoft.Advisor/triageRecommendations/read", + "providerDisplayName": "Microsoft Advisor", + "providerName": "Microsoft.Advisor" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Resources/deployments/*", - "Microsoft.Insights/AutoscaleSettings/write" + "Microsoft.Advisor/resiliencyReviews/read", + "Microsoft.Advisor/triageRecommendations/read" ], "condition": null, "conditionVersion": null, @@ -1174902,11 +1174782,46 @@ ] }, { - "description": "Built-in role that allows a Connected Cluster managed identity to call the checkAccess API", + "description": "View reviews for a workload and triage recommendations linked to them.", "hasExternal": false, "hasUnknown": false, - "name": "Connected Cluster Managed Identity CheckAccess Reader", + "name": "Advisor Reviews Contributor", "permittedActions": [ + { + "description": "Read resiliencyReviews", + "displayName": "Reads resiliencyReviews", + "name": "Microsoft.Advisor/resiliencyReviews/read", + "providerDisplayName": "Microsoft Advisor", + "providerName": "Microsoft.Advisor" + }, + { + "description": "Read triageRecommendations", + "displayName": "Reads triageRecommendations", + "name": "Microsoft.Advisor/triageRecommendations/read", + "providerDisplayName": "Microsoft Advisor", + "providerName": "Microsoft.Advisor" + }, + { + "description": "Approve triageRecommendations", + "displayName": "Approves triageRecommendations", + "name": "Microsoft.Advisor/triageRecommendations/approve/action", + "providerDisplayName": "Microsoft Advisor", + "providerName": "Microsoft.Advisor" + }, + { + "description": "Reject triageRecommendations", + "displayName": "Rejects triageRecommendations", + "name": "Microsoft.Advisor/triageRecommendations/reject/action", + "providerDisplayName": "Microsoft Advisor", + "providerName": "Microsoft.Advisor" + }, + { + "description": "Reset triageRecommendations", + "displayName": "Resets triageRecommendations", + "name": "Microsoft.Advisor/triageRecommendations/reset/action", + "providerDisplayName": "Microsoft Advisor", + "providerName": "Microsoft.Advisor" + }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1175095,13 +1175010,140 @@ "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", "providerDisplayName": "Microsoft Authorization", "providerName": "Microsoft.Authorization" + }, + { + "description": "Create or update a classic metric alert", + "displayName": "Create or update classic metric alert", + "name": "Microsoft.Insights/AlertRules/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Delete a classic metric alert", + "displayName": "Delete classic metric alert", + "name": "Microsoft.Insights/AlertRules/Delete", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert", + "displayName": "Read classic metric alert", + "name": "Microsoft.Insights/AlertRules/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert activated", + "displayName": "Classic metric alert activated", + "name": "Microsoft.Insights/AlertRules/Activated/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert resolved", + "displayName": "Classic metric alert resolved", + "name": "Microsoft.Insights/AlertRules/Resolved/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert rule throttled", + "displayName": "Classic metric alert rule throttled", + "name": "Microsoft.Insights/AlertRules/Throttled/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert incident", + "displayName": "Read classic metric alert incidents", + "name": "Microsoft.Insights/AlertRules/Incidents/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.Authorization/*/read" + "Microsoft.Advisor/resiliencyReviews/read", + "Microsoft.Advisor/triageRecommendations/read", + "Microsoft.Advisor/triageRecommendations/approve/action", + "Microsoft.Advisor/triageRecommendations/reject/action", + "Microsoft.Advisor/triageRecommendations/reset/action", + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, "conditionVersion": null, @@ -1177384,50 +1177426,6 @@ } ] }, - { - "description": "List cluster user credential action.", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Kubernetes Service Hybrid Cluster User Role", - "permittedActions": [ - { - "description": "Gets the Hybrid AKS provisioned cluster instance", - "displayName": "provisionedClusterInstances_Get", - "name": "Microsoft.HybridContainerService/provisionedClusterInstances/read", - "providerDisplayName": "Microsoft.HybridContainerService", - "providerName": "Microsoft.HybridContainerService" - }, - { - "description": "Lists the AAD user credentials of a provisioned cluster instance used only in direct mode.", - "displayName": "provisionedClusterInstances_ListUserKubeconfig", - "name": "Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action", - "providerDisplayName": "Microsoft.HybridContainerService", - "providerName": "Microsoft.HybridContainerService" - }, - { - "description": "Read connectedClusters", - "displayName": "Gets/List connectedClusters resources", - "name": "Microsoft.Kubernetes/connectedClusters/Read", - "providerDisplayName": "Microsoft.Kubernetes", - "providerName": "Microsoft.Kubernetes" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.HybridContainerService/provisionedClusterInstances/read", - "Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action", - "Microsoft.Kubernetes/connectedClusters/Read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "List cluster admin credential action.", "hasExternal": false, @@ -1177691,6 +1177689,50 @@ } ] }, + { + "description": "List cluster user credential action.", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Kubernetes Service Hybrid Cluster User Role", + "permittedActions": [ + { + "description": "Gets the Hybrid AKS provisioned cluster instance", + "displayName": "provisionedClusterInstances_Get", + "name": "Microsoft.HybridContainerService/provisionedClusterInstances/read", + "providerDisplayName": "Microsoft.HybridContainerService", + "providerName": "Microsoft.HybridContainerService" + }, + { + "description": "Lists the AAD user credentials of a provisioned cluster instance used only in direct mode.", + "displayName": "provisionedClusterInstances_ListUserKubeconfig", + "name": "Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action", + "providerDisplayName": "Microsoft.HybridContainerService", + "providerName": "Microsoft.HybridContainerService" + }, + { + "description": "Read connectedClusters", + "displayName": "Gets/List connectedClusters resources", + "name": "Microsoft.Kubernetes/connectedClusters/Read", + "providerDisplayName": "Microsoft.Kubernetes", + "providerName": "Microsoft.Kubernetes" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.HybridContainerService/provisionedClusterInstances/read", + "Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action", + "Microsoft.Kubernetes/connectedClusters/Read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Enclave Owner Role to access the resources of Microsoft.Mission stored with RPSAAS.", "hasExternal": false, @@ -1178233,25 +1178275,11 @@ ] }, { - "description": "Enclave Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.", + "description": "Community Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.", "hasExternal": false, "hasUnknown": true, - "name": "Enclave Contributor Role", + "name": "Community Reader Role", "permittedActions": [ - { - "description": "Register the subscription for Microsoft.Mission", - "displayName": "Register the Microsoft.Mission", - "name": "Microsoft.Mission/register/action", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" - }, - { - "description": "Unregister the subscription for Microsoft.Mission", - "displayName": "Unregister the Microsoft.Mission", - "name": "Microsoft.Mission/unregister/action", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" - }, { "description": "read OperationStatuses", "displayName": "read_OperationStatuses", @@ -1178259,13 +1178287,6 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, - { - "description": "write OperationStatuses", - "displayName": "write_OperationStatuses", - "name": "Microsoft.Mission/Locations/OperationStatuses/write", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" - }, { "description": "read Operations", "displayName": "read_Operations", @@ -1178302,9 +1178323,16 @@ "providerName": "Microsoft.Mission" }, { - "description": "Create a InternalConnection", - "displayName": "InternalConnections_CreateOrUpdate", - "name": "Microsoft.Mission/internalConnections/write", + "description": "List ExternalConnection resources by subscription ID", + "displayName": "ExternalConnections_ListBySubscription", + "name": "Microsoft.Mission/externalConnections/read", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" + }, + { + "description": "Get a ExternalConnection", + "displayName": "ExternalConnections_Get", + "name": "Microsoft.Mission/externalConnections/read", "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, @@ -1178322,13 +1178350,6 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, - { - "description": "Create a EnclaveResource", - "displayName": "VirtualEnclave_CreateOrUpdate", - "name": "Microsoft.Mission/virtualEnclaves/write", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" - }, { "description": "List EndpointResource resources by subscription ID", "displayName": "Endpoint_ListBySubscription", @@ -1178343,13 +1178364,6 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, - { - "description": "Create a EndpointResource", - "displayName": "Endpoint_CreateOrUpdate", - "name": "Microsoft.Mission/virtualEnclaves/endpoints/write", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" - }, { "description": "List WorkloadResource resources by subscription ID", "displayName": "Workload_ListBySubscription", @@ -1178364,13 +1178378,6 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, - { - "description": "Create a WorkloadResource", - "displayName": "Workload_CreateOrUpdate", - "name": "Microsoft.Mission/virtualEnclaves/workloads/write", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" - }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1178560,6 +1178567,20 @@ "providerDisplayName": "Microsoft Authorization", "providerName": "Microsoft.Authorization" }, + { + "description": "Create or update a classic metric alert", + "displayName": "Create or update classic metric alert", + "name": "Microsoft.Insights/AlertRules/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Delete a classic metric alert", + "displayName": "Delete classic metric alert", + "name": "Microsoft.Insights/AlertRules/Delete", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, { "description": "Read a classic metric alert", "displayName": "Read classic metric alert", @@ -1178567,6 +1178588,34 @@ "providerDisplayName": "Microsoft Azure Monitor", "providerName": "Microsoft.Insights" }, + { + "description": "Classic metric alert activated", + "displayName": "Classic metric alert activated", + "name": "Microsoft.Insights/AlertRules/Activated/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert resolved", + "displayName": "Classic metric alert resolved", + "name": "Microsoft.Insights/AlertRules/Resolved/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert rule throttled", + "displayName": "Classic metric alert rule throttled", + "name": "Microsoft.Insights/AlertRules/Throttled/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert incident", + "displayName": "Read classic metric alert incidents", + "name": "Microsoft.Insights/AlertRules/Incidents/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, { "description": "Gets or lists deployments.", "displayName": "Get Deployment", @@ -1178581,6 +1178630,55 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, { "description": "Gets the list of subscriptions.", "displayName": "Get Subscriptions", @@ -1178672,13 +1178770,6 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, - { - "description": "Create a EnclaveConnectionResource", - "displayName": "EnclaveConnection_CreateOrUpdate", - "name": "Microsoft.Mission/enclaveConnections/write", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" - }, { "description": "List EnclaveEndpointResource resources by subscription ID", "displayName": "EnclaveEndpoints_ListBySubscription", @@ -1178693,52 +1178784,30 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, - { - "description": "Create a EnclaveEndpointResource", - "displayName": "EnclaveEndpoints_CreateOrUpdate", - "name": "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" - }, { "description": "List ApprovalResource resources by parent", "displayName": "Approval_ListByParent", "name": "Microsoft.Mission/approvals/read", "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" - }, - { - "description": "Create a ApprovalResource", - "displayName": "Approval_CreateOrUpdate", - "name": "Microsoft.Mission/approvals/write", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.Mission/register/action", - "Microsoft.Mission/unregister/action", "Microsoft.Mission/Locations/OperationStatuses/read", - "Microsoft.Mission/Locations/OperationStatuses/write", "Microsoft.Mission/Operations/read", "Microsoft.Mission/catalogs/read", - "Microsoft.Mission/catalogs/write", "Microsoft.Mission/communities/read", "Microsoft.Mission/internalConnections/read", - "Microsoft.Mission/internalConnections/write", + "Microsoft.Mission/externalConnections/read", "Microsoft.Mission/virtualEnclaves/read", - "Microsoft.Mission/virtualEnclaves/write", "Microsoft.Mission/virtualEnclaves/endpoints/read", - "Microsoft.Mission/virtualEnclaves/endpoints/write", "Microsoft.Mission/virtualEnclaves/workloads/read", - "Microsoft.Mission/virtualEnclaves/workloads/write", "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/read", - "Microsoft.Resources/deployments/read", - "Microsoft.Resources/deployments/write", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/*", "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", @@ -1178749,11 +1178818,8 @@ "Microsoft.Mission/communities/communityEndpoints/read", "Microsoft.Mission/communities/transitHubs/read", "Microsoft.Mission/enclaveConnections/read", - "Microsoft.Mission/enclaveConnections/write", "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read", - "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write", - "Microsoft.Mission/approvals/read", - "Microsoft.Mission/approvals/write" + "Microsoft.Mission/approvals/read" ], "condition": null, "conditionVersion": null, @@ -1178764,11 +1178830,25 @@ ] }, { - "description": "Community Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.", + "description": "Enclave Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.", "hasExternal": false, "hasUnknown": true, - "name": "Community Reader Role", + "name": "Enclave Contributor Role", "permittedActions": [ + { + "description": "Register the subscription for Microsoft.Mission", + "displayName": "Register the Microsoft.Mission", + "name": "Microsoft.Mission/register/action", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" + }, + { + "description": "Unregister the subscription for Microsoft.Mission", + "displayName": "Unregister the Microsoft.Mission", + "name": "Microsoft.Mission/unregister/action", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" + }, { "description": "read OperationStatuses", "displayName": "read_OperationStatuses", @@ -1178776,6 +1178856,13 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, + { + "description": "write OperationStatuses", + "displayName": "write_OperationStatuses", + "name": "Microsoft.Mission/Locations/OperationStatuses/write", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" + }, { "description": "read Operations", "displayName": "read_Operations", @@ -1178812,16 +1178899,9 @@ "providerName": "Microsoft.Mission" }, { - "description": "List ExternalConnection resources by subscription ID", - "displayName": "ExternalConnections_ListBySubscription", - "name": "Microsoft.Mission/externalConnections/read", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" - }, - { - "description": "Get a ExternalConnection", - "displayName": "ExternalConnections_Get", - "name": "Microsoft.Mission/externalConnections/read", + "description": "Create a InternalConnection", + "displayName": "InternalConnections_CreateOrUpdate", + "name": "Microsoft.Mission/internalConnections/write", "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, @@ -1178839,6 +1178919,13 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, + { + "description": "Create a EnclaveResource", + "displayName": "VirtualEnclave_CreateOrUpdate", + "name": "Microsoft.Mission/virtualEnclaves/write", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" + }, { "description": "List EndpointResource resources by subscription ID", "displayName": "Endpoint_ListBySubscription", @@ -1178853,6 +1178940,13 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, + { + "description": "Create a EndpointResource", + "displayName": "Endpoint_CreateOrUpdate", + "name": "Microsoft.Mission/virtualEnclaves/endpoints/write", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" + }, { "description": "List WorkloadResource resources by subscription ID", "displayName": "Workload_ListBySubscription", @@ -1178867,6 +1178961,13 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, + { + "description": "Create a WorkloadResource", + "displayName": "Workload_CreateOrUpdate", + "name": "Microsoft.Mission/virtualEnclaves/workloads/write", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" + }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1179056,20 +1179157,6 @@ "providerDisplayName": "Microsoft Authorization", "providerName": "Microsoft.Authorization" }, - { - "description": "Create or update a classic metric alert", - "displayName": "Create or update classic metric alert", - "name": "Microsoft.Insights/AlertRules/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Delete a classic metric alert", - "displayName": "Delete classic metric alert", - "name": "Microsoft.Insights/AlertRules/Delete", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, { "description": "Read a classic metric alert", "displayName": "Read classic metric alert", @@ -1179077,34 +1179164,6 @@ "providerDisplayName": "Microsoft Azure Monitor", "providerName": "Microsoft.Insights" }, - { - "description": "Classic metric alert activated", - "displayName": "Classic metric alert activated", - "name": "Microsoft.Insights/AlertRules/Activated/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert resolved", - "displayName": "Classic metric alert resolved", - "name": "Microsoft.Insights/AlertRules/Resolved/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert rule throttled", - "displayName": "Classic metric alert rule throttled", - "name": "Microsoft.Insights/AlertRules/Throttled/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert incident", - "displayName": "Read classic metric alert incidents", - "name": "Microsoft.Insights/AlertRules/Incidents/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, { "description": "Gets or lists deployments.", "displayName": "Get Deployment", @@ -1179119,55 +1179178,6 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, { "description": "Gets the list of subscriptions.", "displayName": "Get Subscriptions", @@ -1179259,6 +1179269,13 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, + { + "description": "Create a EnclaveConnectionResource", + "displayName": "EnclaveConnection_CreateOrUpdate", + "name": "Microsoft.Mission/enclaveConnections/write", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" + }, { "description": "List EnclaveEndpointResource resources by subscription ID", "displayName": "EnclaveEndpoints_ListBySubscription", @@ -1179273,30 +1179290,52 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, + { + "description": "Create a EnclaveEndpointResource", + "displayName": "EnclaveEndpoints_CreateOrUpdate", + "name": "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" + }, { "description": "List ApprovalResource resources by parent", "displayName": "Approval_ListByParent", "name": "Microsoft.Mission/approvals/read", "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" + }, + { + "description": "Create a ApprovalResource", + "displayName": "Approval_CreateOrUpdate", + "name": "Microsoft.Mission/approvals/write", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ + "Microsoft.Mission/register/action", + "Microsoft.Mission/unregister/action", "Microsoft.Mission/Locations/OperationStatuses/read", + "Microsoft.Mission/Locations/OperationStatuses/write", "Microsoft.Mission/Operations/read", "Microsoft.Mission/catalogs/read", + "Microsoft.Mission/catalogs/write", "Microsoft.Mission/communities/read", "Microsoft.Mission/internalConnections/read", - "Microsoft.Mission/externalConnections/read", + "Microsoft.Mission/internalConnections/write", "Microsoft.Mission/virtualEnclaves/read", + "Microsoft.Mission/virtualEnclaves/write", "Microsoft.Mission/virtualEnclaves/endpoints/read", + "Microsoft.Mission/virtualEnclaves/endpoints/write", "Microsoft.Mission/virtualEnclaves/workloads/read", + "Microsoft.Mission/virtualEnclaves/workloads/write", "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/*", + "Microsoft.Insights/alertRules/read", + "Microsoft.Resources/deployments/read", + "Microsoft.Resources/deployments/write", "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", @@ -1179307,44 +1179346,11 @@ "Microsoft.Mission/communities/communityEndpoints/read", "Microsoft.Mission/communities/transitHubs/read", "Microsoft.Mission/enclaveConnections/read", + "Microsoft.Mission/enclaveConnections/write", "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read", - "Microsoft.Mission/approvals/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Allows management of Encryption Scopes on a Storage Account", - "hasExternal": false, - "hasUnknown": false, - "name": "Storage Account Encryption Scope Contributor Role", - "permittedActions": [ - { - "description": null, - "displayName": null, - "name": "Microsoft.Storage/storageAccounts/encryptionScopes/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": null, - "displayName": null, - "name": "Microsoft.Storage/storageAccounts/encryptionScopes/write", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Storage/storageAccounts/encryptionScopes/read", - "Microsoft.Storage/storageAccounts/encryptionScopes/write" + "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write", + "Microsoft.Mission/approvals/read", + "Microsoft.Mission/approvals/write" ], "condition": null, "conditionVersion": null, @@ -1179392,6 +1179398,42 @@ } ] }, + { + "description": "Allows management of Encryption Scopes on a Storage Account", + "hasExternal": false, + "hasUnknown": false, + "name": "Storage Account Encryption Scope Contributor Role", + "permittedActions": [ + { + "description": null, + "displayName": null, + "name": "Microsoft.Storage/storageAccounts/encryptionScopes/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": null, + "displayName": null, + "name": "Microsoft.Storage/storageAccounts/encryptionScopes/write", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Storage/storageAccounts/encryptionScopes/read", + "Microsoft.Storage/storageAccounts/encryptionScopes/write" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Release keys. Only works for key vaults that use the 'Azure role-based access control' permission model.", "hasExternal": false, @@ -1180189,52 +1180231,6 @@ } ] }, - { - "description": "Read real-time logs for Application Configuration Service in Azure Spring Apps", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Spring Apps Application Configuration Service Log Reader Role", - "permittedActions": [ - { - "description": "Get Azure Spring Apps service instance(s)", - "displayName": "Get the details of an Azure Spring Apps service instance", - "name": "Microsoft.AppPlatform/Spring/read", - "providerDisplayName": "Microsoft Azure Spring Apps", - "providerName": "Microsoft.AppPlatform" - }, - { - "description": "Get the Application Configuration Services for a specific Azure Spring Apps service instance", - "displayName": "Get Microsoft Azure Spring Apps Application Configuration Service", - "name": "Microsoft.AppPlatform/Spring/configurationServices/read", - "providerDisplayName": "Microsoft Azure Spring Apps", - "providerName": "Microsoft.AppPlatform" - } - ], - "permittedDataActions": [ - { - "description": "Read the streaming log of all subcomponents in Application Configuration Service from a specific Azure Spring Apps service instance", - "displayName": "Get the streaming log of Application Configuration Service from Microsoft Azure Spring Apps", - "name": "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action", - "providerDisplayName": "Microsoft Azure Spring Apps", - "providerName": "Microsoft.AppPlatform" - } - ], - "rawPermissions": [ - { - "actions": [ - "Microsoft.AppPlatform/Spring/read", - "Microsoft.AppPlatform/Spring/configurationServices/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action" - ], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Read real-time logs for Spring Cloud Gateway in Azure Spring Apps", "hasExternal": false, @@ -1180281,34 +1180277,6 @@ } ] }, - { - "description": "Grants you access to take actions as an on-site person to assist in the provisioning of an edge device", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Edge On-Site Deployment Engineer", - "permittedActions": [ - { - "description": "List or get the OrderItem", - "displayName": "List or Get OrderItem", - "name": "Microsoft.EdgeOrder/orderItems/read", - "providerDisplayName": "Edge Ordering", - "providerName": "Microsoft.EdgeOrder" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.EdgeOrder/orderItems/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Allows for access to Azure API Center data plane read operations.", "hasExternal": false, @@ -1180373,6 +1180341,80 @@ } ] }, + { + "description": "Read real-time logs for Application Configuration Service in Azure Spring Apps", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Spring Apps Application Configuration Service Log Reader Role", + "permittedActions": [ + { + "description": "Get Azure Spring Apps service instance(s)", + "displayName": "Get the details of an Azure Spring Apps service instance", + "name": "Microsoft.AppPlatform/Spring/read", + "providerDisplayName": "Microsoft Azure Spring Apps", + "providerName": "Microsoft.AppPlatform" + }, + { + "description": "Get the Application Configuration Services for a specific Azure Spring Apps service instance", + "displayName": "Get Microsoft Azure Spring Apps Application Configuration Service", + "name": "Microsoft.AppPlatform/Spring/configurationServices/read", + "providerDisplayName": "Microsoft Azure Spring Apps", + "providerName": "Microsoft.AppPlatform" + } + ], + "permittedDataActions": [ + { + "description": "Read the streaming log of all subcomponents in Application Configuration Service from a specific Azure Spring Apps service instance", + "displayName": "Get the streaming log of Application Configuration Service from Microsoft Azure Spring Apps", + "name": "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action", + "providerDisplayName": "Microsoft Azure Spring Apps", + "providerName": "Microsoft.AppPlatform" + } + ], + "rawPermissions": [ + { + "actions": [ + "Microsoft.AppPlatform/Spring/read", + "Microsoft.AppPlatform/Spring/configurationServices/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action" + ], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Grants you access to take actions as an on-site person to assist in the provisioning of an edge device", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Edge On-Site Deployment Engineer", + "permittedActions": [ + { + "description": "List or get the OrderItem", + "displayName": "List or Get OrderItem", + "name": "Microsoft.EdgeOrder/orderItems/read", + "providerDisplayName": "Edge Ordering", + "providerName": "Microsoft.EdgeOrder" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.EdgeOrder/orderItems/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "built-in role for azure impact-insight read access", "hasExternal": false, @@ -1180854,71 +1180896,239 @@ ] }, { - "description": "Enables permissions for the operator to manage and update the cloud controller managers deployed on top of OpenShift.", + "description": "Enables permissions for the operator to manage a singleton instance of the OpenShift image registry. It manages all configuration of the registry, including creating storage.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Red Hat OpenShift Cloud Controller Manager Role", + "name": "Azure Red Hat OpenShift Image Registry Operator Role", "permittedActions": [ { - "description": "Get the properties of a virtual machine", - "displayName": "Get Virtual Machine", - "name": "Microsoft.Compute/virtualMachines/read", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" + "description": "List blob services", + "displayName": "List Blob Services", + "name": "Microsoft.Storage/storageAccounts/blobServices/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" }, { - "description": "Gets a load balancer definition", - "displayName": "Get Load Balancer", - "name": "Microsoft.Network/loadBalancers/read", + "description": "Returns a container", + "displayName": "Get blob container", + "name": "Microsoft.Storage/storageAccounts/blobServices/containers/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Returns the result of patch blob container", + "displayName": "Patch blob container", + "name": "Microsoft.Storage/storageAccounts/blobServices/containers/write", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Returns a user delegation key for the blob service", + "displayName": "Generate a user delegation key", + "name": "Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Returns the list of storage accounts or gets the properties for the specified storage account.", + "displayName": "List/Get Storage Account(s)", + "name": "Microsoft.Storage/storageAccounts/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Creates a storage account with the specified parameters or update the properties or tags or adds custom domain for the specified storage account.", + "displayName": "Create/Update Storage Account", + "name": "Microsoft.Storage/storageAccounts/write", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Deletes an existing storage account.", + "displayName": "Delete Storage Account", + "name": "Microsoft.Storage/storageAccounts/delete", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Returns the access keys for the specified storage account.", + "displayName": "List Storage Account Keys", + "name": "Microsoft.Storage/storageAccounts/listkeys/action", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Updates the tags on a resource by replacing or merging existing tags with a new set of tags, or removing existing tags.", + "displayName": "Write tags", + "name": "Microsoft.Resources/tags/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + } + ], + "permittedDataActions": [ + { + "description": "Returns the result of deleting a blob", + "displayName": "Delete blob", + "name": "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Returns the result of writing a blob", + "displayName": "Write Blob", + "name": "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Returns a blob or a list of blobs", + "displayName": "Read Blob", + "name": "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Returns the result of adding blob content", + "displayName": "Add blob content", + "name": "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Moves the blob from one path to another", + "displayName": "Move blobs", + "name": "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + } + ], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Storage/storageAccounts/blobServices/read", + "Microsoft.Storage/storageAccounts/blobServices/containers/read", + "Microsoft.Storage/storageAccounts/blobServices/containers/write", + "Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action", + "Microsoft.Storage/storageAccounts/read", + "Microsoft.Storage/storageAccounts/write", + "Microsoft.Storage/storageAccounts/delete", + "Microsoft.Storage/storageAccounts/listKeys/action", + "Microsoft.Resources/tags/write" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete", + "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write", + "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read", + "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action", + "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action" + ], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "The ARO Operator is responsible for maintaining features, checks, and resources that are specific to an Azure Red Hat OpenShift cluster's continued functionality as a managed service. This includes, but is not limited to, machine management and health, network configuration, and monitoring.", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Red Hat OpenShift Service Operator Role", + "permittedActions": [ + { + "description": "Gets a virtual network subnet definition", + "displayName": "Get Virtual Network Subnet", + "name": "Microsoft.Network/virtualNetworks/subnets/read", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Creates a load balancer or updates an existing load balancer", - "displayName": "Create or Update Load Balancer", - "name": "Microsoft.Network/loadBalancers/write", + "description": "Creates a virtual network subnet or updates an existing virtual network subnet", + "displayName": "Create or Update Virtual Network Subnet", + "name": "Microsoft.Network/virtualNetworks/subnets/write", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Gets a network interface definition. ", - "displayName": "Get Network Interface", - "name": "Microsoft.Network/networkInterfaces/read", + "description": "Joins a NAT Gateway", + "displayName": "Join NAT Gateway", + "name": "Microsoft.Network/natGateways/join/action", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Gets a network security group definition", - "displayName": "Get Network Security Group", - "name": "Microsoft.Network/networkSecurityGroups/read", + "description": "Joins a route table. Not Alertable.", + "displayName": "Join Route Table.", + "name": "Microsoft.Network/routeTables/join/action", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Creates a network security group or updates an existing network security group", - "displayName": "Create or Update Network Security Group", - "name": "Microsoft.Network/networkSecurityGroups/write", + "description": "Joins a network security group. Not Alertable.", + "displayName": "Join Network Security Group.", + "name": "Microsoft.Network/networkSecurityGroups/join/action", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Joins a public ip address. Not Alertable.", - "displayName": "Join Public Ip Address.", - "name": "Microsoft.Network/publicIPAddresses/join/action", + "description": "Returns the access keys for the specified storage account.", + "displayName": "List Storage Account Keys", + "name": "Microsoft.Storage/storageAccounts/listkeys/action", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Returns the list of storage accounts or gets the properties for the specified storage account.", + "displayName": "List/Get Storage Account(s)", + "name": "Microsoft.Storage/storageAccounts/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Network/virtualNetworks/subnets/write", + "Microsoft.Network/natGateways/join/action", + "Microsoft.Network/routeTables/join/action", + "Microsoft.Network/networkSecurityGroups/join/action", + "Microsoft.Storage/storageAccounts/listKeys/action", + "Microsoft.Storage/storageAccounts/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Enables permissions to install and upgrade the networking components on an OpenShift cluster.", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Red Hat OpenShift Network Operator Role", + "permittedActions": [ + { + "description": "Gets a network interface definition. ", + "displayName": "Get Network Interface", + "name": "Microsoft.Network/networkInterfaces/read", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Gets a public ip address definition.", - "displayName": "Get Public Ip Address", - "name": "Microsoft.Network/publicIPAddresses/read", + "description": "Creates a network interface or updates an existing network interface. ", + "displayName": "Create or Update Network Interface", + "name": "Microsoft.Network/networkInterfaces/write", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Creates a public Ip address or updates an existing public Ip address. ", - "displayName": "Create or Update Public Ip Address", - "name": "Microsoft.Network/publicIPAddresses/write", + "description": "Get the virtual network definition", + "displayName": "Get Virtual Network", + "name": "Microsoft.Network/virtualNetworks/read", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, @@ -1180929,13 +1181139,6 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, - { - "description": "Gets a virtual network subnet definition", - "displayName": "Get Virtual Network Subnet", - "name": "Microsoft.Network/virtualNetworks/subnets/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, { "description": "Joins a load balancer backend address pool. Not Alertable.", "displayName": "Join Load Balancer Backend Address Pool.", @@ -1180944,30 +1181147,23 @@ "providerName": "Microsoft.Network" }, { - "description": "Creates a network interface or updates an existing network interface. ", - "displayName": "Create or Update Network Interface", - "name": "Microsoft.Network/networkInterfaces/write", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" + "description": "Get the properties of a virtual machine", + "displayName": "Get Virtual Machine", + "name": "Microsoft.Compute/virtualMachines/read", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.Compute/virtualMachines/read", - "Microsoft.Network/loadBalancers/read", - "Microsoft.Network/loadBalancers/write", "Microsoft.Network/networkInterfaces/read", - "Microsoft.Network/networkSecurityGroups/read", - "Microsoft.Network/networkSecurityGroups/write", - "Microsoft.Network/publicIPAddresses/join/action", - "Microsoft.Network/publicIPAddresses/read", - "Microsoft.Network/publicIPAddresses/write", + "Microsoft.Network/networkInterfaces/write", + "Microsoft.Network/virtualNetworks/read", "Microsoft.Network/virtualNetworks/subnets/join/action", - "Microsoft.Network/virtualNetworks/subnets/read", "Microsoft.Network/loadBalancers/backendAddressPools/join/action", - "Microsoft.Network/networkInterfaces/write" + "Microsoft.Compute/virtualMachines/read" ], "condition": null, "conditionVersion": null, @@ -1181110,64 +1181306,48 @@ ] }, { - "description": "Enables permissions to install and upgrade the networking components on an OpenShift cluster.", + "description": "Enables permissions for the operator to configure and manage the OpenShift router.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Red Hat OpenShift Network Operator Role", + "name": "Azure Red Hat OpenShift Cluster Ingress Operator Role", "permittedActions": [ { - "description": "Gets a network interface definition. ", - "displayName": "Get Network Interface", - "name": "Microsoft.Network/networkInterfaces/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Creates a network interface or updates an existing network interface. ", - "displayName": "Create or Update Network Interface", - "name": "Microsoft.Network/networkInterfaces/write", + "description": "Remove the record set of a given name and type \u2018A\u2019 from a DNS zone.", + "displayName": "Delete record set of type A", + "name": "Microsoft.Network/dnszones/A/delete", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Get the virtual network definition", - "displayName": "Get Virtual Network", - "name": "Microsoft.Network/virtualNetworks/read", + "description": "Create or update a record set of type \u2018A\u2019 within a DNS zone. The records specified will replace the current records in the record set.", + "displayName": "Create or update record set of type A", + "name": "Microsoft.Network/dnszones/A/write", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Joins a virtual network. Not Alertable.", - "displayName": "Join Virtual Network.", - "name": "Microsoft.Network/virtualNetworks/subnets/join/action", + "description": "Remove the record set of a given name and type \u2018A\u2019 from a Private DNS zone.", + "displayName": "Delete record set of type A", + "name": "Microsoft.Network/privateDnsZones/A/delete", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Joins a load balancer backend address pool. Not Alertable.", - "displayName": "Join Load Balancer Backend Address Pool.", - "name": "Microsoft.Network/loadBalancers/backendAddressPools/join/action", + "description": "Create or update a record set of type \u2018A\u2019 within a Private DNS zone. The records specified will replace the current records in the record set.", + "displayName": "Create or update record set of type A", + "name": "Microsoft.Network/privateDnsZones/A/write", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" - }, - { - "description": "Get the properties of a virtual machine", - "displayName": "Get Virtual Machine", - "name": "Microsoft.Compute/virtualMachines/read", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.Network/networkInterfaces/read", - "Microsoft.Network/networkInterfaces/write", - "Microsoft.Network/virtualNetworks/read", - "Microsoft.Network/virtualNetworks/subnets/join/action", - "Microsoft.Network/loadBalancers/backendAddressPools/join/action", - "Microsoft.Compute/virtualMachines/read" + "Microsoft.Network/dnsZones/A/delete", + "Microsoft.Network/dnsZones/A/write", + "Microsoft.Network/privateDnsZones/A/delete", + "Microsoft.Network/privateDnsZones/A/write" ], "condition": null, "conditionVersion": null, @@ -1181177,140 +1181357,6 @@ } ] }, - { - "description": "Enables permissions for the operator to manage a singleton instance of the OpenShift image registry. It manages all configuration of the registry, including creating storage.", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Red Hat OpenShift Image Registry Operator Role", - "permittedActions": [ - { - "description": "List blob services", - "displayName": "List Blob Services", - "name": "Microsoft.Storage/storageAccounts/blobServices/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Returns a container", - "displayName": "Get blob container", - "name": "Microsoft.Storage/storageAccounts/blobServices/containers/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Returns the result of patch blob container", - "displayName": "Patch blob container", - "name": "Microsoft.Storage/storageAccounts/blobServices/containers/write", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Returns a user delegation key for the blob service", - "displayName": "Generate a user delegation key", - "name": "Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Returns the list of storage accounts or gets the properties for the specified storage account.", - "displayName": "List/Get Storage Account(s)", - "name": "Microsoft.Storage/storageAccounts/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Creates a storage account with the specified parameters or update the properties or tags or adds custom domain for the specified storage account.", - "displayName": "Create/Update Storage Account", - "name": "Microsoft.Storage/storageAccounts/write", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Deletes an existing storage account.", - "displayName": "Delete Storage Account", - "name": "Microsoft.Storage/storageAccounts/delete", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Returns the access keys for the specified storage account.", - "displayName": "List Storage Account Keys", - "name": "Microsoft.Storage/storageAccounts/listkeys/action", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Updates the tags on a resource by replacing or merging existing tags with a new set of tags, or removing existing tags.", - "displayName": "Write tags", - "name": "Microsoft.Resources/tags/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - } - ], - "permittedDataActions": [ - { - "description": "Returns the result of deleting a blob", - "displayName": "Delete blob", - "name": "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Returns the result of writing a blob", - "displayName": "Write Blob", - "name": "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Returns a blob or a list of blobs", - "displayName": "Read Blob", - "name": "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Returns the result of adding blob content", - "displayName": "Add blob content", - "name": "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Moves the blob from one path to another", - "displayName": "Move blobs", - "name": "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - } - ], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Storage/storageAccounts/blobServices/read", - "Microsoft.Storage/storageAccounts/blobServices/containers/read", - "Microsoft.Storage/storageAccounts/blobServices/containers/write", - "Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action", - "Microsoft.Storage/storageAccounts/read", - "Microsoft.Storage/storageAccounts/write", - "Microsoft.Storage/storageAccounts/delete", - "Microsoft.Storage/storageAccounts/listKeys/action", - "Microsoft.Resources/tags/write" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete", - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write", - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read", - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action", - "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action" - ], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Enables permissions to set OpenShift cluster-wide storage defaults. It ensures a default storageclass exists for clusters. It also installs Container Storage Interface (CSI) drivers which enable your cluster to use Azure Files.", "hasExternal": false, @@ -1181420,72 +1181466,120 @@ ] }, { - "description": "The ARO Operator is responsible for maintaining features, checks, and resources that are specific to an Azure Red Hat OpenShift cluster's continued functionality as a managed service. This includes, but is not limited to, machine management and health, network configuration, and monitoring.", + "description": "Enables permissions for the operator to manage and update the cloud controller managers deployed on top of OpenShift.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Red Hat OpenShift Service Operator Role", + "name": "Azure Red Hat OpenShift Cloud Controller Manager Role", "permittedActions": [ { - "description": "Gets a virtual network subnet definition", - "displayName": "Get Virtual Network Subnet", - "name": "Microsoft.Network/virtualNetworks/subnets/read", + "description": "Get the properties of a virtual machine", + "displayName": "Get Virtual Machine", + "name": "Microsoft.Compute/virtualMachines/read", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Gets a load balancer definition", + "displayName": "Get Load Balancer", + "name": "Microsoft.Network/loadBalancers/read", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Creates a virtual network subnet or updates an existing virtual network subnet", - "displayName": "Create or Update Virtual Network Subnet", - "name": "Microsoft.Network/virtualNetworks/subnets/write", + "description": "Creates a load balancer or updates an existing load balancer", + "displayName": "Create or Update Load Balancer", + "name": "Microsoft.Network/loadBalancers/write", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Joins a NAT Gateway", - "displayName": "Join NAT Gateway", - "name": "Microsoft.Network/natGateways/join/action", + "description": "Gets a network interface definition. ", + "displayName": "Get Network Interface", + "name": "Microsoft.Network/networkInterfaces/read", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Joins a route table. Not Alertable.", - "displayName": "Join Route Table.", - "name": "Microsoft.Network/routeTables/join/action", + "description": "Gets a network security group definition", + "displayName": "Get Network Security Group", + "name": "Microsoft.Network/networkSecurityGroups/read", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Joins a network security group. Not Alertable.", - "displayName": "Join Network Security Group.", - "name": "Microsoft.Network/networkSecurityGroups/join/action", + "description": "Creates a network security group or updates an existing network security group", + "displayName": "Create or Update Network Security Group", + "name": "Microsoft.Network/networkSecurityGroups/write", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Returns the access keys for the specified storage account.", - "displayName": "List Storage Account Keys", - "name": "Microsoft.Storage/storageAccounts/listkeys/action", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" + "description": "Joins a public ip address. Not Alertable.", + "displayName": "Join Public Ip Address.", + "name": "Microsoft.Network/publicIPAddresses/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" }, { - "description": "Returns the list of storage accounts or gets the properties for the specified storage account.", - "displayName": "List/Get Storage Account(s)", - "name": "Microsoft.Storage/storageAccounts/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" + "description": "Gets a public ip address definition.", + "displayName": "Get Public Ip Address", + "name": "Microsoft.Network/publicIPAddresses/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Creates a public Ip address or updates an existing public Ip address. ", + "displayName": "Create or Update Public Ip Address", + "name": "Microsoft.Network/publicIPAddresses/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Joins a virtual network. Not Alertable.", + "displayName": "Join Virtual Network.", + "name": "Microsoft.Network/virtualNetworks/subnets/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets a virtual network subnet definition", + "displayName": "Get Virtual Network Subnet", + "name": "Microsoft.Network/virtualNetworks/subnets/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Joins a load balancer backend address pool. Not Alertable.", + "displayName": "Join Load Balancer Backend Address Pool.", + "name": "Microsoft.Network/loadBalancers/backendAddressPools/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Creates a network interface or updates an existing network interface. ", + "displayName": "Create or Update Network Interface", + "name": "Microsoft.Network/networkInterfaces/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ + "Microsoft.Compute/virtualMachines/read", + "Microsoft.Network/loadBalancers/read", + "Microsoft.Network/loadBalancers/write", + "Microsoft.Network/networkInterfaces/read", + "Microsoft.Network/networkSecurityGroups/read", + "Microsoft.Network/networkSecurityGroups/write", + "Microsoft.Network/publicIPAddresses/join/action", + "Microsoft.Network/publicIPAddresses/read", + "Microsoft.Network/publicIPAddresses/write", + "Microsoft.Network/virtualNetworks/subnets/join/action", "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/virtualNetworks/subnets/write", - "Microsoft.Network/natGateways/join/action", - "Microsoft.Network/routeTables/join/action", - "Microsoft.Network/networkSecurityGroups/join/action", - "Microsoft.Storage/storageAccounts/listKeys/action", - "Microsoft.Storage/storageAccounts/read" + "Microsoft.Network/loadBalancers/backendAddressPools/join/action", + "Microsoft.Network/networkInterfaces/write" ], "condition": null, "conditionVersion": null, @@ -1181771,58 +1181865,6 @@ } ] }, - { - "description": "Enables permissions for the operator to configure and manage the OpenShift router.", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Red Hat OpenShift Cluster Ingress Operator Role", - "permittedActions": [ - { - "description": "Remove the record set of a given name and type \u2018A\u2019 from a DNS zone.", - "displayName": "Delete record set of type A", - "name": "Microsoft.Network/dnszones/A/delete", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Create or update a record set of type \u2018A\u2019 within a DNS zone. The records specified will replace the current records in the record set.", - "displayName": "Create or update record set of type A", - "name": "Microsoft.Network/dnszones/A/write", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Remove the record set of a given name and type \u2018A\u2019 from a Private DNS zone.", - "displayName": "Delete record set of type A", - "name": "Microsoft.Network/privateDnsZones/A/delete", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Create or update a record set of type \u2018A\u2019 within a Private DNS zone. The records specified will replace the current records in the record set.", - "displayName": "Create or update record set of type A", - "name": "Microsoft.Network/privateDnsZones/A/write", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Network/dnsZones/A/delete", - "Microsoft.Network/dnsZones/A/write", - "Microsoft.Network/privateDnsZones/A/delete", - "Microsoft.Network/privateDnsZones/A/write" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Allows user read and write access to Azure Sphere resources and RBAC configuration, includes an ABAC condition to constrain role assignments.", "hasExternal": false, @@ -1182835,6 +1182877,288 @@ } ] }, + { + "description": "Read GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.", + "hasExternal": false, + "hasUnknown": false, + "name": "GroupQuota Reader", + "permittedActions": [ + { + "description": "Reads the administrators for the subscription.", + "displayName": "Get administrator", + "name": "Microsoft.Authorization/classicAdministrators/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role assignment.", + "displayName": "Get role assignment", + "name": "Microsoft.Authorization/roleAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Lists all the permissions the caller has at a given scope.", + "displayName": "List permissions", + "name": "Microsoft.Authorization/permissions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets locks at the specified scope.", + "displayName": "Get management locks", + "name": "Microsoft.Authorization/locks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role definition.", + "displayName": "Get role definition", + "name": "Microsoft.Authorization/roleDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get operations for all resource providers which can be used in role definitions.", + "displayName": "Get operations for resource providers", + "name": "Microsoft.Authorization/providerOperations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy set definition.", + "displayName": "Get policy set definition", + "name": "Microsoft.Authorization/policySetDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy definition.", + "displayName": "Get policy definition", + "name": "Microsoft.Authorization/policyDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy assignment.", + "displayName": "Get policy assignment", + "name": "Microsoft.Authorization/policyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the list of operations", + "displayName": "Get operations", + "name": "Microsoft.Authorization/operations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the administrator opreation statuses of the subscription.", + "displayName": "Get administrator operation statuses", + "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a deny assignment.", + "displayName": "Get deny assignment", + "name": "Microsoft.Authorization/denyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about resource management private link.", + "displayName": "Get Resource Management Private Link", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection proxy.", + "displayName": "Get Private Endpoint Connection Proxy", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private link association.", + "displayName": "Get Private Link Association", + "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy exemption.", + "displayName": "Get policy exemption", + "name": "Microsoft.Authorization/policyExemptions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule requests at given scope.", + "displayName": "Get Role assignment schedule request", + "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule requests at given scope.", + "displayName": "Get Role eligibility schedule request", + "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedules at given scope.", + "displayName": "Get Role assignment schedule", + "name": "Microsoft.Authorization/roleAssignmentSchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedules at given scope.", + "displayName": "Get Role eligibility schedule", + "name": "Microsoft.Authorization/roleEligibilitySchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule instances at given scope.", + "displayName": "Get Role assignment schedule instance", + "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule instances at given scope.", + "displayName": "Get Role eligibility schedule instance", + "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get Role management policies", + "displayName": "Get Role management policy", + "name": "Microsoft.Authorization/roleManagementPolicies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get role management policy assignments", + "displayName": "Get Role management policy assignment", + "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Read the information about diagnostics settings", + "displayName": "Get information about diagnostics settings", + "name": "Microsoft.Authorization/diagnosticSettings/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get the information about diagnostic settings categories", + "displayName": "Read the information about diagnostic settings categories", + "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Read a classic metric alert", + "displayName": "Read classic metric alert", + "name": "Microsoft.Insights/AlertRules/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Get the current Service limit or quota of the specified resource", + "displayName": "Get resource Quota limit", + "name": "Microsoft.Quota/quotas/read", + "providerDisplayName": "Microsoft.Quota", + "providerName": "Microsoft.Quota" + }, + { + "description": "Get the usages for resource providers", + "displayName": "Get the usages for providers", + "name": "Microsoft.Quota/usages/read", + "providerDisplayName": "Microsoft.Quota", + "providerName": "Microsoft.Quota" + }, + { + "description": "Get any service limit request for the specified resource", + "displayName": "Get Quota limit request", + "name": "Microsoft.Quota/quotaRequests/read", + "providerDisplayName": "Microsoft.Quota", + "providerName": "Microsoft.Quota" + }, + { + "description": "Register the subscription with Microsoft.Quota Resource Provider", + "displayName": "Register the subscription with Microsoft.Quota Resource Provider", + "name": "Microsoft.Quota/register/action", + "providerDisplayName": "Microsoft.Quota", + "providerName": "Microsoft.Quota" + }, + { + "description": "Get the GroupQuota", + "displayName": "Get GroupQuota resource", + "name": "Microsoft.Quota/groupQuotas/read", + "providerDisplayName": "Microsoft.Quota", + "providerName": "Microsoft.Quota" + }, + { + "description": "Get the GroupQuota subscriptions", + "displayName": "Get GroupQuota subscriptions", + "name": "Microsoft.Quota/groupQuotas/subscriptions/read", + "providerDisplayName": "Microsoft.Quota", + "providerName": "Microsoft.Quota" + }, + { + "description": "Get the current GroupQuota of the specified resource", + "displayName": "Get GroupQuota resource Quota limit", + "name": "Microsoft.Quota/groupQuotas/groupQuotaLimits/read", + "providerDisplayName": "Microsoft.Quota", + "providerName": "Microsoft.Quota" + }, + { + "description": "Get the current GroupQuota to Subscription Quota allocation", + "displayName": "Get GroupQuota to Subscription Quota allocation", + "name": "Microsoft.Quota/groupQuotas/quotaAllocations/read", + "providerDisplayName": "Microsoft.Quota", + "providerName": "Microsoft.Quota" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/read", + "MICROSOFT.QUOTA/QUOTAS/READ", + "MICROSOFT.QUOTA/USAGES/READ", + "MICROSOFT.QUOTA/QUOTAREQUESTS/READ", + "MICROSOFT.QUOTA/REGISTER/ACTION", + "Microsoft.Quota/GROUPQUOTAS/READ", + "Microsoft.Quota/GROUPQUOTAS/subscriptions/READ", + "Microsoft.Quota/GROUPQUOTAS/groupQuotaLimits/READ", + "Microsoft.Quota/GROUPQUOTAS/quotaAllocations/READ" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Read and create GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.", "hasExternal": false, @@ -1183151,288 +1183475,6 @@ } ] }, - { - "description": "Read GroupQuota requests, get GroupQuota request status, and get groupQuotaLimits.", - "hasExternal": false, - "hasUnknown": false, - "name": "GroupQuota Reader", - "permittedActions": [ - { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Read a classic metric alert", - "displayName": "Read classic metric alert", - "name": "Microsoft.Insights/AlertRules/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Get the current Service limit or quota of the specified resource", - "displayName": "Get resource Quota limit", - "name": "Microsoft.Quota/quotas/read", - "providerDisplayName": "Microsoft.Quota", - "providerName": "Microsoft.Quota" - }, - { - "description": "Get the usages for resource providers", - "displayName": "Get the usages for providers", - "name": "Microsoft.Quota/usages/read", - "providerDisplayName": "Microsoft.Quota", - "providerName": "Microsoft.Quota" - }, - { - "description": "Get any service limit request for the specified resource", - "displayName": "Get Quota limit request", - "name": "Microsoft.Quota/quotaRequests/read", - "providerDisplayName": "Microsoft.Quota", - "providerName": "Microsoft.Quota" - }, - { - "description": "Register the subscription with Microsoft.Quota Resource Provider", - "displayName": "Register the subscription with Microsoft.Quota Resource Provider", - "name": "Microsoft.Quota/register/action", - "providerDisplayName": "Microsoft.Quota", - "providerName": "Microsoft.Quota" - }, - { - "description": "Get the GroupQuota", - "displayName": "Get GroupQuota resource", - "name": "Microsoft.Quota/groupQuotas/read", - "providerDisplayName": "Microsoft.Quota", - "providerName": "Microsoft.Quota" - }, - { - "description": "Get the GroupQuota subscriptions", - "displayName": "Get GroupQuota subscriptions", - "name": "Microsoft.Quota/groupQuotas/subscriptions/read", - "providerDisplayName": "Microsoft.Quota", - "providerName": "Microsoft.Quota" - }, - { - "description": "Get the current GroupQuota of the specified resource", - "displayName": "Get GroupQuota resource Quota limit", - "name": "Microsoft.Quota/groupQuotas/groupQuotaLimits/read", - "providerDisplayName": "Microsoft.Quota", - "providerName": "Microsoft.Quota" - }, - { - "description": "Get the current GroupQuota to Subscription Quota allocation", - "displayName": "Get GroupQuota to Subscription Quota allocation", - "name": "Microsoft.Quota/groupQuotas/quotaAllocations/read", - "providerDisplayName": "Microsoft.Quota", - "providerName": "Microsoft.Quota" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/read", - "MICROSOFT.QUOTA/QUOTAS/READ", - "MICROSOFT.QUOTA/USAGES/READ", - "MICROSOFT.QUOTA/QUOTAREQUESTS/READ", - "MICROSOFT.QUOTA/REGISTER/ACTION", - "Microsoft.Quota/GROUPQUOTAS/READ", - "Microsoft.Quota/GROUPQUOTAS/subscriptions/READ", - "Microsoft.Quota/GROUPQUOTAS/groupQuotaLimits/READ", - "Microsoft.Quota/GROUPQUOTAS/quotaAllocations/READ" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Provide access to Smart Boundary Solution by Bayer Ag Powered Services", "hasExternal": false, @@ -1184767,16 +1184809,16 @@ ] }, { - "description": "Users with editor access can sign in, view and edit all the bot resources, scenarios and configuration setting except for the bot instance keys & secrets and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs). A read-only access to the bot skills and channels.", + "description": "Users with reader access can sign in, have read-only access to the bot resources, scenarios and configuration setting except for the bot instance keys & secrets (including Authentication, Data Connection and Channels keys) and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs).", "hasExternal": false, "hasUnknown": false, - "name": "Health Bot Editor", + "name": "Health Bot Reader", "permittedActions": [], "permittedDataActions": [ { - "description": "Sign in to the management portal, view and edit all the bot resources, scenarios and configuration settings except for the bot instance keys & secrets and the end-user inputs. Read-only access to the bot skills and channels.", - "displayName": "Healthbot configuration editor", - "name": "Microsoft.HealthBot/healthBots/Editor/Action", + "description": "Sign in to the management portal, with read-only access to resources, scenarios and configuration settings except for the bot instance keys & secrets and the end-user inputs.", + "displayName": "Healthbot configuration reader", + "name": "Microsoft.HealthBot/healthBots/Reader/Action", "providerDisplayName": "Microsoft.HealthBot", "providerName": "Microsoft.HealthBot" } @@ -1184787,7 +1184829,7 @@ "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.HealthBot/healthBots/Editor/Action" + "Microsoft.HealthBot/healthBots/Reader/Action" ], "notActions": [], "notDataActions": [] @@ -1184795,16 +1184837,16 @@ ] }, { - "description": "Users with reader access can sign in, have read-only access to the bot resources, scenarios and configuration setting except for the bot instance keys & secrets (including Authentication, Data Connection and Channels keys) and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs).", + "description": "Users with admin access can sign in, view and edit all of the bot resources, scenarios and configuration setting including the bot instance keys & secrets.", "hasExternal": false, "hasUnknown": false, - "name": "Health Bot Reader", + "name": "Health Bot Admin", "permittedActions": [], "permittedDataActions": [ { - "description": "Sign in to the management portal, with read-only access to resources, scenarios and configuration settings except for the bot instance keys & secrets and the end-user inputs.", - "displayName": "Healthbot configuration reader", - "name": "Microsoft.HealthBot/healthBots/Reader/Action", + "description": "Sign in to the management portal, view and edit all of the bot resources, scenarios, configuration settings, instance keys & secrets.", + "displayName": "Healthbot configuration admin", + "name": "Microsoft.HealthBot/healthBots/Admin/Action", "providerDisplayName": "Microsoft.HealthBot", "providerName": "Microsoft.HealthBot" } @@ -1184815,7 +1184857,35 @@ "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.HealthBot/healthBots/Reader/Action" + "Microsoft.HealthBot/healthBots/Admin/Action" + ], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Users with editor access can sign in, view and edit all the bot resources, scenarios and configuration setting except for the bot instance keys & secrets and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs). A read-only access to the bot skills and channels.", + "hasExternal": false, + "hasUnknown": false, + "name": "Health Bot Editor", + "permittedActions": [], + "permittedDataActions": [ + { + "description": "Sign in to the management portal, view and edit all the bot resources, scenarios and configuration settings except for the bot instance keys & secrets and the end-user inputs. Read-only access to the bot skills and channels.", + "displayName": "Healthbot configuration editor", + "name": "Microsoft.HealthBot/healthBots/Editor/Action", + "providerDisplayName": "Microsoft.HealthBot", + "providerName": "Microsoft.HealthBot" + } + ], + "rawPermissions": [ + { + "actions": [], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.HealthBot/healthBots/Editor/Action" ], "notActions": [], "notDataActions": [] @@ -1185115,34 +1185185,6 @@ } ] }, - { - "description": "Users with admin access can sign in, view and edit all of the bot resources, scenarios and configuration setting including the bot instance keys & secrets.", - "hasExternal": false, - "hasUnknown": false, - "name": "Health Bot Admin", - "permittedActions": [], - "permittedDataActions": [ - { - "description": "Sign in to the management portal, view and edit all of the bot resources, scenarios, configuration settings, instance keys & secrets.", - "displayName": "Healthbot configuration admin", - "name": "Microsoft.HealthBot/healthBots/Admin/Action", - "providerDisplayName": "Microsoft.HealthBot", - "providerName": "Microsoft.HealthBot" - } - ], - "rawPermissions": [ - { - "actions": [], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.HealthBot/healthBots/Admin/Action" - ], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Can approve private endpoint connections to Azure AI common dependency resources", "hasExternal": false, @@ -1189476,6 +1189518,155 @@ } ] }, + { + "description": "Allows managing API compliance in Azure API Center service.", + "hasExternal": false, + "hasUnknown": true, + "name": "Azure API Center Compliance Manager", + "permittedActions": [ + { + "description": "Returns the details of the specified API.", + "displayName": "Get API", + "name": "Microsoft.ApiCenter/services/workspaces/apis/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Returns the details of the specified API version.", + "displayName": "Get Api version", + "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Returns paginated collection of metadataSchemas.", + "displayName": "List metadataSchemas", + "name": "Microsoft.ApiCenter/services/metadataSchemas/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Checks if specified metadataSchema exists", + "displayName": "Checks metadataSchema exists", + "name": "Microsoft.ApiCenter/services/metadataSchemas/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Returns paginated collection of workspaces.", + "displayName": "List workspaces", + "name": "Microsoft.ApiCenter/services/workspaces/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Checks if specified workspace exists", + "displayName": "Checks workspace exists", + "name": "Microsoft.ApiCenter/services/workspaces/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Returns the details of the specified API definition.", + "displayName": "Get API definition", + "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Returns the details of the specified API deployment.", + "displayName": "Get API Deployment", + "name": "Microsoft.ApiCenter/services/workspaces/apis/deployments/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Checks status of individual import operation", + "displayName": "Import API definition status check", + "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/operationResults/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Checks status of a long running operation", + "displayName": "Operation result status check", + "name": "Microsoft.ApiCenter/services/operationResults/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Returns paginated collection of the Event Grid filters.", + "displayName": "List Event Grid filter", + "name": "Microsoft.ApiCenter/services/eventGridFilters/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Returns analysis report for specified API definition.", + "displayName": "Get API definition analysis report", + "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/analysisResults/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Get a certain analysis report of an API Center instance", + "displayName": "Read analysis report of an API Center instance", + "name": "Microsoft.ApiCenter/services/analysisReports/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "List API Sources inside a catalog.", + "displayName": "List API sources", + "name": "Microsoft.ApiCenter/services/workspaces/apiSources/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Returns the details of the specified analyzer configuration.", + "displayName": "Get analyzer configuration", + "name": "Microsoft.ApiCenter/services/workspaces/analyzerConfigs/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Checks status of individual import ruleset operation", + "displayName": "Import ruleset status check", + "name": "Microsoft.ApiCenter/services/workspaces/analyzerConfigs/operationResults/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Get analysis executions of a particular analyzer configuration", + "displayName": "Read analysis executions of a particular analyzer configuration", + "name": "Microsoft.ApiCenter/services/workspaces/analyzerConfig/analysisExecutions/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Updates analysis results for specified API definition.", + "displayName": "Update API definition analysis state", + "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.ApiCenter/services/*/read", + "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action", + "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Allows read-only access to Azure API Center service.", "hasExternal": false, @@ -1189937,280 +1190128,6 @@ } ] }, - { - "description": "Allows managing API compliance in Azure API Center service.", - "hasExternal": false, - "hasUnknown": true, - "name": "Azure API Center Compliance Manager", - "permittedActions": [ - { - "description": "Returns the details of the specified API.", - "displayName": "Get API", - "name": "Microsoft.ApiCenter/services/workspaces/apis/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Returns the details of the specified API version.", - "displayName": "Get Api version", - "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Returns paginated collection of metadataSchemas.", - "displayName": "List metadataSchemas", - "name": "Microsoft.ApiCenter/services/metadataSchemas/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Checks if specified metadataSchema exists", - "displayName": "Checks metadataSchema exists", - "name": "Microsoft.ApiCenter/services/metadataSchemas/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Returns paginated collection of workspaces.", - "displayName": "List workspaces", - "name": "Microsoft.ApiCenter/services/workspaces/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Checks if specified workspace exists", - "displayName": "Checks workspace exists", - "name": "Microsoft.ApiCenter/services/workspaces/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Returns the details of the specified API definition.", - "displayName": "Get API definition", - "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Returns the details of the specified API deployment.", - "displayName": "Get API Deployment", - "name": "Microsoft.ApiCenter/services/workspaces/apis/deployments/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Checks status of individual import operation", - "displayName": "Import API definition status check", - "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/operationResults/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Checks status of a long running operation", - "displayName": "Operation result status check", - "name": "Microsoft.ApiCenter/services/operationResults/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Returns paginated collection of the Event Grid filters.", - "displayName": "List Event Grid filter", - "name": "Microsoft.ApiCenter/services/eventGridFilters/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Returns analysis report for specified API definition.", - "displayName": "Get API definition analysis report", - "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/analysisResults/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Get a certain analysis report of an API Center instance", - "displayName": "Read analysis report of an API Center instance", - "name": "Microsoft.ApiCenter/services/analysisReports/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "List API Sources inside a catalog.", - "displayName": "List API sources", - "name": "Microsoft.ApiCenter/services/workspaces/apiSources/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Returns the details of the specified analyzer configuration.", - "displayName": "Get analyzer configuration", - "name": "Microsoft.ApiCenter/services/workspaces/analyzerConfigs/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Checks status of individual import ruleset operation", - "displayName": "Import ruleset status check", - "name": "Microsoft.ApiCenter/services/workspaces/analyzerConfigs/operationResults/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Get analysis executions of a particular analyzer configuration", - "displayName": "Read analysis executions of a particular analyzer configuration", - "name": "Microsoft.ApiCenter/services/workspaces/analyzerConfig/analysisExecutions/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Updates analysis results for specified API definition.", - "displayName": "Update API definition analysis state", - "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.ApiCenter/services/*/read", - "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action", - "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Provide access to Historical Weather Data Solution by Bayer Ag Powered Services", - "hasExternal": false, - "hasUnknown": false, - "name": "Bayer Ag Powered Services Historical Weather Data Solution User Role", - "permittedActions": [], - "permittedDataActions": [ - { - "description": "Gets or Lists existing AgFoodPlatform parties resource(s).", - "displayName": "Get or List AgFoodPlatform parties resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/read", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Gets or Lists existing AgFoodPlatform fields resource(s).", - "displayName": "Get or List AgFoodPlatform fields resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/fields/read", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Creates or Updates AgFoodPlatform fields.", - "displayName": "Create or Update AgFoodPlatform fields.", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/fields/write", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Gets or Lists existing AgFoodPlatform farms resource(s).", - "displayName": "Get or List AgFoodPlatform farms resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/farms/read", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Creates or Updates AgFoodPlatform farms.", - "displayName": "Create or Update AgFoodPlatform farms.", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/farms/write", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Gets or Lists existing AgFoodPlatform insights resource(s).", - "displayName": "Get or List AgFoodPlatform insights resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/read", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Creates or Updates AgFoodPlatform insights.", - "displayName": "Create or Update AgFoodPlatform insights.", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/write", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Deletes an existing AgFoodPlatform insights resource.", - "displayName": "Delete AgFoodPlatform insights resource.", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/delete", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "List(s) existing AgFoodPlatform insight resource(s).", - "displayName": "List AgFoodPlatform insight resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/list/action", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Gets or Lists existing AgFoodPlatform insight attachments resource(s).", - "displayName": "Get or List AgFoodPlatform insight attachments resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/read", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Creates or Updates AgFoodPlatform insight attachments.", - "displayName": "Create or Update AgFoodPlatform insight attachments.", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/write", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Deletes an existing AgFoodPlatform insight attachments resource.", - "displayName": "Delete AgFoodPlatform insight attachments resource.", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/delete", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "List(s) existing AgFoodPlatform insight attachment resource(s).", - "displayName": "List AgFoodPlatform insight attachment resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/list/action", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "insights Download", - "displayName": "insights Download", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/download/action", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - } - ], - "rawPermissions": [ - { - "actions": [], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.AgFoodPlatform/farmBeats/parties/read", - "Microsoft.AgFoodPlatform/farmBeats/parties/fields/read", - "Microsoft.AgFoodPlatform/farmBeats/parties/fields/write", - "Microsoft.AgFoodPlatform/farmBeats/parties/farms/read", - "Microsoft.AgFoodPlatform/farmBeats/parties/farms/write", - "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*", - "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*" - ], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Grants full access to manage all VmCluster resources", "hasExternal": true, @@ -1190488,11 +1190405,74 @@ ] }, { - "description": "Grants read access to all Oracle.Database resources", + "description": "Grants full access to manage all Exadata Infrastructure resources", "hasExternal": true, "hasUnknown": true, - "name": "Oracle.Database Reader Built-in Role", + "name": "Oracle.Database Exadata Infrastructure Administrator Built-in Role", "permittedActions": [ + { + "description": "List DbServer resources by CloudExadataInfrastructure", + "displayName": "DbServers_ListByCloudExadataInfrastructure", + "name": "Oracle.Database/cloudExadataInfrastructures/dbServers/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List DbNode resources by CloudVmCluster", + "displayName": "DbNodes_ListByCloudVmCluster", + "name": "Oracle.Database/cloudVmClusters/dbNodes/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List VirtualNetworkAddress resources by CloudVmCluster", + "displayName": "VirtualNetworkAddresses_ListByCloudVmCluster", + "name": "Oracle.Database/cloudVmClusters/virtualNetworkAddresses/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "Create a VirtualNetworkAddress", + "displayName": "VirtualNetworkAddresses_CreateOrUpdate", + "name": "Oracle.Database/cloudVmClusters/virtualNetworkAddresses/write", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "Delete a VirtualNetworkAddress", + "displayName": "VirtualNetworkAddresses_Delete", + "name": "Oracle.Database/cloudVmClusters/virtualNetworkAddresses/delete", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "Add VMs to the VM Cluster", + "displayName": "CloudVmClusters_AddVms", + "name": "Oracle.Database/cloudVmClusters/addVms/action", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List Private IP Addresses by the provided filter", + "displayName": "CloudVmClusters_ListPrivateIpAddresses", + "name": "Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "Remove VMs from the VM Cluster", + "displayName": "CloudVmClusters_RemoveVms", + "name": "Oracle.Database/cloudVmClusters/removeVms/action", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "VM actions on DbNode of VM Cluster by the provided filter", + "displayName": "DbNodes_Action", + "name": "Oracle.Database/cloudVmClusters/dbNodes/action/action", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, { "description": "read OperationStatuses", "displayName": "read_OperationStatuses", @@ -1190557,37 +1190537,16 @@ "providerName": "Oracle.Database" }, { - "description": "read Operations", - "displayName": "read_Operations", - "name": "Oracle.Database/Operations/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List DbServer resources by CloudExadataInfrastructure", - "displayName": "DbServers_ListByCloudExadataInfrastructure", - "name": "Oracle.Database/cloudExadataInfrastructures/dbServers/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List DbNode resources by CloudVmCluster", - "displayName": "DbNodes_ListByCloudVmCluster", - "name": "Oracle.Database/cloudVmClusters/dbNodes/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List VirtualNetworkAddress resources by CloudVmCluster", - "displayName": "VirtualNetworkAddresses_ListByCloudVmCluster", - "name": "Oracle.Database/cloudVmClusters/virtualNetworkAddresses/read", + "description": "write OperationStatuses", + "displayName": "write_OperationStatuses", + "name": "Oracle.Database/Locations/OperationStatuses/write", "providerDisplayName": "Oracle.Database", "providerName": "Oracle.Database" }, { - "description": "List Private IP Addresses by the provided filter", - "displayName": "CloudVmClusters_ListPrivateIpAddresses", - "name": "Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action", + "description": "read Operations", + "displayName": "read_Operations", + "name": "Oracle.Database/Operations/read", "providerDisplayName": "Oracle.Database", "providerName": "Oracle.Database" }, @@ -1190605,20 +1190564,6 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, { "description": "Gets a virtual network subnet definition", "displayName": "Get Virtual Network Subnet", @@ -1190626,6 +1190571,13 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Creates a virtual network subnet or updates an existing virtual network subnet", + "displayName": "Create or Update Virtual Network Subnet", + "name": "Microsoft.Network/virtualNetworks/subnets/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Get the virtual network definition", "displayName": "Get Virtual Network", @@ -1190702,25 +1190654,258 @@ "name": "Microsoft.Resources/deployments/operationstatuses/read", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" + }, + { + "description": "Get the properties of an SSH public key", + "displayName": "Get SSH Public Key", + "name": "Microsoft.Compute/sshPublicKeys/read", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Creates a new SSH public key or updates an existing SSH public key", + "displayName": "Create or Update SSH Public Key", + "name": "Microsoft.Compute/sshPublicKeys/write", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Generates a new SSH public/private key pair", + "displayName": "Generate SSH Key Pair", + "name": "Microsoft.Compute/sshPublicKeys/generateKeyPair/action", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ + "Oracle.Database/cloudExadataInfrastructures/*/read", + "Oracle.Database/cloudExadataInfrastructures/*/write", + "Oracle.Database/cloudExadataInfrastructures/*/delete", + "Oracle.Database/cloudVmClusters/*/read", + "Oracle.Database/cloudVmClusters/*/write", + "Oracle.Database/cloudVmClusters/*/delete", + "Oracle.Database/cloudVmClusters/*/action", "Oracle.Database/Locations/*/read", + "Oracle.Database/Locations/*/write", "Oracle.Database/Operations/read", "Oracle.Database/oracleSubscriptions/*/read", - "Oracle.Database/cloudExadataInfrastructures/*/read", - "Oracle.Database/cloudVmClusters/*/read", - "Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action", "Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/deployments/*/read", "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Network/virtualNetworks/subnets/write", "Microsoft.Network/virtualNetworks/read", "Microsoft.Network/locations/operations/read", - "Microsoft.Resources/deployments/*" + "Microsoft.Resources/deployments/*", + "Microsoft.Compute/sshPublicKeys/read", + "Microsoft.Compute/sshPublicKeys/write", + "Microsoft.Compute/sshPublicKeys/generateKeyPair/action" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Grants full access to manage all Oracle Subscriptions resources", + "hasExternal": true, + "hasUnknown": true, + "name": "Oracle Subscriptions Manager Built-in Role", + "permittedActions": [ + { + "description": "Add Azure Subscriptions", + "displayName": "OracleSubscriptions_AddAzureSubscriptions", + "name": "Oracle.Database/oracleSubscriptions/addAzureSubscriptions/action", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List Activation Links", + "displayName": "OracleSubscriptions_ListActivationLinks", + "name": "Oracle.Database/oracleSubscriptions/listActivationLinks/action", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List Cloud Account Details", + "displayName": "OracleSubscriptions_ListCloudAccountDetails", + "name": "Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List Saas Subscription Details", + "displayName": "OracleSubscriptions_ListSaasSubscriptionDetails", + "name": "Oracle.Database/oracleSubscriptions/listSaasSubscriptionDetails/action", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "read OperationStatuses", + "displayName": "read_OperationStatuses", + "name": "Oracle.Database/Locations/OperationStatuses/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List GiVersion resources by Location", + "displayName": "GiVersions_ListByLocation", + "name": "Oracle.Database/locations/giVersions/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List DbSystemShape resources by Location", + "displayName": "DbSystemShapes_ListByLocation", + "name": "Oracle.Database/locations/dbSystemShapes/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List DnsPrivateView resources by Location", + "displayName": "DnsPrivateViews_ListByLocation", + "name": "Oracle.Database/locations/dnsPrivateViews/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List DnsPrivateZone resources by Location", + "displayName": "DnsPrivateZones_ListByLocation", + "name": "Oracle.Database/locations/dnsPrivateZones/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List AutonomousDatabaseCharacterSet resources by Location", + "displayName": "AutonomousDatabaseCharacterSets_ListByLocation", + "name": "Oracle.Database/locations/autonomousDatabaseCharacterSets/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List AutonomousDatabaseNationalCharacterSet resources by Location", + "displayName": "AutonomousDatabaseNationalCharacterSets_ListByLocation", + "name": "Oracle.Database/locations/autonomousDatabaseNationalCharacterSets/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List AutonomousDbVersion resources by Location", + "displayName": "AutonomousDatabaseVersions_ListByLocation", + "name": "Oracle.Database/locations/autonomousDbVersions/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List SystemVersion resources by Location", + "displayName": "SystemVersions_ListByLocation", + "name": "Oracle.Database/locations/systemVersions/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "write OperationStatuses", + "displayName": "write_OperationStatuses", + "name": "Oracle.Database/Locations/OperationStatuses/write", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "read Operations", + "displayName": "read_Operations", + "name": "Oracle.Database/Operations/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Oracle.Database/oracleSubscriptions/*/read", + "Oracle.Database/oracleSubscriptions/*/write", + "Oracle.Database/oracleSubscriptions/*/delete", + "Oracle.Database/oracleSubscriptions/*/action", + "Oracle.Database/Locations/*/read", + "Oracle.Database/Locations/*/write", + "Oracle.Database/Operations/read", + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, "conditionVersion": null, @@ -1191230,278 +1191415,136 @@ ] }, { - "description": "Grants full access to manage all Oracle Subscriptions resources", - "hasExternal": true, - "hasUnknown": true, - "name": "Oracle Subscriptions Manager Built-in Role", - "permittedActions": [ - { - "description": "Add Azure Subscriptions", - "displayName": "OracleSubscriptions_AddAzureSubscriptions", - "name": "Oracle.Database/oracleSubscriptions/addAzureSubscriptions/action", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List Activation Links", - "displayName": "OracleSubscriptions_ListActivationLinks", - "name": "Oracle.Database/oracleSubscriptions/listActivationLinks/action", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List Cloud Account Details", - "displayName": "OracleSubscriptions_ListCloudAccountDetails", - "name": "Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List Saas Subscription Details", - "displayName": "OracleSubscriptions_ListSaasSubscriptionDetails", - "name": "Oracle.Database/oracleSubscriptions/listSaasSubscriptionDetails/action", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "read OperationStatuses", - "displayName": "read_OperationStatuses", - "name": "Oracle.Database/Locations/OperationStatuses/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List GiVersion resources by Location", - "displayName": "GiVersions_ListByLocation", - "name": "Oracle.Database/locations/giVersions/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List DbSystemShape resources by Location", - "displayName": "DbSystemShapes_ListByLocation", - "name": "Oracle.Database/locations/dbSystemShapes/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List DnsPrivateView resources by Location", - "displayName": "DnsPrivateViews_ListByLocation", - "name": "Oracle.Database/locations/dnsPrivateViews/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List DnsPrivateZone resources by Location", - "displayName": "DnsPrivateZones_ListByLocation", - "name": "Oracle.Database/locations/dnsPrivateZones/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List AutonomousDatabaseCharacterSet resources by Location", - "displayName": "AutonomousDatabaseCharacterSets_ListByLocation", - "name": "Oracle.Database/locations/autonomousDatabaseCharacterSets/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List AutonomousDatabaseNationalCharacterSet resources by Location", - "displayName": "AutonomousDatabaseNationalCharacterSets_ListByLocation", - "name": "Oracle.Database/locations/autonomousDatabaseNationalCharacterSets/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, + "description": "Provide access to Historical Weather Data Solution by Bayer Ag Powered Services", + "hasExternal": false, + "hasUnknown": false, + "name": "Bayer Ag Powered Services Historical Weather Data Solution User Role", + "permittedActions": [], + "permittedDataActions": [ { - "description": "List AutonomousDbVersion resources by Location", - "displayName": "AutonomousDatabaseVersions_ListByLocation", - "name": "Oracle.Database/locations/autonomousDbVersions/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" + "description": "Gets or Lists existing AgFoodPlatform parties resource(s).", + "displayName": "Get or List AgFoodPlatform parties resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/read", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" }, { - "description": "List SystemVersion resources by Location", - "displayName": "SystemVersions_ListByLocation", - "name": "Oracle.Database/locations/systemVersions/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" + "description": "Gets or Lists existing AgFoodPlatform fields resource(s).", + "displayName": "Get or List AgFoodPlatform fields resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/fields/read", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" }, { - "description": "write OperationStatuses", - "displayName": "write_OperationStatuses", - "name": "Oracle.Database/Locations/OperationStatuses/write", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" + "description": "Creates or Updates AgFoodPlatform fields.", + "displayName": "Create or Update AgFoodPlatform fields.", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/fields/write", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" }, { - "description": "read Operations", - "displayName": "read_Operations", - "name": "Oracle.Database/Operations/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" + "description": "Gets or Lists existing AgFoodPlatform farms resource(s).", + "displayName": "Get or List AgFoodPlatform farms resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/farms/read", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" }, { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Creates or Updates AgFoodPlatform farms.", + "displayName": "Create or Update AgFoodPlatform farms.", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/farms/write", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" }, { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Gets or Lists existing AgFoodPlatform insights resource(s).", + "displayName": "Get or List AgFoodPlatform insights resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/read", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" }, { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Creates or Updates AgFoodPlatform insights.", + "displayName": "Create or Update AgFoodPlatform insights.", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/write", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" }, { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Deletes an existing AgFoodPlatform insights resource.", + "displayName": "Delete AgFoodPlatform insights resource.", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/delete", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" }, { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "List(s) existing AgFoodPlatform insight resource(s).", + "displayName": "List AgFoodPlatform insight resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/list/action", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" }, { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Gets or Lists existing AgFoodPlatform insight attachments resource(s).", + "displayName": "Get or List AgFoodPlatform insight attachments resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/read", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" }, { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Creates or Updates AgFoodPlatform insight attachments.", + "displayName": "Create or Update AgFoodPlatform insight attachments.", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/write", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" }, { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Deletes an existing AgFoodPlatform insight attachments resource.", + "displayName": "Delete AgFoodPlatform insight attachments resource.", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/delete", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" }, { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "List(s) existing AgFoodPlatform insight attachment resource(s).", + "displayName": "List AgFoodPlatform insight attachment resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/list/action", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" }, { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "insights Download", + "displayName": "insights Download", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/download/action", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" } ], - "permittedDataActions": [], "rawPermissions": [ { - "actions": [ - "Oracle.Database/oracleSubscriptions/*/read", - "Oracle.Database/oracleSubscriptions/*/write", - "Oracle.Database/oracleSubscriptions/*/delete", - "Oracle.Database/oracleSubscriptions/*/action", - "Oracle.Database/Locations/*/read", - "Oracle.Database/Locations/*/write", - "Oracle.Database/Operations/read", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read" - ], + "actions": [], "condition": null, "conditionVersion": null, - "dataActions": [], + "dataActions": [ + "Microsoft.AgFoodPlatform/farmBeats/parties/read", + "Microsoft.AgFoodPlatform/farmBeats/parties/fields/read", + "Microsoft.AgFoodPlatform/farmBeats/parties/fields/write", + "Microsoft.AgFoodPlatform/farmBeats/parties/farms/read", + "Microsoft.AgFoodPlatform/farmBeats/parties/farms/write", + "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*", + "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*" + ], "notActions": [], "notDataActions": [] } ] }, { - "description": "Grants full access to manage all Exadata Infrastructure resources", + "description": "Grants read access to all Oracle.Database resources", "hasExternal": true, "hasUnknown": true, - "name": "Oracle.Database Exadata Infrastructure Administrator Built-in Role", + "name": "Oracle.Database Reader Built-in Role", "permittedActions": [ - { - "description": "List DbServer resources by CloudExadataInfrastructure", - "displayName": "DbServers_ListByCloudExadataInfrastructure", - "name": "Oracle.Database/cloudExadataInfrastructures/dbServers/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List DbNode resources by CloudVmCluster", - "displayName": "DbNodes_ListByCloudVmCluster", - "name": "Oracle.Database/cloudVmClusters/dbNodes/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List VirtualNetworkAddress resources by CloudVmCluster", - "displayName": "VirtualNetworkAddresses_ListByCloudVmCluster", - "name": "Oracle.Database/cloudVmClusters/virtualNetworkAddresses/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "Create a VirtualNetworkAddress", - "displayName": "VirtualNetworkAddresses_CreateOrUpdate", - "name": "Oracle.Database/cloudVmClusters/virtualNetworkAddresses/write", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "Delete a VirtualNetworkAddress", - "displayName": "VirtualNetworkAddresses_Delete", - "name": "Oracle.Database/cloudVmClusters/virtualNetworkAddresses/delete", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "Add VMs to the VM Cluster", - "displayName": "CloudVmClusters_AddVms", - "name": "Oracle.Database/cloudVmClusters/addVms/action", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List Private IP Addresses by the provided filter", - "displayName": "CloudVmClusters_ListPrivateIpAddresses", - "name": "Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "Remove VMs from the VM Cluster", - "displayName": "CloudVmClusters_RemoveVms", - "name": "Oracle.Database/cloudVmClusters/removeVms/action", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "VM actions on DbNode of VM Cluster by the provided filter", - "displayName": "DbNodes_Action", - "name": "Oracle.Database/cloudVmClusters/dbNodes/action/action", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, { "description": "read OperationStatuses", "displayName": "read_OperationStatuses", @@ -1191566,16 +1191609,37 @@ "providerName": "Oracle.Database" }, { - "description": "write OperationStatuses", - "displayName": "write_OperationStatuses", - "name": "Oracle.Database/Locations/OperationStatuses/write", + "description": "read Operations", + "displayName": "read_Operations", + "name": "Oracle.Database/Operations/read", "providerDisplayName": "Oracle.Database", "providerName": "Oracle.Database" }, { - "description": "read Operations", - "displayName": "read_Operations", - "name": "Oracle.Database/Operations/read", + "description": "List DbServer resources by CloudExadataInfrastructure", + "displayName": "DbServers_ListByCloudExadataInfrastructure", + "name": "Oracle.Database/cloudExadataInfrastructures/dbServers/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List DbNode resources by CloudVmCluster", + "displayName": "DbNodes_ListByCloudVmCluster", + "name": "Oracle.Database/cloudVmClusters/dbNodes/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List VirtualNetworkAddress resources by CloudVmCluster", + "displayName": "VirtualNetworkAddresses_ListByCloudVmCluster", + "name": "Oracle.Database/cloudVmClusters/virtualNetworkAddresses/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List Private IP Addresses by the provided filter", + "displayName": "CloudVmClusters_ListPrivateIpAddresses", + "name": "Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action", "providerDisplayName": "Oracle.Database", "providerName": "Oracle.Database" }, @@ -1191593,6 +1191657,20 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, { "description": "Gets a virtual network subnet definition", "displayName": "Get Virtual Network Subnet", @@ -1191600,13 +1191678,6 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, - { - "description": "Creates a virtual network subnet or updates an existing virtual network subnet", - "displayName": "Create or Update Virtual Network Subnet", - "name": "Microsoft.Network/virtualNetworks/subnets/write", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, { "description": "Get the virtual network definition", "displayName": "Get Virtual Network", @@ -1191683,54 +1191754,25 @@ "name": "Microsoft.Resources/deployments/operationstatuses/read", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" - }, - { - "description": "Get the properties of an SSH public key", - "displayName": "Get SSH Public Key", - "name": "Microsoft.Compute/sshPublicKeys/read", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Creates a new SSH public key or updates an existing SSH public key", - "displayName": "Create or Update SSH Public Key", - "name": "Microsoft.Compute/sshPublicKeys/write", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Generates a new SSH public/private key pair", - "displayName": "Generate SSH Key Pair", - "name": "Microsoft.Compute/sshPublicKeys/generateKeyPair/action", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Oracle.Database/cloudExadataInfrastructures/*/read", - "Oracle.Database/cloudExadataInfrastructures/*/write", - "Oracle.Database/cloudExadataInfrastructures/*/delete", - "Oracle.Database/cloudVmClusters/*/read", - "Oracle.Database/cloudVmClusters/*/write", - "Oracle.Database/cloudVmClusters/*/delete", - "Oracle.Database/cloudVmClusters/*/action", "Oracle.Database/Locations/*/read", - "Oracle.Database/Locations/*/write", "Oracle.Database/Operations/read", "Oracle.Database/oracleSubscriptions/*/read", + "Oracle.Database/cloudExadataInfrastructures/*/read", + "Oracle.Database/cloudVmClusters/*/read", + "Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action", "Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action", "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Resources/deployments/*/read", "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/virtualNetworks/subnets/write", "Microsoft.Network/virtualNetworks/read", "Microsoft.Network/locations/operations/read", - "Microsoft.Resources/deployments/*", - "Microsoft.Compute/sshPublicKeys/read", - "Microsoft.Compute/sshPublicKeys/write", - "Microsoft.Compute/sshPublicKeys/generateKeyPair/action" + "Microsoft.Resources/deployments/*" ], "condition": null, "conditionVersion": null, @@ -1192812,10 +1192854,10 @@ ] }, { - "description": "Read-only access to Nexus Network Fabric Service", + "description": "Read-write access to Nexus Network Fabric Service", "hasExternal": false, "hasUnknown": false, - "name": "Nexus Network Fabric Service Reader", + "name": "Nexus Network Fabric Service Writer", "permittedActions": [ { "description": "read Operations", @@ -1193293,6 +1193335,321 @@ "providerDisplayName": "Microsoft.ManagedNetworkFabric", "providerName": "Microsoft.ManagedNetworkFabric" }, + { + "description": "Creates a Network Fabric Controller.", + "displayName": "NetworkFabricControllers_Create", + "name": "Microsoft.ManagedNetworkFabric/networkFabricControllers/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "write OperationStatuses", + "displayName": "write_OperationStatuses", + "name": "Microsoft.ManagedNetworkFabric/Locations/OperationStatuses/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create Network Fabric resource.", + "displayName": "NetworkFabrics_Create", + "name": "Microsoft.ManagedNetworkFabric/networkFabrics/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create Network Rack resource.", + "displayName": "NetworkRacks_Create", + "name": "Microsoft.ManagedNetworkFabric/networkRacks/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a Network Device resource", + "displayName": "NetworkDevices_Create", + "name": "Microsoft.ManagedNetworkFabric/networkDevices/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a Network Interface resource.", + "displayName": "NetworkInterfaces_Create", + "name": "Microsoft.ManagedNetworkFabric/networkDevices/networkInterfaces/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Creates layer 2 network connectivity between compute nodes within a rack and across racks.The configuration is applied on the devices only after the isolation domain is enabled.", + "displayName": "L2IsolationDomains_Create", + "name": "Microsoft.ManagedNetworkFabric/l2IsolationDomains/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create isolation domain resources for layer 3 connectivity between compute nodes and for communication with external services .This configuration is applied on the devices only after the creation of networks is completed and isolation domain is enabled. ", + "displayName": "L3IsolationDomains_Create", + "name": "Microsoft.ManagedNetworkFabric/l3IsolationDomains/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements Access Control List PUT method.", + "displayName": "AccessControlLists_Create", + "name": "Microsoft.ManagedNetworkFabric/accessControlLists/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements Route Policy PUT method.", + "displayName": "RoutePolicies_Create", + "name": "Microsoft.ManagedNetworkFabric/routePolicies/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Creates ExternalNetwork PUT method.", + "displayName": "ExternalNetworks_Create", + "name": "Microsoft.ManagedNetworkFabric/l3IsolationDomains/externalNetworks/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Creates InternalNetwork PUT method.", + "displayName": "InternalNetworks_Create", + "name": "Microsoft.ManagedNetworkFabric/l3IsolationDomains/internalNetworks/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Configuration used to setup CE-PE connectivity PUT Method.", + "displayName": "NetworkToNetworkInterconnects_Create", + "name": "Microsoft.ManagedNetworkFabric/networkFabrics/networkToNetworkInterconnects/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements an IP Community PUT method.", + "displayName": "IpCommunities_Create", + "name": "Microsoft.ManagedNetworkFabric/ipCommunities/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements IP Extended Community PUT method.", + "displayName": "IpExtendedCommunities_Create", + "name": "Microsoft.ManagedNetworkFabric/ipExtendedCommunities/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements IP Prefix PUT method.", + "displayName": "IpPrefixes_Create", + "name": "Microsoft.ManagedNetworkFabric/ipPrefixes/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Creates a Network Fabric Service Internet Gateway resource instance.", + "displayName": "InternetGateways_Create", + "name": "Microsoft.ManagedNetworkFabric/internetGateways/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Creates an Internet Gateway rule resource.", + "displayName": "InternetGatewayRules_Create", + "name": "Microsoft.ManagedNetworkFabric/internetGatewayRules/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Creates a Network Packet Broker.", + "displayName": "NetworkPacketBrokers_Create", + "name": "Microsoft.ManagedNetworkFabric/networkPacketBrokers/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Creates a Network Tap.", + "displayName": "NetworkTaps_Create", + "name": "Microsoft.ManagedNetworkFabric/networkTaps/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create Network Tap Rule resource.", + "displayName": "NetworkTapRules_Create", + "name": "Microsoft.ManagedNetworkFabric/networkTapRules/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements the Neighbor Group PUT method.", + "displayName": "NeighborGroups_Create", + "name": "Microsoft.ManagedNetworkFabric/neighborGroups/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements Ip Community List PUT method.", + "displayName": "IpCommunityLists_Create", + "name": "Microsoft.ManagedNetworkFabric/ipCommunityLists/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements Ip Prefix List PUT method.", + "displayName": "IpPrefixLists_Create", + "name": "Microsoft.ManagedNetworkFabric/ipPrefixLists/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a NfaDevice resource.", + "displayName": "NfaDevices_Create", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/nfadevices/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a FileInject resource.", + "displayName": "FileInjects_Create", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/fileinjects/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a OcRawConfig resource.", + "displayName": "OcRawConfigs_Create", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/ocrawconfigs/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a SSHCommand resource.", + "displayName": "SSHCommands_Create", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/sshcommands/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a GNOIOperation resource.", + "displayName": "GNOIOperations_Create", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/gnoioperations/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a NetworkFabricInfo resource.", + "displayName": "NetworkFabricInfos_Create", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/networkfabricinfos/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a NetworkFabricConfigurationInfo resource.", + "displayName": "NetworkFabricConfigurationInfo_Create", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/networkfabricconfigurationinfos/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a IdentityWebhooks resource.", + "displayName": "IdentityWebhooks_Create", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/identitywebhooks/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a NetworkCloudS2S resource.", + "displayName": "NetworkCloudS2S_Create", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/networkclouds2s/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a NetworkCloudS2S resource.", + "displayName": "NetworkCloudS2S_Create", + "name": "Microsoft.ManagedNetworkFabric/l2isolationdomains/networkclouds2s/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a NetworkCloudS2S resource.", + "displayName": "NetworkCloudS2S_Create", + "name": "Microsoft.ManagedNetworkFabric/l3isolationdomains/networkclouds2s/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a NetworkCloudController resource.", + "displayName": "NetworkCloudControllers_Create", + "name": "Microsoft.ManagedNetworkFabric/networkfabriccontrollers/networkcloudcontrollers/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a Gateway resource.", + "displayName": "Gateway_Create", + "name": "Microsoft.ManagedNetworkFabric/networkfabriccontrollers/gateway/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a L2isolationDomainInfos resource.", + "displayName": "L2isolationDomainInfos_Create", + "name": "Microsoft.ManagedNetworkFabric/l2isolationdomains/l2isolationdomaininfos/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a L3isolationDomainInfos resource.", + "displayName": "L3isolationDomainInfos_Create", + "name": "Microsoft.ManagedNetworkFabric/l3isolationdomains/l3isolationdomaininfos/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Creates a Network Fabric Service Internet Gateway internal internetgatewayactions resource instance.", + "displayName": "internetgatewayactions_Create", + "name": "Microsoft.ManagedNetworkFabric/internetGateways/internetgatewayactions/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Creates an internal internet gateway rule actions resource.", + "displayName": "internetgatewayruleactions_Create", + "name": "Microsoft.ManagedNetworkFabric/internetGatewayRules/internetgatewayruleactions/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a GNOIMaintenance resource.", + "displayName": "GNOIMaintenances_Create", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/gnoimaintenances/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a igwinfos resource.", + "displayName": "igwinfos_Create", + "name": "Microsoft.ManagedNetworkFabric/internetgateways/igwinfos/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a NfaExtensionDebug resource.", + "displayName": "NfaExtensionDebug_Create", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/nfaextensiondebug/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Create a NfaExtensionDebug resource.", + "displayName": "NfaExtensionDebug_Create", + "name": "Microsoft.ManagedNetworkFabric/networkfabriccontrollers/nfaextensiondebug/write", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1193607,6 +1193964,7 @@ { "actions": [ "Microsoft.ManagedNetworkFabric/*/read", + "Microsoft.ManagedNetworkFabric/*/write", "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", "Microsoft.Resources/deployments/*", @@ -1193621,10 +1193979,10 @@ ] }, { - "description": "Read-write access to Nexus Network Fabric Service", + "description": "Read-only access to Nexus Network Fabric Service", "hasExternal": false, "hasUnknown": false, - "name": "Nexus Network Fabric Service Writer", + "name": "Nexus Network Fabric Service Reader", "permittedActions": [ { "description": "read Operations", @@ -1194102,321 +1194460,6 @@ "providerDisplayName": "Microsoft.ManagedNetworkFabric", "providerName": "Microsoft.ManagedNetworkFabric" }, - { - "description": "Creates a Network Fabric Controller.", - "displayName": "NetworkFabricControllers_Create", - "name": "Microsoft.ManagedNetworkFabric/networkFabricControllers/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "write OperationStatuses", - "displayName": "write_OperationStatuses", - "name": "Microsoft.ManagedNetworkFabric/Locations/OperationStatuses/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create Network Fabric resource.", - "displayName": "NetworkFabrics_Create", - "name": "Microsoft.ManagedNetworkFabric/networkFabrics/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create Network Rack resource.", - "displayName": "NetworkRacks_Create", - "name": "Microsoft.ManagedNetworkFabric/networkRacks/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a Network Device resource", - "displayName": "NetworkDevices_Create", - "name": "Microsoft.ManagedNetworkFabric/networkDevices/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a Network Interface resource.", - "displayName": "NetworkInterfaces_Create", - "name": "Microsoft.ManagedNetworkFabric/networkDevices/networkInterfaces/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Creates layer 2 network connectivity between compute nodes within a rack and across racks.The configuration is applied on the devices only after the isolation domain is enabled.", - "displayName": "L2IsolationDomains_Create", - "name": "Microsoft.ManagedNetworkFabric/l2IsolationDomains/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create isolation domain resources for layer 3 connectivity between compute nodes and for communication with external services .This configuration is applied on the devices only after the creation of networks is completed and isolation domain is enabled. ", - "displayName": "L3IsolationDomains_Create", - "name": "Microsoft.ManagedNetworkFabric/l3IsolationDomains/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements Access Control List PUT method.", - "displayName": "AccessControlLists_Create", - "name": "Microsoft.ManagedNetworkFabric/accessControlLists/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements Route Policy PUT method.", - "displayName": "RoutePolicies_Create", - "name": "Microsoft.ManagedNetworkFabric/routePolicies/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Creates ExternalNetwork PUT method.", - "displayName": "ExternalNetworks_Create", - "name": "Microsoft.ManagedNetworkFabric/l3IsolationDomains/externalNetworks/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Creates InternalNetwork PUT method.", - "displayName": "InternalNetworks_Create", - "name": "Microsoft.ManagedNetworkFabric/l3IsolationDomains/internalNetworks/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Configuration used to setup CE-PE connectivity PUT Method.", - "displayName": "NetworkToNetworkInterconnects_Create", - "name": "Microsoft.ManagedNetworkFabric/networkFabrics/networkToNetworkInterconnects/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements an IP Community PUT method.", - "displayName": "IpCommunities_Create", - "name": "Microsoft.ManagedNetworkFabric/ipCommunities/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements IP Extended Community PUT method.", - "displayName": "IpExtendedCommunities_Create", - "name": "Microsoft.ManagedNetworkFabric/ipExtendedCommunities/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements IP Prefix PUT method.", - "displayName": "IpPrefixes_Create", - "name": "Microsoft.ManagedNetworkFabric/ipPrefixes/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Creates a Network Fabric Service Internet Gateway resource instance.", - "displayName": "InternetGateways_Create", - "name": "Microsoft.ManagedNetworkFabric/internetGateways/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Creates an Internet Gateway rule resource.", - "displayName": "InternetGatewayRules_Create", - "name": "Microsoft.ManagedNetworkFabric/internetGatewayRules/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Creates a Network Packet Broker.", - "displayName": "NetworkPacketBrokers_Create", - "name": "Microsoft.ManagedNetworkFabric/networkPacketBrokers/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Creates a Network Tap.", - "displayName": "NetworkTaps_Create", - "name": "Microsoft.ManagedNetworkFabric/networkTaps/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create Network Tap Rule resource.", - "displayName": "NetworkTapRules_Create", - "name": "Microsoft.ManagedNetworkFabric/networkTapRules/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements the Neighbor Group PUT method.", - "displayName": "NeighborGroups_Create", - "name": "Microsoft.ManagedNetworkFabric/neighborGroups/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements Ip Community List PUT method.", - "displayName": "IpCommunityLists_Create", - "name": "Microsoft.ManagedNetworkFabric/ipCommunityLists/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements Ip Prefix List PUT method.", - "displayName": "IpPrefixLists_Create", - "name": "Microsoft.ManagedNetworkFabric/ipPrefixLists/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a NfaDevice resource.", - "displayName": "NfaDevices_Create", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/nfadevices/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a FileInject resource.", - "displayName": "FileInjects_Create", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/fileinjects/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a OcRawConfig resource.", - "displayName": "OcRawConfigs_Create", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/ocrawconfigs/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a SSHCommand resource.", - "displayName": "SSHCommands_Create", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/sshcommands/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a GNOIOperation resource.", - "displayName": "GNOIOperations_Create", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/gnoioperations/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a NetworkFabricInfo resource.", - "displayName": "NetworkFabricInfos_Create", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/networkfabricinfos/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a NetworkFabricConfigurationInfo resource.", - "displayName": "NetworkFabricConfigurationInfo_Create", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/networkfabricconfigurationinfos/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a IdentityWebhooks resource.", - "displayName": "IdentityWebhooks_Create", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/identitywebhooks/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a NetworkCloudS2S resource.", - "displayName": "NetworkCloudS2S_Create", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/networkclouds2s/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a NetworkCloudS2S resource.", - "displayName": "NetworkCloudS2S_Create", - "name": "Microsoft.ManagedNetworkFabric/l2isolationdomains/networkclouds2s/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a NetworkCloudS2S resource.", - "displayName": "NetworkCloudS2S_Create", - "name": "Microsoft.ManagedNetworkFabric/l3isolationdomains/networkclouds2s/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a NetworkCloudController resource.", - "displayName": "NetworkCloudControllers_Create", - "name": "Microsoft.ManagedNetworkFabric/networkfabriccontrollers/networkcloudcontrollers/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a Gateway resource.", - "displayName": "Gateway_Create", - "name": "Microsoft.ManagedNetworkFabric/networkfabriccontrollers/gateway/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a L2isolationDomainInfos resource.", - "displayName": "L2isolationDomainInfos_Create", - "name": "Microsoft.ManagedNetworkFabric/l2isolationdomains/l2isolationdomaininfos/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a L3isolationDomainInfos resource.", - "displayName": "L3isolationDomainInfos_Create", - "name": "Microsoft.ManagedNetworkFabric/l3isolationdomains/l3isolationdomaininfos/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Creates a Network Fabric Service Internet Gateway internal internetgatewayactions resource instance.", - "displayName": "internetgatewayactions_Create", - "name": "Microsoft.ManagedNetworkFabric/internetGateways/internetgatewayactions/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Creates an internal internet gateway rule actions resource.", - "displayName": "internetgatewayruleactions_Create", - "name": "Microsoft.ManagedNetworkFabric/internetGatewayRules/internetgatewayruleactions/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a GNOIMaintenance resource.", - "displayName": "GNOIMaintenances_Create", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/gnoimaintenances/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a igwinfos resource.", - "displayName": "igwinfos_Create", - "name": "Microsoft.ManagedNetworkFabric/internetgateways/igwinfos/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a NfaExtensionDebug resource.", - "displayName": "NfaExtensionDebug_Create", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/nfaextensiondebug/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Create a NfaExtensionDebug resource.", - "displayName": "NfaExtensionDebug_Create", - "name": "Microsoft.ManagedNetworkFabric/networkfabriccontrollers/nfaextensiondebug/write", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1194731,7 +1194774,6 @@ { "actions": [ "Microsoft.ManagedNetworkFabric/*/read", - "Microsoft.ManagedNetworkFabric/*/write", "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", "Microsoft.Resources/deployments/*", @@ -1194746,10 +1194788,10 @@ ] }, { - "description": "Allows a user to manage deployment stacks, but cannot create or delete deny assignments within the deployment stack.", + "description": "Allows a user to manage deployment stacks, including those with deny assignments.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Deployment Stack Contributor", + "name": "Azure Deployment Stack Owner", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1195059,6 +1195101,13 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, + { + "description": "Gets or lists deployment stacks", + "displayName": "Read deployment stack", + "name": "Microsoft.Resources/deploymentStacks/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, { "description": "Creates or updates a deployment stack", "displayName": "Write deployment stack", @@ -1195067,9 +1195116,16 @@ "providerName": "Microsoft.Resources" }, { - "description": "Gets or lists deployment stacks", - "displayName": "Read deployment stack", - "name": "Microsoft.Resources/deploymentStacks/read", + "description": "Deletes a deployment stack", + "displayName": "Delete a deployment stack", + "name": "Microsoft.Resources/deploymentStacks/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Manage the denySettings property of a deployment stack.", + "displayName": "Manage deployment stack denySettings", + "name": "Microsoft.Resources/deploymentStacks/manageDenySetting/action", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" } @@ -1195082,8 +1195138,7 @@ "Microsoft.Insights/alertRules/*", "Microsoft.Resources/deployments/*", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/deploymentStacks/write", - "Microsoft.Resources/deploymentStacks/read" + "Microsoft.Resources/deploymentStacks/*" ], "condition": null, "conditionVersion": null, @@ -1195094,10 +1195149,10 @@ ] }, { - "description": "Allows a user to manage deployment stacks, including those with deny assignments.", + "description": "Allows a user to manage deployment stacks, but cannot create or delete deny assignments within the deployment stack.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Deployment Stack Owner", + "name": "Azure Deployment Stack Contributor", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1195407,13 +1195462,6 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, - { - "description": "Gets or lists deployment stacks", - "displayName": "Read deployment stack", - "name": "Microsoft.Resources/deploymentStacks/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, { "description": "Creates or updates a deployment stack", "displayName": "Write deployment stack", @@ -1195422,16 +1195470,9 @@ "providerName": "Microsoft.Resources" }, { - "description": "Deletes a deployment stack", - "displayName": "Delete a deployment stack", - "name": "Microsoft.Resources/deploymentStacks/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Manage the denySettings property of a deployment stack.", - "displayName": "Manage deployment stack denySettings", - "name": "Microsoft.Resources/deploymentStacks/manageDenySetting/action", + "description": "Gets or lists deployment stacks", + "displayName": "Read deployment stack", + "name": "Microsoft.Resources/deploymentStacks/read", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" } @@ -1195444,7 +1195485,8 @@ "Microsoft.Insights/alertRules/*", "Microsoft.Resources/deployments/*", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/deploymentStacks/*" + "Microsoft.Resources/deploymentStacks/write", + "Microsoft.Resources/deploymentStacks/read" ], "condition": null, "conditionVersion": null, @@ -1195529,10 +1195571,10 @@ ] }, { - "description": "Allows for read, write, and delete access to Azure Container Registry repositories, but excluding catalog listing. This role is in preview and subject to change.", + "description": "Allows for read access to Azure Container Registry repositories, but excluding catalog listing. This role is in preview and subject to change.", "hasExternal": false, "hasUnknown": false, - "name": "Container Registry Repository Contributor", + "name": "Container Registry Repository Reader", "permittedActions": [], "permittedDataActions": [ { @@ -1195548,34 +1195590,6 @@ "name": "Microsoft.ContainerRegistry/registries/repositories/content/read", "providerDisplayName": "Microsoft ContainerRegistry", "providerName": "Microsoft.ContainerRegistry" - }, - { - "description": "Updates the metadata of a repository for a container registry", - "displayName": "Update metadata of a repository for a container registry", - "name": "Microsoft.ContainerRegistry/registries/repositories/metadata/write", - "providerDisplayName": "Microsoft ContainerRegistry", - "providerName": "Microsoft.ContainerRegistry" - }, - { - "description": "Push or Write images to a container registry.", - "displayName": "Push images to container registry.", - "name": "Microsoft.ContainerRegistry/registries/repositories/content/write", - "providerDisplayName": "Microsoft ContainerRegistry", - "providerName": "Microsoft.ContainerRegistry" - }, - { - "description": "Delete the metadata of a repository for a container registry", - "displayName": "Delete metadata of a repository for a container registry", - "name": "Microsoft.ContainerRegistry/registries/repositories/metadata/delete", - "providerDisplayName": "Microsoft ContainerRegistry", - "providerName": "Microsoft.ContainerRegistry" - }, - { - "description": "Delete artifact in a container registry.", - "displayName": "Delete artifact in a container registry.", - "name": "Microsoft.ContainerRegistry/registries/repositories/content/delete", - "providerDisplayName": "Microsoft ContainerRegistry", - "providerName": "Microsoft.ContainerRegistry" } ], "rawPermissions": [ @@ -1195585,11 +1195599,7 @@ "conditionVersion": null, "dataActions": [ "Microsoft.ContainerRegistry/registries/repositories/metadata/read", - "Microsoft.ContainerRegistry/registries/repositories/content/read", - "Microsoft.ContainerRegistry/registries/repositories/metadata/write", - "Microsoft.ContainerRegistry/registries/repositories/content/write", - "Microsoft.ContainerRegistry/registries/repositories/metadata/delete", - "Microsoft.ContainerRegistry/registries/repositories/content/delete" + "Microsoft.ContainerRegistry/registries/repositories/content/read" ], "notActions": [], "notDataActions": [] @@ -1195649,10 +1195659,10 @@ ] }, { - "description": "Allows for read access to Azure Container Registry repositories, but excluding catalog listing. This role is in preview and subject to change.", + "description": "Allows for read, write, and delete access to Azure Container Registry repositories, but excluding catalog listing. This role is in preview and subject to change.", "hasExternal": false, "hasUnknown": false, - "name": "Container Registry Repository Reader", + "name": "Container Registry Repository Contributor", "permittedActions": [], "permittedDataActions": [ { @@ -1195668,6 +1195678,34 @@ "name": "Microsoft.ContainerRegistry/registries/repositories/content/read", "providerDisplayName": "Microsoft ContainerRegistry", "providerName": "Microsoft.ContainerRegistry" + }, + { + "description": "Updates the metadata of a repository for a container registry", + "displayName": "Update metadata of a repository for a container registry", + "name": "Microsoft.ContainerRegistry/registries/repositories/metadata/write", + "providerDisplayName": "Microsoft ContainerRegistry", + "providerName": "Microsoft.ContainerRegistry" + }, + { + "description": "Push or Write images to a container registry.", + "displayName": "Push images to container registry.", + "name": "Microsoft.ContainerRegistry/registries/repositories/content/write", + "providerDisplayName": "Microsoft ContainerRegistry", + "providerName": "Microsoft.ContainerRegistry" + }, + { + "description": "Delete the metadata of a repository for a container registry", + "displayName": "Delete metadata of a repository for a container registry", + "name": "Microsoft.ContainerRegistry/registries/repositories/metadata/delete", + "providerDisplayName": "Microsoft ContainerRegistry", + "providerName": "Microsoft.ContainerRegistry" + }, + { + "description": "Delete artifact in a container registry.", + "displayName": "Delete artifact in a container registry.", + "name": "Microsoft.ContainerRegistry/registries/repositories/content/delete", + "providerDisplayName": "Microsoft ContainerRegistry", + "providerName": "Microsoft.ContainerRegistry" } ], "rawPermissions": [ @@ -1195677,7 +1195715,11 @@ "conditionVersion": null, "dataActions": [ "Microsoft.ContainerRegistry/registries/repositories/metadata/read", - "Microsoft.ContainerRegistry/registries/repositories/content/read" + "Microsoft.ContainerRegistry/registries/repositories/content/read", + "Microsoft.ContainerRegistry/registries/repositories/metadata/write", + "Microsoft.ContainerRegistry/registries/repositories/content/write", + "Microsoft.ContainerRegistry/registries/repositories/metadata/delete", + "Microsoft.ContainerRegistry/registries/repositories/content/delete" ], "notActions": [], "notDataActions": [] @@ -1196192,6 +1196234,653 @@ } ] }, + { + "description": "Grant full access to manage all Toolchain orchestrator resources.", + "hasExternal": false, + "hasUnknown": false, + "name": "ToolchainOrchestrator Admin Role", + "permittedActions": [ + { + "description": "Create or update a classic metric alert", + "displayName": "Create or update classic metric alert", + "name": "Microsoft.Insights/AlertRules/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Delete a classic metric alert", + "displayName": "Delete classic metric alert", + "name": "Microsoft.Insights/AlertRules/Delete", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert", + "displayName": "Read classic metric alert", + "name": "Microsoft.Insights/AlertRules/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert activated", + "displayName": "Classic metric alert activated", + "name": "Microsoft.Insights/AlertRules/Activated/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert resolved", + "displayName": "Classic metric alert resolved", + "name": "Microsoft.Insights/AlertRules/Resolved/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert rule throttled", + "displayName": "Classic metric alert rule throttled", + "name": "Microsoft.Insights/AlertRules/Throttled/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert incident", + "displayName": "Read classic metric alert incidents", + "name": "Microsoft.Insights/AlertRules/Incidents/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Get the subscription operation results.", + "displayName": "Get Subscription Operation Results", + "name": "Microsoft.Resources/subscriptions/operationresults/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets the list of subscriptions.", + "displayName": "Get Subscriptions", + "name": "Microsoft.Resources/subscriptions/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Register the subscription for Microsoft.ToolchainOrchestrator", + "displayName": "Register the Microsoft.ToolchainOrchestrator", + "name": "Microsoft.ToolchainOrchestrator/register/action", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Unregister the subscription for Microsoft.ToolchainOrchestrator", + "displayName": "Unregister the Microsoft.ToolchainOrchestrator", + "name": "Microsoft.ToolchainOrchestrator/unregister/action", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "read Operations", + "displayName": "read_Operations", + "name": "Microsoft.ToolchainOrchestrator/Operations/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Lists Solutions resources within an Azure subscription.", + "displayName": "Solutions_ListBySubscription", + "name": "Microsoft.ToolchainOrchestrator/solutions/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns details of specified Solution resource.", + "displayName": "Solutions_Get", + "name": "Microsoft.ToolchainOrchestrator/solutions/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Creates new or updates existing Solution resource.", + "displayName": "Solutions_CreateOrUpdate", + "name": "Microsoft.ToolchainOrchestrator/solutions/write", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Deletes specified Solution resource.", + "displayName": "Solutions_Delete", + "name": "Microsoft.ToolchainOrchestrator/solutions/delete", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Lists Targets resources within an Azure subscription.", + "displayName": "Targets_ListBySubscription", + "name": "Microsoft.ToolchainOrchestrator/targets/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns details of specified Target resource.", + "displayName": "Targets_Get", + "name": "Microsoft.ToolchainOrchestrator/targets/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Creates new or updates existing Target resource.", + "displayName": "Targets_CreateOrUpdate", + "name": "Microsoft.ToolchainOrchestrator/targets/write", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Deletes specified Target resource.", + "displayName": "Targets_Delete", + "name": "Microsoft.ToolchainOrchestrator/targets/delete", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Lists Instances resources within an Azure subscription.", + "displayName": "Instances_ListBySubscription", + "name": "Microsoft.ToolchainOrchestrator/instances/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns details of specified Instance resource.", + "displayName": "Instances_Get", + "name": "Microsoft.ToolchainOrchestrator/instances/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Creates new or updates existing Instance resource.", + "displayName": "Instances_CreateOrUpdate", + "name": "Microsoft.ToolchainOrchestrator/instances/write", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Deletes specified Instance resource.", + "displayName": "Instances_Delete", + "name": "Microsoft.ToolchainOrchestrator/instances/delete", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Lists campaigns within an Azure subscription.", + "displayName": "Campaigns_ListBySubscription", + "name": "Microsoft.ToolchainOrchestrator/campaigns/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns the details of the campaign.", + "displayName": "Campaigns_Get", + "name": "Microsoft.ToolchainOrchestrator/campaigns/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Creates a new or updates an existing campaign.", + "displayName": "Campaigns_CreateOrUpdate", + "name": "Microsoft.ToolchainOrchestrator/campaigns/write", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Deletes a specified campaign.", + "displayName": "Campaigns_Delete", + "name": "Microsoft.ToolchainOrchestrator/campaigns/delete", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Lists activations within an Azure subscription.", + "displayName": "Activations_ListBySubscription", + "name": "Microsoft.ToolchainOrchestrator/activations/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns the details of the activation.", + "displayName": "Activations_Get", + "name": "Microsoft.ToolchainOrchestrator/activations/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Creates a new or updates an existing activation.", + "displayName": "Activations_CreateOrUpdate", + "name": "Microsoft.ToolchainOrchestrator/activations/write", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Deletes a specified activation.", + "displayName": "Activations_Delete", + "name": "Microsoft.ToolchainOrchestrator/activations/delete", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Lists Catalogs within an Azure subscription.", + "displayName": "Catalogs_ListBySubscription", + "name": "Microsoft.ToolchainOrchestrator/catalogs/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns details of the Catalog.", + "displayName": "Catalogs_Get", + "name": "Microsoft.ToolchainOrchestrator/catalogs/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Creates new or updates the Catalog.", + "displayName": "Catalogs_CreateOrUpdate", + "name": "Microsoft.ToolchainOrchestrator/catalogs/write", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Deletes specified Catalog.", + "displayName": "Catalogs_Delete", + "name": "Microsoft.ToolchainOrchestrator/catalogs/delete", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "read operationStatuses", + "displayName": "read_operationStatuses", + "name": "Microsoft.ToolchainOrchestrator/locations/operationStatuses/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "write operationStatuses", + "displayName": "write_operationStatuses", + "name": "Microsoft.ToolchainOrchestrator/locations/operationStatuses/write", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns a collection of SolutionVersion resources belonging to a Solution resource.", + "displayName": "SolutionVersions_ListBySolution", + "name": "Microsoft.ToolchainOrchestrator/solutions/versions/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Creates new or updates existing SolutionVersion resource.", + "displayName": "SolutionVersions_CreateOrUpdate", + "name": "Microsoft.ToolchainOrchestrator/solutions/versions/write", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Deletes specified SolutionVersion resource.", + "displayName": "SolutionVersions_Delete", + "name": "Microsoft.ToolchainOrchestrator/solutions/versions/delete", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Lists CampaignVersions within a Campaign.", + "displayName": "CampaignVersions_ListByCampaign", + "name": "Microsoft.ToolchainOrchestrator/campaigns/versions/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Creates a new or updates an existing campaignVersion.", + "displayName": "CampaignVersions_CreateOrUpdate", + "name": "Microsoft.ToolchainOrchestrator/campaigns/versions/write", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Deletes a specified campaignVersion.", + "displayName": "CampaignVersions_Delete", + "name": "Microsoft.ToolchainOrchestrator/campaigns/versions/delete", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Lists CatalogVersions within a Catalog.", + "displayName": "CatalogVersions_ListByCatalog", + "name": "Microsoft.ToolchainOrchestrator/catalogs/versions/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Creates new or updates a CatalogVersion.", + "displayName": "CatalogVersions_CreateOrUpdate", + "name": "Microsoft.ToolchainOrchestrator/catalogs/versions/write", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Deletes the specified CatalogVersion.", + "displayName": "CatalogVersions_Delete", + "name": "Microsoft.ToolchainOrchestrator/catalogs/versions/delete", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns a collection of TargetVersion resources belonging to a Target resource.", + "displayName": "TargetVersions_ListByTarget", + "name": "Microsoft.ToolchainOrchestrator/targets/versions/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Creates new or updates existing TargetVersion resource.", + "displayName": "TargetVersions_CreateOrUpdate", + "name": "Microsoft.ToolchainOrchestrator/targets/versions/write", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Deletes specified TargetVersion resource.", + "displayName": "TargetVersions_Delete", + "name": "Microsoft.ToolchainOrchestrator/targets/versions/delete", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns a collection of InstanceVersion resources belonging to an Instance resource.", + "displayName": "InstanceVersions_ListByInstance", + "name": "Microsoft.ToolchainOrchestrator/instances/versions/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Creates new or updates existing InstanceVersion resource.", + "displayName": "InstanceVersions_CreateOrUpdate", + "name": "Microsoft.ToolchainOrchestrator/instances/versions/write", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Deletes specified InstanceVersion resource.", + "displayName": "InstanceVersions_Delete", + "name": "Microsoft.ToolchainOrchestrator/instances/versions/delete", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/write", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.ToolchainOrchestrator/*" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Grant access to view all Toolchain orchestrator resources.", + "hasExternal": false, + "hasUnknown": false, + "name": "ToolchainOrchestrator Viewer Role", + "permittedActions": [ + { + "description": "Create or update a classic metric alert", + "displayName": "Create or update classic metric alert", + "name": "Microsoft.Insights/AlertRules/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Delete a classic metric alert", + "displayName": "Delete classic metric alert", + "name": "Microsoft.Insights/AlertRules/Delete", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert", + "displayName": "Read classic metric alert", + "name": "Microsoft.Insights/AlertRules/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert activated", + "displayName": "Classic metric alert activated", + "name": "Microsoft.Insights/AlertRules/Activated/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert resolved", + "displayName": "Classic metric alert resolved", + "name": "Microsoft.Insights/AlertRules/Resolved/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert rule throttled", + "displayName": "Classic metric alert rule throttled", + "name": "Microsoft.Insights/AlertRules/Throttled/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert incident", + "displayName": "Read classic metric alert incidents", + "name": "Microsoft.Insights/AlertRules/Incidents/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Get the subscription operation results.", + "displayName": "Get Subscription Operation Results", + "name": "Microsoft.Resources/subscriptions/operationresults/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets the list of subscriptions.", + "displayName": "Get Subscriptions", + "name": "Microsoft.Resources/subscriptions/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "read Operations", + "displayName": "read_Operations", + "name": "Microsoft.ToolchainOrchestrator/Operations/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Lists Solutions resources within an Azure subscription.", + "displayName": "Solutions_ListBySubscription", + "name": "Microsoft.ToolchainOrchestrator/solutions/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns details of specified Solution resource.", + "displayName": "Solutions_Get", + "name": "Microsoft.ToolchainOrchestrator/solutions/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Lists Targets resources within an Azure subscription.", + "displayName": "Targets_ListBySubscription", + "name": "Microsoft.ToolchainOrchestrator/targets/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns details of specified Target resource.", + "displayName": "Targets_Get", + "name": "Microsoft.ToolchainOrchestrator/targets/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Lists Instances resources within an Azure subscription.", + "displayName": "Instances_ListBySubscription", + "name": "Microsoft.ToolchainOrchestrator/instances/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns details of specified Instance resource.", + "displayName": "Instances_Get", + "name": "Microsoft.ToolchainOrchestrator/instances/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Lists campaigns within an Azure subscription.", + "displayName": "Campaigns_ListBySubscription", + "name": "Microsoft.ToolchainOrchestrator/campaigns/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns the details of the campaign.", + "displayName": "Campaigns_Get", + "name": "Microsoft.ToolchainOrchestrator/campaigns/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Lists activations within an Azure subscription.", + "displayName": "Activations_ListBySubscription", + "name": "Microsoft.ToolchainOrchestrator/activations/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns the details of the activation.", + "displayName": "Activations_Get", + "name": "Microsoft.ToolchainOrchestrator/activations/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Lists Catalogs within an Azure subscription.", + "displayName": "Catalogs_ListBySubscription", + "name": "Microsoft.ToolchainOrchestrator/catalogs/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns details of the Catalog.", + "displayName": "Catalogs_Get", + "name": "Microsoft.ToolchainOrchestrator/catalogs/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "read operationStatuses", + "displayName": "read_operationStatuses", + "name": "Microsoft.ToolchainOrchestrator/locations/operationStatuses/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns a collection of SolutionVersion resources belonging to a Solution resource.", + "displayName": "SolutionVersions_ListBySolution", + "name": "Microsoft.ToolchainOrchestrator/solutions/versions/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Lists CampaignVersions within a Campaign.", + "displayName": "CampaignVersions_ListByCampaign", + "name": "Microsoft.ToolchainOrchestrator/campaigns/versions/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Lists CatalogVersions within a Catalog.", + "displayName": "CatalogVersions_ListByCatalog", + "name": "Microsoft.ToolchainOrchestrator/catalogs/versions/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns a collection of TargetVersion resources belonging to a Target resource.", + "displayName": "TargetVersions_ListByTarget", + "name": "Microsoft.ToolchainOrchestrator/targets/versions/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + }, + { + "description": "Returns a collection of InstanceVersion resources belonging to an Instance resource.", + "displayName": "InstanceVersions_ListByInstance", + "name": "Microsoft.ToolchainOrchestrator/instances/versions/read", + "providerDisplayName": "Microsoft.ToolchainOrchestrator", + "providerName": "Microsoft.ToolchainOrchestrator" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/write", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.ToolchainOrchestrator/*/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "This is the role for publishing gallery artifacts.", "hasExternal": false, @@ -1196675,394 +1197364,13 @@ "providerName": "Microsoft.Insights" }, { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Compute/galleries/*", - "Microsoft.Compute/locations/capsOperations/read", - "Microsoft.Compute/locations/communityGalleries/*", - "Microsoft.Compute/locations/sharedGalleries/*", - "Microsoft.Compute/images/*", - "Microsoft.Compute/virtualMachines/write", - "Microsoft.Compute/disks/write", - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [ - "Microsoft.Compute/galleries/share/action" - ], - "notDataActions": [] - } - ] - }, - { - "description": "Grant access to view all Toolchain orchestrator resources.", - "hasExternal": false, - "hasUnknown": false, - "name": "ToolchainOrchestrator Viewer Role", - "permittedActions": [ - { - "description": "Create or update a classic metric alert", - "displayName": "Create or update classic metric alert", - "name": "Microsoft.Insights/AlertRules/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Delete a classic metric alert", - "displayName": "Delete classic metric alert", - "name": "Microsoft.Insights/AlertRules/Delete", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert", - "displayName": "Read classic metric alert", - "name": "Microsoft.Insights/AlertRules/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert activated", - "displayName": "Classic metric alert activated", - "name": "Microsoft.Insights/AlertRules/Activated/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert resolved", - "displayName": "Classic metric alert resolved", - "name": "Microsoft.Insights/AlertRules/Resolved/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert rule throttled", - "displayName": "Classic metric alert rule throttled", - "name": "Microsoft.Insights/AlertRules/Throttled/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert incident", - "displayName": "Read classic metric alert incidents", - "name": "Microsoft.Insights/AlertRules/Incidents/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Get the subscription operation results.", - "displayName": "Get Subscription Operation Results", - "name": "Microsoft.Resources/subscriptions/operationresults/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets the list of subscriptions.", - "displayName": "Get Subscriptions", - "name": "Microsoft.Resources/subscriptions/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "read Operations", - "displayName": "read_Operations", - "name": "Microsoft.ToolchainOrchestrator/Operations/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Lists Solutions resources within an Azure subscription.", - "displayName": "Solutions_ListBySubscription", - "name": "Microsoft.ToolchainOrchestrator/solutions/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Returns details of specified Solution resource.", - "displayName": "Solutions_Get", - "name": "Microsoft.ToolchainOrchestrator/solutions/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Lists Targets resources within an Azure subscription.", - "displayName": "Targets_ListBySubscription", - "name": "Microsoft.ToolchainOrchestrator/targets/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Returns details of specified Target resource.", - "displayName": "Targets_Get", - "name": "Microsoft.ToolchainOrchestrator/targets/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Lists Instances resources within an Azure subscription.", - "displayName": "Instances_ListBySubscription", - "name": "Microsoft.ToolchainOrchestrator/instances/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Returns details of specified Instance resource.", - "displayName": "Instances_Get", - "name": "Microsoft.ToolchainOrchestrator/instances/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Lists campaigns within an Azure subscription.", - "displayName": "Campaigns_ListBySubscription", - "name": "Microsoft.ToolchainOrchestrator/campaigns/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Returns the details of the campaign.", - "displayName": "Campaigns_Get", - "name": "Microsoft.ToolchainOrchestrator/campaigns/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Lists activations within an Azure subscription.", - "displayName": "Activations_ListBySubscription", - "name": "Microsoft.ToolchainOrchestrator/activations/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Returns the details of the activation.", - "displayName": "Activations_Get", - "name": "Microsoft.ToolchainOrchestrator/activations/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Lists Catalogs within an Azure subscription.", - "displayName": "Catalogs_ListBySubscription", - "name": "Microsoft.ToolchainOrchestrator/catalogs/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Returns details of the Catalog.", - "displayName": "Catalogs_Get", - "name": "Microsoft.ToolchainOrchestrator/catalogs/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "read operationStatuses", - "displayName": "read_operationStatuses", - "name": "Microsoft.ToolchainOrchestrator/locations/operationStatuses/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Returns a collection of SolutionVersion resources belonging to a Solution resource.", - "displayName": "SolutionVersions_ListBySolution", - "name": "Microsoft.ToolchainOrchestrator/solutions/versions/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Lists CampaignVersions within a Campaign.", - "displayName": "CampaignVersions_ListByCampaign", - "name": "Microsoft.ToolchainOrchestrator/campaigns/versions/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Lists CatalogVersions within a Catalog.", - "displayName": "CatalogVersions_ListByCatalog", - "name": "Microsoft.ToolchainOrchestrator/catalogs/versions/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Returns a collection of TargetVersion resources belonging to a Target resource.", - "displayName": "TargetVersions_ListByTarget", - "name": "Microsoft.ToolchainOrchestrator/targets/versions/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Returns a collection of InstanceVersion resources belonging to an Instance resource.", - "displayName": "InstanceVersions_ListByInstance", - "name": "Microsoft.ToolchainOrchestrator/instances/versions/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/write", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ToolchainOrchestrator/*/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Grant full access to manage all Toolchain orchestrator resources.", - "hasExternal": false, - "hasUnknown": false, - "name": "ToolchainOrchestrator Admin Role", - "permittedActions": [ - { - "description": "Create or update a classic metric alert", - "displayName": "Create or update classic metric alert", - "name": "Microsoft.Insights/AlertRules/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Delete a classic metric alert", - "displayName": "Delete classic metric alert", - "name": "Microsoft.Insights/AlertRules/Delete", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert", - "displayName": "Read classic metric alert", - "name": "Microsoft.Insights/AlertRules/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert activated", - "displayName": "Classic metric alert activated", - "name": "Microsoft.Insights/AlertRules/Activated/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert resolved", - "displayName": "Classic metric alert resolved", - "name": "Microsoft.Insights/AlertRules/Resolved/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert rule throttled", - "displayName": "Classic metric alert rule throttled", - "name": "Microsoft.Insights/AlertRules/Throttled/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert incident", - "displayName": "Read classic metric alert incidents", - "name": "Microsoft.Insights/AlertRules/Incidents/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { "description": "Creates or updates an deployment.", "displayName": "Create Deployment", "name": "Microsoft.Resources/deployments/write", @@ -1197070,350 +1197378,84 @@ "providerName": "Microsoft.Resources" }, { - "description": "Get the subscription operation results.", - "displayName": "Get Subscription Operation Results", - "name": "Microsoft.Resources/subscriptions/operationresults/read", + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, { - "description": "Gets the list of subscriptions.", - "displayName": "Get Subscriptions", - "name": "Microsoft.Resources/subscriptions/read", + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, { - "description": "Register the subscription for Microsoft.ToolchainOrchestrator", - "displayName": "Register the Microsoft.ToolchainOrchestrator", - "name": "Microsoft.ToolchainOrchestrator/register/action", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Unregister the subscription for Microsoft.ToolchainOrchestrator", - "displayName": "Unregister the Microsoft.ToolchainOrchestrator", - "name": "Microsoft.ToolchainOrchestrator/unregister/action", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "read Operations", - "displayName": "read_Operations", - "name": "Microsoft.ToolchainOrchestrator/Operations/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Lists Solutions resources within an Azure subscription.", - "displayName": "Solutions_ListBySubscription", - "name": "Microsoft.ToolchainOrchestrator/solutions/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Returns details of specified Solution resource.", - "displayName": "Solutions_Get", - "name": "Microsoft.ToolchainOrchestrator/solutions/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Creates new or updates existing Solution resource.", - "displayName": "Solutions_CreateOrUpdate", - "name": "Microsoft.ToolchainOrchestrator/solutions/write", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Deletes specified Solution resource.", - "displayName": "Solutions_Delete", - "name": "Microsoft.ToolchainOrchestrator/solutions/delete", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Lists Targets resources within an Azure subscription.", - "displayName": "Targets_ListBySubscription", - "name": "Microsoft.ToolchainOrchestrator/targets/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Returns details of specified Target resource.", - "displayName": "Targets_Get", - "name": "Microsoft.ToolchainOrchestrator/targets/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Creates new or updates existing Target resource.", - "displayName": "Targets_CreateOrUpdate", - "name": "Microsoft.ToolchainOrchestrator/targets/write", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Deletes specified Target resource.", - "displayName": "Targets_Delete", - "name": "Microsoft.ToolchainOrchestrator/targets/delete", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Lists Instances resources within an Azure subscription.", - "displayName": "Instances_ListBySubscription", - "name": "Microsoft.ToolchainOrchestrator/instances/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Returns details of specified Instance resource.", - "displayName": "Instances_Get", - "name": "Microsoft.ToolchainOrchestrator/instances/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Creates new or updates existing Instance resource.", - "displayName": "Instances_CreateOrUpdate", - "name": "Microsoft.ToolchainOrchestrator/instances/write", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Deletes specified Instance resource.", - "displayName": "Instances_Delete", - "name": "Microsoft.ToolchainOrchestrator/instances/delete", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Lists campaigns within an Azure subscription.", - "displayName": "Campaigns_ListBySubscription", - "name": "Microsoft.ToolchainOrchestrator/campaigns/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Returns the details of the campaign.", - "displayName": "Campaigns_Get", - "name": "Microsoft.ToolchainOrchestrator/campaigns/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Creates a new or updates an existing campaign.", - "displayName": "Campaigns_CreateOrUpdate", - "name": "Microsoft.ToolchainOrchestrator/campaigns/write", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Deletes a specified campaign.", - "displayName": "Campaigns_Delete", - "name": "Microsoft.ToolchainOrchestrator/campaigns/delete", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Lists activations within an Azure subscription.", - "displayName": "Activations_ListBySubscription", - "name": "Microsoft.ToolchainOrchestrator/activations/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Returns the details of the activation.", - "displayName": "Activations_Get", - "name": "Microsoft.ToolchainOrchestrator/activations/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Creates a new or updates an existing activation.", - "displayName": "Activations_CreateOrUpdate", - "name": "Microsoft.ToolchainOrchestrator/activations/write", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Deletes a specified activation.", - "displayName": "Activations_Delete", - "name": "Microsoft.ToolchainOrchestrator/activations/delete", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Lists Catalogs within an Azure subscription.", - "displayName": "Catalogs_ListBySubscription", - "name": "Microsoft.ToolchainOrchestrator/catalogs/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Returns details of the Catalog.", - "displayName": "Catalogs_Get", - "name": "Microsoft.ToolchainOrchestrator/catalogs/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Creates new or updates the Catalog.", - "displayName": "Catalogs_CreateOrUpdate", - "name": "Microsoft.ToolchainOrchestrator/catalogs/write", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Deletes specified Catalog.", - "displayName": "Catalogs_Delete", - "name": "Microsoft.ToolchainOrchestrator/catalogs/delete", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "read operationStatuses", - "displayName": "read_operationStatuses", - "name": "Microsoft.ToolchainOrchestrator/locations/operationStatuses/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "write operationStatuses", - "displayName": "write_operationStatuses", - "name": "Microsoft.ToolchainOrchestrator/locations/operationStatuses/write", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Returns a collection of SolutionVersion resources belonging to a Solution resource.", - "displayName": "SolutionVersions_ListBySolution", - "name": "Microsoft.ToolchainOrchestrator/solutions/versions/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Creates new or updates existing SolutionVersion resource.", - "displayName": "SolutionVersions_CreateOrUpdate", - "name": "Microsoft.ToolchainOrchestrator/solutions/versions/write", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Deletes specified SolutionVersion resource.", - "displayName": "SolutionVersions_Delete", - "name": "Microsoft.ToolchainOrchestrator/solutions/versions/delete", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Lists CampaignVersions within a Campaign.", - "displayName": "CampaignVersions_ListByCampaign", - "name": "Microsoft.ToolchainOrchestrator/campaigns/versions/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Creates a new or updates an existing campaignVersion.", - "displayName": "CampaignVersions_CreateOrUpdate", - "name": "Microsoft.ToolchainOrchestrator/campaigns/versions/write", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Deletes a specified campaignVersion.", - "displayName": "CampaignVersions_Delete", - "name": "Microsoft.ToolchainOrchestrator/campaigns/versions/delete", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Lists CatalogVersions within a Catalog.", - "displayName": "CatalogVersions_ListByCatalog", - "name": "Microsoft.ToolchainOrchestrator/catalogs/versions/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Creates new or updates a CatalogVersion.", - "displayName": "CatalogVersions_CreateOrUpdate", - "name": "Microsoft.ToolchainOrchestrator/catalogs/versions/write", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Deletes the specified CatalogVersion.", - "displayName": "CatalogVersions_Delete", - "name": "Microsoft.ToolchainOrchestrator/catalogs/versions/delete", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Returns a collection of TargetVersion resources belonging to a Target resource.", - "displayName": "TargetVersions_ListByTarget", - "name": "Microsoft.ToolchainOrchestrator/targets/versions/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" - }, - { - "description": "Creates new or updates existing TargetVersion resource.", - "displayName": "TargetVersions_CreateOrUpdate", - "name": "Microsoft.ToolchainOrchestrator/targets/versions/write", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Deletes specified TargetVersion resource.", - "displayName": "TargetVersions_Delete", - "name": "Microsoft.ToolchainOrchestrator/targets/versions/delete", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Returns a collection of InstanceVersion resources belonging to an Instance resource.", - "displayName": "InstanceVersions_ListByInstance", - "name": "Microsoft.ToolchainOrchestrator/instances/versions/read", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Creates new or updates existing InstanceVersion resource.", - "displayName": "InstanceVersions_CreateOrUpdate", - "name": "Microsoft.ToolchainOrchestrator/instances/versions/write", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Deletes specified InstanceVersion resource.", - "displayName": "InstanceVersions_Delete", - "name": "Microsoft.ToolchainOrchestrator/instances/versions/delete", - "providerDisplayName": "Microsoft.ToolchainOrchestrator", - "providerName": "Microsoft.ToolchainOrchestrator" + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ + "Microsoft.Compute/galleries/*", + "Microsoft.Compute/locations/capsOperations/read", + "Microsoft.Compute/locations/communityGalleries/*", + "Microsoft.Compute/locations/sharedGalleries/*", + "Microsoft.Compute/images/*", + "Microsoft.Compute/virtualMachines/write", + "Microsoft.Compute/disks/write", + "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/write", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ToolchainOrchestrator/*" + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, "conditionVersion": null, "dataActions": [], - "notActions": [], + "notActions": [ + "Microsoft.Compute/galleries/share/action" + ], "notDataActions": [] } ] @@ -1200990,34 +1201032,6 @@ } ] }, - { - "description": "View home page.", - "hasExternal": false, - "hasUnknown": false, - "name": "Grafana Limited Viewer", - "permittedActions": [], - "permittedDataActions": [ - { - "description": "Act as Grafana Limited Viewer role", - "displayName": "Act as Grafana Limited Viewer role", - "name": "Microsoft.Dashboard/grafana/ActAsGrafanaLimitedViewer/action", - "providerDisplayName": "Microsoft.Dashboard", - "providerName": "Microsoft.Dashboard" - } - ], - "rawPermissions": [ - { - "actions": [], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.Dashboard/grafana/ActAsGrafanaLimitedViewer/action" - ], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Provides permissions to read, write or delete disk encryption sets which are used for encrypting managed disks with customer managed keys", "hasExternal": false, @@ -1201060,6 +1201074,34 @@ } ] }, + { + "description": "View home page.", + "hasExternal": false, + "hasUnknown": false, + "name": "Grafana Limited Viewer", + "permittedActions": [], + "permittedDataActions": [ + { + "description": "Act as Grafana Limited Viewer role", + "displayName": "Act as Grafana Limited Viewer role", + "name": "Microsoft.Dashboard/grafana/ActAsGrafanaLimitedViewer/action", + "providerDisplayName": "Microsoft.Dashboard", + "providerName": "Microsoft.Dashboard" + } + ], + "rawPermissions": [ + { + "actions": [], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.Dashboard/grafana/ActAsGrafanaLimitedViewer/action" + ], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Provide access to Field Imagery Solution by Bayer Ag Powered Services", "hasExternal": false, @@ -1209126,10 +1209168,10 @@ ] }, { - "description": "Read, logstream and exec into Container Apps.", + "description": "Read access to ContainerApps sessionpools.", "hasExternal": false, "hasUnknown": false, - "name": "Container Apps Operator", + "name": "Container Apps SessionPools Reader", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1209370,338 +1209412,24 @@ "providerName": "Microsoft.Insights" }, { - "description": "Get revision of a container app", - "displayName": "Read Container App Revision", - "name": "microsoft.app/containerapps/revisions/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get replica of a container app revision", - "displayName": "Read Container App Revision Replica", - "name": "microsoft.app/containerapps/revisions/replicas/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get auth config of a container app", - "displayName": "Read Container App Auth Configuration", - "name": "microsoft.app/containerapps/authconfigs/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get Container App Source Control Configuration", - "displayName": "Get Container App Source Control", - "name": "microsoft.app/containerapps/sourcecontrols/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get detector of a container app", - "displayName": "Read Container App Detector", - "name": "microsoft.app/containerapps/detectors/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get Container App Private Endpoint Connection Proxy", - "displayName": "Get Container App Private Endpoint Connection Proxy", - "name": "microsoft.app/containerapps/privateendpointconnectionproxies/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get Container App Private Endpoint Connection", - "displayName": "Get Container App Private Endpoint Connection", - "name": "microsoft.app/containerapps/privateendpointconnections/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get Container App Private Link Resource", - "displayName": "Get Container App Private Link Resource", - "name": "microsoft.app/containerapps/privatelinkresources/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get a Container App's label history", - "displayName": "Read all label history", - "name": "microsoft.app/containerapps/labelhistory/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "List secrets of a container app", - "displayName": "List Container App Secrets", - "name": "microsoft.app/containerapps/listsecrets/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "List custom host name analysis result", - "displayName": "List Container App Custom Host Name Anaylysis", - "name": "microsoft.app/containerapps/listcustomhostnameanalysis/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Stop a Container App", - "displayName": "Stop Container App", - "name": "microsoft.app/containerapps/stop/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Start a Container App", - "displayName": "Start Container App", - "name": "microsoft.app/containerapps/start/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get Auth Token for Container App Dev APIs to get log stream, exec or port forward from a container. This operation will be deprecated soon.", - "displayName": "Auth Token for Container App Dev APIs", - "name": "microsoft.app/containerapps/authtoken/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get Auth Token for Container App Dev APIs to get log stream, exec or port forward from a container.", - "displayName": "Auth Token for Container App Dev APIs", - "name": "microsoft.app/containerapps/getauthtoken/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Restart a container app revision", - "displayName": "Restart Container App Revision", - "name": "microsoft.app/containerapps/revisions/restart/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Activate a container app revision", - "displayName": "Activate Container App Revision", - "name": "microsoft.app/containerapps/revisions/activate/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Deactivate a container app revision", - "displayName": "Deactivate Container App Revision", - "name": "microsoft.app/containerapps/revisions/deactivate/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Validate Container App Private Endpoint Connection Proxy", - "displayName": "Validate Container App Private Endpoint Connection Proxy", - "name": "microsoft.app/containerapps/privateendpointconnectionproxies/validate/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get a Managed Environment", - "displayName": "Read Managed Environment", - "name": "microsoft.app/managedenvironments/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get a Managed Environment's Certificate", - "displayName": "Read Managed Environment Certificate", - "name": "microsoft.app/managedenvironments/certificates/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get storage for a Managed Environment.", - "displayName": "Read Managed Environment Storage.", - "name": "microsoft.app/managedenvironments/storages/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Read Managed Environment Dapr Component", - "displayName": "Read Managed Environment Dapr Component", - "name": "microsoft.app/managedenvironments/daprcomponents/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get detector of a managed environment", - "displayName": "Read Managed Environment Detector", - "name": "microsoft.app/managedenvironments/detectors/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get Current Workload Profile States", - "displayName": "Read Current Workload Profile State", - "name": "microsoft.app/managedenvironments/workloadprofilestates/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get a Managed Certificate in Managed Environment", - "displayName": "Read Managed Certificate in Managed Environment", - "name": "microsoft.app/managedenvironments/managedcertificates/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get Quota Usages in a Managed Environment", - "displayName": "Read Managed Environment Quota Usages", - "name": "microsoft.app/managedenvironments/usages/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Read Managed Environment Dapr Component Resiliency Policy", - "displayName": "Read Managed Environment Dapr Component Resiliency Policy", - "name": "microsoft.app/managedenvironments/daprcomponents/resiliencypolicies/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Read Managed Environment Dapr PubSub Subscription", - "displayName": "Read Managed Environment Dapr PubSub Subscription", - "name": "microsoft.app/managedenvironments/daprcomponents/daprsubscriptions/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Read Managed Environment .NET Component", - "displayName": "Read Managed Environment .NET Component", - "name": "microsoft.app/managedenvironments/dotnetcomponents/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Read Managed Environment Java Component", - "displayName": "Read Managed Environment Java Component", - "name": "microsoft.app/managedenvironments/javacomponents/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get Managed Environment Private Endpoint Connection Proxy", - "displayName": "Get Managed Environment Private Endpoint Connection Proxy", - "name": "microsoft.app/managedenvironments/privateendpointconnectionproxies/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get Managed Environment Private Endpoint Connection", - "displayName": "Get Managed Environment Private Endpoint Connection", - "name": "microsoft.app/managedenvironments/privateendpointconnections/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get Managed Environment Private Link Resource", - "displayName": "Get Managed Environment Private Link Resource", - "name": "microsoft.app/managedenvironments/privatelinkresources/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Allows to create a Container App in a Managed Environment", - "displayName": "Join Managed Environment", - "name": "microsoft.app/managedenvironments/join/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Check reource name availability for a Managed Environment", - "displayName": "Check Managed Environment Name Availability", - "name": "microsoft.app/managedenvironments/checknameavailability/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get a Connected Environment", - "displayName": "Read Connected Environment", - "name": "microsoft.app/connectedenvironments/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get storage for a Connected Environment.", - "displayName": "Read Connected Environment Storage.", - "name": "microsoft.app/connectedenvironments/storages/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Read Connected Environment Dapr Component", - "displayName": "Read Connected Environment Dapr Component", - "name": "microsoft.app/connectedenvironments/daprcomponents/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get a Connected Environment's Certificate", - "displayName": "Read Connected Environment Certificate", - "name": "microsoft.app/connectedenvironments/certificates/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Allows to create a Container App or Container Apps Job in a Connected Environment", - "displayName": "Join Connected Environment", - "name": "microsoft.app/connectedenvironments/join/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Check reource name availability for a Connected Environment", - "displayName": "Check Connected Environment Name Availability", - "name": "microsoft.app/connectedenvironments/checknameavailability/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - } - ], - "permittedDataActions": [ - { - "description": "View log stream of a container app", - "displayName": "View Container App Log Stream", - "name": "microsoft.app/containerApps/logstream/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Connect to console of a container app", - "displayName": "Connect Container App Console", - "name": "microsoft.app/containerApps/exec/action", + "description": "Get a Session", + "displayName": "Read Session", + "name": "microsoft.app/sessionpools/sessions/read", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" } ], + "permittedDataActions": [], "rawPermissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "Microsoft.App/containerApps/*/read", - "Microsoft.App/containerApps/*/action", - "Microsoft.App/managedEnvironments/read", - "Microsoft.App/managedEnvironments/*/read", - "Microsoft.App/managedEnvironments/join/action", - "Microsoft.App/managedEnvironments/checknameavailability/action", - "Microsoft.App/connectedEnvironments/read", - "Microsoft.App/connectedEnvironments/*/read", - "Microsoft.App/connectedEnvironments/join/action", - "Microsoft.App/connectedEnvironments/checknameavailability/action" + "Microsoft.App/sessionPools/*/read" ], "condition": null, "conditionVersion": null, - "dataActions": [ - "Microsoft.App/containerApps/logstream/action", - "Microsoft.App/containerApps/exec/action" - ], + "dataActions": [], "notActions": [], "notDataActions": [] } @@ -1210308,6 +1210036,365 @@ } ] }, + { + "description": "Read access to ContainerApps managedenvironments.", + "hasExternal": false, + "hasUnknown": false, + "name": "Container Apps ManagedEnvironments Reader", + "permittedActions": [ + { + "description": "Reads the administrators for the subscription.", + "displayName": "Get administrator", + "name": "Microsoft.Authorization/classicAdministrators/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role assignment.", + "displayName": "Get role assignment", + "name": "Microsoft.Authorization/roleAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Lists all the permissions the caller has at a given scope.", + "displayName": "List permissions", + "name": "Microsoft.Authorization/permissions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets locks at the specified scope.", + "displayName": "Get management locks", + "name": "Microsoft.Authorization/locks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role definition.", + "displayName": "Get role definition", + "name": "Microsoft.Authorization/roleDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get operations for all resource providers which can be used in role definitions.", + "displayName": "Get operations for resource providers", + "name": "Microsoft.Authorization/providerOperations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy set definition.", + "displayName": "Get policy set definition", + "name": "Microsoft.Authorization/policySetDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy definition.", + "displayName": "Get policy definition", + "name": "Microsoft.Authorization/policyDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy assignment.", + "displayName": "Get policy assignment", + "name": "Microsoft.Authorization/policyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the list of operations", + "displayName": "Get operations", + "name": "Microsoft.Authorization/operations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the administrator opreation statuses of the subscription.", + "displayName": "Get administrator operation statuses", + "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a deny assignment.", + "displayName": "Get deny assignment", + "name": "Microsoft.Authorization/denyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about resource management private link.", + "displayName": "Get Resource Management Private Link", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection proxy.", + "displayName": "Get Private Endpoint Connection Proxy", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private link association.", + "displayName": "Get Private Link Association", + "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy exemption.", + "displayName": "Get policy exemption", + "name": "Microsoft.Authorization/policyExemptions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule requests at given scope.", + "displayName": "Get Role assignment schedule request", + "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule requests at given scope.", + "displayName": "Get Role eligibility schedule request", + "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedules at given scope.", + "displayName": "Get Role assignment schedule", + "name": "Microsoft.Authorization/roleAssignmentSchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedules at given scope.", + "displayName": "Get Role eligibility schedule", + "name": "Microsoft.Authorization/roleEligibilitySchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule instances at given scope.", + "displayName": "Get Role assignment schedule instance", + "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule instances at given scope.", + "displayName": "Get Role eligibility schedule instance", + "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get Role management policies", + "displayName": "Get Role management policy", + "name": "Microsoft.Authorization/roleManagementPolicies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get role management policy assignments", + "displayName": "Get Role management policy assignment", + "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Read the information about diagnostics settings", + "displayName": "Get information about diagnostics settings", + "name": "Microsoft.Authorization/diagnosticSettings/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get the information about diagnostic settings categories", + "displayName": "Read the information about diagnostic settings categories", + "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Create or update a classic metric alert", + "displayName": "Create or update classic metric alert", + "name": "Microsoft.Insights/AlertRules/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Delete a classic metric alert", + "displayName": "Delete classic metric alert", + "name": "Microsoft.Insights/AlertRules/Delete", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert", + "displayName": "Read classic metric alert", + "name": "Microsoft.Insights/AlertRules/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert activated", + "displayName": "Classic metric alert activated", + "name": "Microsoft.Insights/AlertRules/Activated/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert resolved", + "displayName": "Classic metric alert resolved", + "name": "Microsoft.Insights/AlertRules/Resolved/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert rule throttled", + "displayName": "Classic metric alert rule throttled", + "name": "Microsoft.Insights/AlertRules/Throttled/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert incident", + "displayName": "Read classic metric alert incidents", + "name": "Microsoft.Insights/AlertRules/Incidents/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Get a Managed Environment's Certificate", + "displayName": "Read Managed Environment Certificate", + "name": "microsoft.app/managedenvironments/certificates/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get storage for a Managed Environment.", + "displayName": "Read Managed Environment Storage.", + "name": "microsoft.app/managedenvironments/storages/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Read Managed Environment Dapr Component", + "displayName": "Read Managed Environment Dapr Component", + "name": "microsoft.app/managedenvironments/daprcomponents/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get detector of a managed environment", + "displayName": "Read Managed Environment Detector", + "name": "microsoft.app/managedenvironments/detectors/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get Current Workload Profile States", + "displayName": "Read Current Workload Profile State", + "name": "microsoft.app/managedenvironments/workloadprofilestates/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get a Managed Certificate in Managed Environment", + "displayName": "Read Managed Certificate in Managed Environment", + "name": "microsoft.app/managedenvironments/managedcertificates/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get Quota Usages in a Managed Environment", + "displayName": "Read Managed Environment Quota Usages", + "name": "microsoft.app/managedenvironments/usages/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Read Managed Environment Dapr Component Resiliency Policy", + "displayName": "Read Managed Environment Dapr Component Resiliency Policy", + "name": "microsoft.app/managedenvironments/daprcomponents/resiliencypolicies/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Read Managed Environment Dapr PubSub Subscription", + "displayName": "Read Managed Environment Dapr PubSub Subscription", + "name": "microsoft.app/managedenvironments/daprcomponents/daprsubscriptions/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Read Managed Environment .NET Component", + "displayName": "Read Managed Environment .NET Component", + "name": "microsoft.app/managedenvironments/dotnetcomponents/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Read Managed Environment Java Component", + "displayName": "Read Managed Environment Java Component", + "name": "microsoft.app/managedenvironments/javacomponents/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get Managed Environment Private Endpoint Connection Proxy", + "displayName": "Get Managed Environment Private Endpoint Connection Proxy", + "name": "microsoft.app/managedenvironments/privateendpointconnectionproxies/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get Managed Environment Private Endpoint Connection", + "displayName": "Get Managed Environment Private Endpoint Connection", + "name": "microsoft.app/managedenvironments/privateendpointconnections/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get Managed Environment Private Link Resource", + "displayName": "Get Managed Environment Private Link Resource", + "name": "microsoft.app/managedenvironments/privatelinkresources/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.App/managedEnvironments/*/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Full management of Container Apps, including creation, deletion, and updates.", "hasExternal": false, @@ -1210945,10 +1211032,10 @@ ] }, { - "description": "Read access to ContainerApps managedenvironments.", + "description": "Full management of Container Apps SessionPools, including creation, deletion, and updates.", "hasExternal": false, - "hasUnknown": false, - "name": "Container Apps ManagedEnvironments Reader", + "hasUnknown": true, + "name": "Container Apps SessionPools Contributor", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1211188,6 +1211275,27 @@ "providerDisplayName": "Microsoft Azure Monitor", "providerName": "Microsoft.Insights" }, + { + "description": "Get a Session", + "displayName": "Read Session", + "name": "microsoft.app/sessionpools/sessions/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Generate sessions", + "displayName": "Generate Sessions", + "name": "microsoft.app/sessionpools/sessions/generatesessions/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get a Managed Environment", + "displayName": "Read Managed Environment", + "name": "microsoft.app/managedenvironments/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, { "description": "Get a Managed Environment's Certificate", "displayName": "Read Managed Environment Certificate", @@ -1211285,6 +1211393,125 @@ "name": "microsoft.app/managedenvironments/privatelinkresources/read", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" + }, + { + "description": "Allows to create a Container App in a Managed Environment", + "displayName": "Join Managed Environment", + "name": "microsoft.app/managedenvironments/join/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Check reource name availability for a Managed Environment", + "displayName": "Check Managed Environment Name Availability", + "name": "microsoft.app/managedenvironments/checknameavailability/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get a Connected Environment", + "displayName": "Read Connected Environment", + "name": "microsoft.app/connectedenvironments/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get storage for a Connected Environment.", + "displayName": "Read Connected Environment Storage.", + "name": "microsoft.app/connectedenvironments/storages/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Read Connected Environment Dapr Component", + "displayName": "Read Connected Environment Dapr Component", + "name": "microsoft.app/connectedenvironments/daprcomponents/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get a Connected Environment's Certificate", + "displayName": "Read Connected Environment Certificate", + "name": "microsoft.app/connectedenvironments/certificates/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Allows to create a Container App or Container Apps Job in a Connected Environment", + "displayName": "Join Connected Environment", + "name": "microsoft.app/connectedenvironments/join/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Check reource name availability for a Connected Environment", + "displayName": "Check Connected Environment Name Availability", + "name": "microsoft.app/connectedenvironments/checknameavailability/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" } ], "permittedDataActions": [], @@ -1211293,7 +1211520,19 @@ "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "Microsoft.App/managedEnvironments/*/read" + "Microsoft.App/sessionPools/*/read", + "Microsoft.App/sessionPools/*/write", + "Microsoft.App/sessionPools/*/delete", + "Microsoft.App/sessionPools/*/action", + "microsoft.App/managedEnvironments/read", + "Microsoft.App/managedEnvironments/*/read", + "Microsoft.App/managedEnvironments/join/action", + "Microsoft.App/managedEnvironments/checknameavailability/action", + "microsoft.App/connectedEnvironments/read", + "Microsoft.App/connectedEnvironments/*/read", + "Microsoft.App/connectedEnvironments/join/action", + "Microsoft.App/connectedEnvironments/checknameavailability/action", + "Microsoft.Resources/deployments/*" ], "condition": null, "conditionVersion": null, @@ -1211362,10 +1211601,10 @@ ] }, { - "description": "Read access to ContainerApps sessionpools.", + "description": "Read, logstream and exec into Container Apps.", "hasExternal": false, "hasUnknown": false, - "name": "Container Apps SessionPools Reader", + "name": "Container Apps Operator", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1211606,361 +1211845,135 @@ "providerName": "Microsoft.Insights" }, { - "description": "Get a Session", - "displayName": "Read Session", - "name": "microsoft.app/sessionpools/sessions/read", + "description": "Get revision of a container app", + "displayName": "Read Container App Revision", + "name": "microsoft.app/containerapps/revisions/read", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.App/sessionPools/*/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Full management of Container Apps jobs, including creation, deletion, and updates.", - "hasExternal": false, - "hasUnknown": false, - "name": "Container Apps Jobs Contributor", - "permittedActions": [ - { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Create or update a classic metric alert", - "displayName": "Create or update classic metric alert", - "name": "Microsoft.Insights/AlertRules/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Delete a classic metric alert", - "displayName": "Delete classic metric alert", - "name": "Microsoft.Insights/AlertRules/Delete", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" }, { - "description": "Read a classic metric alert", - "displayName": "Read classic metric alert", - "name": "Microsoft.Insights/AlertRules/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Get replica of a container app revision", + "displayName": "Read Container App Revision Replica", + "name": "microsoft.app/containerapps/revisions/replicas/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" }, { - "description": "Classic metric alert activated", - "displayName": "Classic metric alert activated", - "name": "Microsoft.Insights/AlertRules/Activated/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Get auth config of a container app", + "displayName": "Read Container App Auth Configuration", + "name": "microsoft.app/containerapps/authconfigs/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" }, { - "description": "Classic metric alert resolved", - "displayName": "Classic metric alert resolved", - "name": "Microsoft.Insights/AlertRules/Resolved/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Get Container App Source Control Configuration", + "displayName": "Get Container App Source Control", + "name": "microsoft.app/containerapps/sourcecontrols/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" }, { - "description": "Classic metric alert rule throttled", - "displayName": "Classic metric alert rule throttled", - "name": "Microsoft.Insights/AlertRules/Throttled/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Get detector of a container app", + "displayName": "Read Container App Detector", + "name": "microsoft.app/containerapps/detectors/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" }, { - "description": "Read a classic metric alert incident", - "displayName": "Read classic metric alert incidents", - "name": "Microsoft.Insights/AlertRules/Incidents/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Get Container App Private Endpoint Connection Proxy", + "displayName": "Get Container App Private Endpoint Connection Proxy", + "name": "microsoft.app/containerapps/privateendpointconnectionproxies/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" }, { - "description": "Get a Container Apps Job", - "displayName": "Read Container Apps Job", - "name": "microsoft.app/jobs/read", + "description": "Get Container App Private Endpoint Connection", + "displayName": "Get Container App Private Endpoint Connection", + "name": "microsoft.app/containerapps/privateendpointconnections/read", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, { - "description": "Get a Container Apps Job's execution history", - "displayName": "Get a Container Apps Job's execution history", - "name": "microsoft.app/jobs/executions/read", + "description": "Get Container App Private Link Resource", + "displayName": "Get Container App Private Link Resource", + "name": "microsoft.app/containerapps/privatelinkresources/read", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, { - "description": "Get a single execution from a Container Apps Job", - "displayName": "Get a single execution from a Container Apps Job", - "name": "microsoft.app/jobs/execution/read", + "description": "Get a Container App's label history", + "displayName": "Read all label history", + "name": "microsoft.app/containerapps/labelhistory/read", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, { - "description": "Get detector of a container apps job", - "displayName": "Read Container Apps Job Detector", - "name": "microsoft.app/jobs/detectors/read", + "description": "List secrets of a container app", + "displayName": "List Container App Secrets", + "name": "microsoft.app/containerapps/listsecrets/action", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, { - "description": "Start a Container Apps Job", - "displayName": "Start a Container Apps Job", - "name": "microsoft.app/jobs/start/action", + "description": "List custom host name analysis result", + "displayName": "List Container App Custom Host Name Anaylysis", + "name": "microsoft.app/containerapps/listcustomhostnameanalysis/action", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, { - "description": "Stop multiple Container Apps Job executions", - "displayName": "Stop multiple Container Apps Job executions", - "name": "microsoft.app/jobs/stop/action", + "description": "Stop a Container App", + "displayName": "Stop Container App", + "name": "microsoft.app/containerapps/stop/action", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, { - "description": "List secrets of a container apps job", - "displayName": "List Container Apps Job Secrets", - "name": "microsoft.app/jobs/listsecrets/action", + "description": "Start a Container App", + "displayName": "Start Container App", + "name": "microsoft.app/containerapps/start/action", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, { "description": "Get Auth Token for Container App Dev APIs to get log stream, exec or port forward from a container. This operation will be deprecated soon.", "displayName": "Auth Token for Container App Dev APIs", - "name": "microsoft.app/jobs/authtoken/action", + "name": "microsoft.app/containerapps/authtoken/action", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, { "description": "Get Auth Token for Container App Dev APIs to get log stream, exec or port forward from a container.", "displayName": "Auth Token for Container App Dev APIs", - "name": "microsoft.app/jobs/getauthtoken/action", + "name": "microsoft.app/containerapps/getauthtoken/action", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, { - "description": "Stop a Container Apps Job's specific execution", - "displayName": "Stop a Container Apps Job's specific execution", - "name": "microsoft.app/jobs/stop/execution/action", + "description": "Restart a container app revision", + "displayName": "Restart Container App Revision", + "name": "microsoft.app/containerapps/revisions/restart/action", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, { - "description": "Stop a Container Apps Job's specific execution", - "displayName": "Stop a Container Apps Job's specific execution", - "name": "microsoft.app/jobs/stop/execution/backport/action", + "description": "Activate a container app revision", + "displayName": "Activate Container App Revision", + "name": "microsoft.app/containerapps/revisions/activate/action", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, { - "description": "Create or update a Container Apps Job", - "displayName": "Create or Update Container Apps Job", - "name": "microsoft.app/jobs/write", + "description": "Deactivate a container app revision", + "displayName": "Deactivate Container App Revision", + "name": "microsoft.app/containerapps/revisions/deactivate/action", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, { - "description": "Delete a Container Apps Job", - "displayName": "Delete Container Apps Job", - "name": "microsoft.app/jobs/delete", + "description": "Validate Container App Private Endpoint Connection Proxy", + "displayName": "Validate Container App Private Endpoint Connection Proxy", + "name": "microsoft.app/containerapps/privateendpointconnectionproxies/validate/action", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, @@ -1212124,105 +1212137,56 @@ "name": "microsoft.app/connectedenvironments/checknameavailability/action", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, + } + ], + "permittedDataActions": [ { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "View log stream of a container app", + "displayName": "View Container App Log Stream", + "name": "microsoft.app/containerApps/logstream/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" }, { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Connect to console of a container app", + "displayName": "Connect Container App Console", + "name": "microsoft.app/containerApps/exec/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" } ], - "permittedDataActions": [], "rawPermissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "microsoft.app/jobs/read", - "Microsoft.App/jobs/*/read", - "Microsoft.App/jobs/*/action", - "Microsoft.App/jobs/write", - "Microsoft.App/jobs/delete", - "Microsoft.app/managedenvironments/read", - "Microsoft.App/managedenvironments/*/read", - "Microsoft.App/managedenvironments/join/action", - "Microsoft.App/managedenvironments/checknameavailability/action", - "Microsoft.app/connectedEnvironments/read", + "Microsoft.App/containerApps/*/read", + "Microsoft.App/containerApps/*/action", + "Microsoft.App/managedEnvironments/read", + "Microsoft.App/managedEnvironments/*/read", + "Microsoft.App/managedEnvironments/join/action", + "Microsoft.App/managedEnvironments/checknameavailability/action", + "Microsoft.App/connectedEnvironments/read", "Microsoft.App/connectedEnvironments/*/read", "Microsoft.App/connectedEnvironments/join/action", - "Microsoft.App/connectedEnvironments/checknameavailability/action", - "Microsoft.Resources/deployments/*" + "Microsoft.App/connectedEnvironments/checknameavailability/action" ], "condition": null, "conditionVersion": null, - "dataActions": [], + "dataActions": [ + "Microsoft.App/containerApps/logstream/action", + "Microsoft.App/containerApps/exec/action" + ], "notActions": [], "notDataActions": [] } ] }, { - "description": "Full management of Container Apps SessionPools, including creation, deletion, and updates.", + "description": "Full management of Container Apps jobs, including creation, deletion, and updates.", "hasExternal": false, - "hasUnknown": true, - "name": "Container Apps SessionPools Contributor", + "hasUnknown": false, + "name": "Container Apps Jobs Contributor", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1212463,16 +1212427,93 @@ "providerName": "Microsoft.Insights" }, { - "description": "Get a Session", - "displayName": "Read Session", - "name": "microsoft.app/sessionpools/sessions/read", + "description": "Get a Container Apps Job", + "displayName": "Read Container Apps Job", + "name": "microsoft.app/jobs/read", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, { - "description": "Generate sessions", - "displayName": "Generate Sessions", - "name": "microsoft.app/sessionpools/sessions/generatesessions/action", + "description": "Get a Container Apps Job's execution history", + "displayName": "Get a Container Apps Job's execution history", + "name": "microsoft.app/jobs/executions/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get a single execution from a Container Apps Job", + "displayName": "Get a single execution from a Container Apps Job", + "name": "microsoft.app/jobs/execution/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get detector of a container apps job", + "displayName": "Read Container Apps Job Detector", + "name": "microsoft.app/jobs/detectors/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Start a Container Apps Job", + "displayName": "Start a Container Apps Job", + "name": "microsoft.app/jobs/start/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Stop multiple Container Apps Job executions", + "displayName": "Stop multiple Container Apps Job executions", + "name": "microsoft.app/jobs/stop/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "List secrets of a container apps job", + "displayName": "List Container Apps Job Secrets", + "name": "microsoft.app/jobs/listsecrets/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get Auth Token for Container App Dev APIs to get log stream, exec or port forward from a container. This operation will be deprecated soon.", + "displayName": "Auth Token for Container App Dev APIs", + "name": "microsoft.app/jobs/authtoken/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get Auth Token for Container App Dev APIs to get log stream, exec or port forward from a container.", + "displayName": "Auth Token for Container App Dev APIs", + "name": "microsoft.app/jobs/getauthtoken/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Stop a Container Apps Job's specific execution", + "displayName": "Stop a Container Apps Job's specific execution", + "name": "microsoft.app/jobs/stop/execution/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Stop a Container Apps Job's specific execution", + "displayName": "Stop a Container Apps Job's specific execution", + "name": "microsoft.app/jobs/stop/execution/backport/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Create or update a Container Apps Job", + "displayName": "Create or Update Container Apps Job", + "name": "microsoft.app/jobs/write", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Delete a Container Apps Job", + "displayName": "Delete Container Apps Job", + "name": "microsoft.app/jobs/delete", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, @@ -1212707,15 +1212748,16 @@ "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "Microsoft.App/sessionPools/*/read", - "Microsoft.App/sessionPools/*/write", - "Microsoft.App/sessionPools/*/delete", - "Microsoft.App/sessionPools/*/action", - "microsoft.App/managedEnvironments/read", - "Microsoft.App/managedEnvironments/*/read", - "Microsoft.App/managedEnvironments/join/action", - "Microsoft.App/managedEnvironments/checknameavailability/action", - "microsoft.App/connectedEnvironments/read", + "microsoft.app/jobs/read", + "Microsoft.App/jobs/*/read", + "Microsoft.App/jobs/*/action", + "Microsoft.App/jobs/write", + "Microsoft.App/jobs/delete", + "Microsoft.app/managedenvironments/read", + "Microsoft.App/managedenvironments/*/read", + "Microsoft.App/managedenvironments/join/action", + "Microsoft.App/managedenvironments/checknameavailability/action", + "Microsoft.app/connectedEnvironments/read", "Microsoft.App/connectedEnvironments/*/read", "Microsoft.App/connectedEnvironments/join/action", "Microsoft.App/connectedEnvironments/checknameavailability/action", @@ -1213189,6 +1213231,34 @@ } ] }, + { + "description": "Provide full access to all Azure Device Update agent operations", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Device Update Agent", + "permittedActions": [], + "permittedDataActions": [ + { + "description": "Perform all operations related to agent updating (i.e. request updates & report update results)", + "displayName": "Agent Updating", + "name": "Microsoft.DeviceUpdate/updateAccounts/agents/requestUpdate/action", + "providerDisplayName": "Microsoft.DeviceUpdate", + "providerName": "Microsoft.DeviceUpdate" + } + ], + "rawPermissions": [ + { + "actions": [], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.DeviceUpdate/updateAccounts/agents/requestUpdate/action" + ], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Read all resources in Azure Virtual Enclaves and Approve approval requests within the Enclave", "hasExternal": false, @@ -1213736,34 +1213806,6 @@ } ] }, - { - "description": "Provide full access to all Azure Device Update agent operations", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Device Update Agent", - "permittedActions": [], - "permittedDataActions": [ - { - "description": "Perform all operations related to agent updating (i.e. request updates & report update results)", - "displayName": "Agent Updating", - "name": "Microsoft.DeviceUpdate/updateAccounts/agents/requestUpdate/action", - "providerDisplayName": "Microsoft.DeviceUpdate", - "providerName": "Microsoft.DeviceUpdate" - } - ], - "rawPermissions": [ - { - "actions": [], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.DeviceUpdate/updateAccounts/agents/requestUpdate/action" - ], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Allows permanent deletion of soft-deleted vaults.", "hasExternal": false, @@ -1218161,472 +1218203,6 @@ "notDataActions": [] } ] - }, - { - "description": "Lets you managed your Service Fabric Managed Cluster resources", - "hasExternal": false, - "hasUnknown": false, - "name": "Service Fabric Managed Cluster Contributor", - "permittedActions": [ - { - "description": "Read any Managed Clusters", - "displayName": "Read Managed Clusters", - "name": "Microsoft.ServiceFabric/managedclusters/read", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Create or Update any Managed Clusters", - "displayName": "Create or Update Managed Clusters", - "name": "Microsoft.ServiceFabric/managedclusters/write", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Delete any Managed Clusters", - "displayName": "Delete Managed Clusters", - "name": "Microsoft.ServiceFabric/managedclusters/delete", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Read any Node Type", - "displayName": "Read Node Type", - "name": "Microsoft.ServiceFabric/managedclusters/nodetypes/read", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Create or Update any Node Type", - "displayName": "Create or Update Node Type", - "name": "Microsoft.ServiceFabric/managedclusters/nodetypes/write", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Delete Node Type", - "displayName": "Delete Node Type", - "name": "Microsoft.ServiceFabric/managedclusters/nodetypes/delete", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Read Node Type supported SKUs", - "displayName": "Read Node Type SKUs", - "name": "Microsoft.ServiceFabric/managedclusters/nodetypes/skus/read", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Read any Application Type", - "displayName": "Read Application Type", - "name": "Microsoft.ServiceFabric/managedclusters/applicationTypes/read", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Create or Update any Application Type", - "displayName": "Create or Update Application Type", - "name": "Microsoft.ServiceFabric/managedclusters/applicationTypes/write", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Delete any Application Type", - "displayName": "Delete Application Type", - "name": "Microsoft.ServiceFabric/managedclusters/applicationTypes/delete", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Read any Application Type Version", - "displayName": "Read Application Type Version", - "name": "Microsoft.ServiceFabric/managedclusters/applicationTypes/versions/read", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Create or Update any Application Type Version", - "displayName": "Create or Update Application Type Version", - "name": "Microsoft.ServiceFabric/managedclusters/applicationTypes/versions/write", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Delete any Application Type Version", - "displayName": "Delete Application Type Version", - "name": "Microsoft.ServiceFabric/managedclusters/applicationTypes/versions/delete", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Read any Application", - "displayName": "Read Application", - "name": "Microsoft.ServiceFabric/managedclusters/applications/read", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Create or Update any Application", - "displayName": "Create or Update Application", - "name": "Microsoft.ServiceFabric/managedclusters/applications/write", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Delete any Application", - "displayName": "Delete Application", - "name": "Microsoft.ServiceFabric/managedclusters/applications/delete", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Read any Service", - "displayName": "Read Service", - "name": "Microsoft.ServiceFabric/managedclusters/applications/services/read", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Create or Update any Service", - "displayName": "Create or Update Service", - "name": "Microsoft.ServiceFabric/managedclusters/applications/services/write", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Delete any Service", - "displayName": "Delete Service", - "name": "Microsoft.ServiceFabric/managedclusters/applications/services/delete", - "providerDisplayName": "Microsoft ServiceFabric", - "providerName": "Microsoft.ServiceFabric" - }, - { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Create or update a classic metric alert", - "displayName": "Create or update classic metric alert", - "name": "Microsoft.Insights/AlertRules/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Delete a classic metric alert", - "displayName": "Delete classic metric alert", - "name": "Microsoft.Insights/AlertRules/Delete", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert", - "displayName": "Read classic metric alert", - "name": "Microsoft.Insights/AlertRules/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert activated", - "displayName": "Classic metric alert activated", - "name": "Microsoft.Insights/AlertRules/Activated/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert resolved", - "displayName": "Classic metric alert resolved", - "name": "Microsoft.Insights/AlertRules/Resolved/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert rule throttled", - "displayName": "Classic metric alert rule throttled", - "name": "Microsoft.Insights/AlertRules/Throttled/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert incident", - "displayName": "Read classic metric alert incidents", - "name": "Microsoft.Insights/AlertRules/Incidents/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.ServiceFabric/managedclusters/*", - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] } ] } \ No newline at end of file diff --git a/azure/map.json b/azure/map.json index a0a001b1a..2531e841e 100644 --- a/azure/map.json +++ b/azure/map.json @@ -58454,6 +58454,16 @@ "automated": true } }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/NewRelic.Observability/monitors/{monitorName}/refreshIngestionKey": { + "NewRelic.Observability/monitors/refreshIngestionKey/action": { + "automated": true + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/NewRelic.Observability/monitors/{monitorName}/resubscribe": { + "NewRelic.Observability/monitors/resubscribe/action": { + "automated": true + } + }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/NewRelic.Observability/monitors/{monitorName}/switchBilling": { "NewRelic.Observability/monitors/switchBilling/action": { "automated": true diff --git a/azure/provider-operations.json b/azure/provider-operations.json index 386369b18..ce629819f 100644 --- a/azure/provider-operations.json +++ b/azure/provider-operations.json @@ -258500,6 +258500,14 @@ "origin": null, "properties": null }, + { + "description": "Refreshes the ingestion key for all monitors linked to the same account associated to a monitor.", + "displayName": "Refresh Ingestion Key", + "isDataAction": false, + "name": "NewRelic.Observability/monitors/refreshIngestionKey/action", + "origin": null, + "properties": null + }, { "description": "Get Metric rules for a NewRelic resource", "displayName": "Get Metric Rules", @@ -258524,6 +258532,14 @@ "origin": null, "properties": null }, + { + "description": "Resubscribe the NewRelic monitor resource to Azure", + "displayName": "Resubscribe", + "isDataAction": false, + "name": "NewRelic.Observability/monitors/resubscribe/action", + "origin": null, + "properties": null + }, { "description": "Get marketplace and organization info mapped to the given monitor", "displayName": "Get marketplace and organization info mapped to the given monitor", @@ -266606,6 +266622,14 @@ "name": "Microsoft.ResourceNotifications/systemTopics/subscribeToComputeScheduleResources/action", "origin": null, "properties": null + }, + { + "description": "Permission to perform creation and event subscription creation on a ContainerServiceEventResources system topic", + "displayName": "Permission subscribeToContainerServiceEventResources granted", + "isDataAction": false, + "name": "Microsoft.ResourceNotifications/systemTopics/subscribeToContainerServiceEventResources/action", + "origin": null, + "properties": null } ] } diff --git a/gcp/map.json b/gcp/map.json index e3e1a5e30..67668e1c9 100644 --- a/gcp/map.json +++ b/gcp/map.json @@ -3619,8 +3619,8 @@ "permissions": [ { "discoveryMethodologies": [ - "manual", - "restcrawliamblockv1" + "restcrawliamblockv1", + "manual" ], "name": "analyticshub.subscriptions.delete" } @@ -3630,8 +3630,8 @@ "permissions": [ { "discoveryMethodologies": [ - "manual", - "restcrawliamblockv1" + "restcrawliamblockv1", + "manual" ], "name": "analyticshub.subscriptions.get" } @@ -3664,8 +3664,8 @@ "permissions": [ { "discoveryMethodologies": [ - "manual", - "restcrawliamblockv1" + "restcrawliamblockv1", + "manual" ], "name": "analyticshub.subscriptions.list" } @@ -53696,8 +53696,8 @@ "permissions": [ { "discoveryMethodologies": [ - "manual", - "restcrawliamblockv1" + "restcrawliamblockv1", + "manual" ], "name": "policysimulator.replays.create" } @@ -53707,8 +53707,8 @@ "permissions": [ { "discoveryMethodologies": [ - "manual", - "restcrawliamblockv1" + "restcrawliamblockv1", + "manual" ], "name": "policysimulator.replays.get" } @@ -53718,8 +53718,8 @@ "permissions": [ { "discoveryMethodologies": [ - "manual", - "restcrawliamblockv1" + "restcrawliamblockv1", + "manual" ], "name": "policysimulator.replays.list" } @@ -60598,8 +60598,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "fuzzv1" + "fuzzv1", + "restcrawlv1" ], "lowConfidence": true, "name": "serviceusage.services.enable", @@ -60781,8 +60781,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "fuzzv1" + "fuzzv1", + "restcrawlv1" ], "name": "serviceusage.quotas.get", "parameterName": "name", @@ -60795,8 +60795,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "fuzzv1" + "fuzzv1", + "restcrawlv1" ], "lowConfidence": true, "name": "serviceusage.quotas.get", @@ -60810,8 +60810,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "fuzzv1" + "fuzzv1", + "restcrawlv1" ], "lowConfidence": true, "name": "serviceusage.services.disable", @@ -60825,8 +60825,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "fuzzv1" + "fuzzv1", + "restcrawlv1" ], "lowConfidence": true, "name": "serviceusage.services.enable", @@ -60841,8 +60841,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "fuzzv1" + "fuzzv1", + "restcrawlv1" ], "lowConfidence": true, "name": "serviceusage.services.get", @@ -60856,8 +60856,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "fuzzv1" + "fuzzv1", + "restcrawlv1" ], "lowConfidence": true, "name": "serviceusage.services.list", diff --git a/gcp/predefined_roles.json b/gcp/predefined_roles.json index 6d498155b..5fea7ddb4 100644 --- a/gcp/predefined_roles.json +++ b/gcp/predefined_roles.json @@ -103,14 +103,6 @@ "stage": "GA", "title": "Vertex AI Administrator" }, - { - "description": "Vertex AI Batch Prediction Service Agent for serving batch prediction requests.", - "etag": "AA==", - "has_dataaccess": true, - "has_undocumented": true, - "name": "roles/aiplatform.batchPredictionServiceAgent", - "title": "Vertex AI Batch Prediction Service Agent" - }, { "description": "Admin role of using colab enterprise.", "etag": "AA==", @@ -529,6 +521,7 @@ "etag": "AA==", "has_undocumented": true, "name": "roles/apigee.deploymentInvoker", + "stage": "GA", "title": "Apigee Deployment Invoker" }, { @@ -1961,13 +1954,6 @@ "stage": "GA", "title": "Chronicle API Editor" }, - { - "description": "Grants global access to data i.e. all data can be accessed.", - "etag": "AA==", - "has_undocumented": true, - "name": "roles/chronicle.globalDataAccess", - "title": "Chronicle API Global Data Access" - }, { "description": "Grants readonly access to Chronicle API resources, excluding Rules and Retrohunts.", "etag": "AA==", @@ -2068,21 +2054,21 @@ "etag": "AA==", "name": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", "stage": "BETA", - "title": "Cloud AI Companion Code Repository Indexes Admin" + "title": "Code Repository Indexes Admin" }, { "description": "Grants readonly access to Code Repository Indexes resources.", "etag": "AA==", "name": "roles/cloudaicompanion.codeRepositoryIndexesViewer", "stage": "BETA", - "title": "Cloud AI Companion Code Repository Indexes Viewer" + "title": "Code Repository Indexes Viewer" }, { "description": "Grants Read/Use access to the Code Repository Indexes Repository Group.", "etag": "AA==", "name": "roles/cloudaicompanion.repositoryGroupsUser", "stage": "BETA", - "title": "Cloud AI Companion Repository Groups User" + "title": "Repository Groups User" }, { "description": "Gives Cloud AI Companion components the proper permissions to function.", @@ -2092,11 +2078,11 @@ "title": "Cloud AI Companion Service Agent" }, { - "description": "A user who can receive assistance from Cloud AI Companion", + "description": "A user who can use Gemini for Google Cloud", "etag": "AA==", "name": "roles/cloudaicompanion.user", "stage": "BETA", - "title": "Cloud AI Companion User" + "title": "Gemini for Google Cloud User" }, { "description": "Give effective policy service account access to search all resources and IAM policies.", @@ -2537,6 +2523,7 @@ { "description": "Grants ability to use KeyHandle resources.", "etag": "AA==", + "has_undocumented": true, "name": "roles/cloudkms.autokeyUser", "stage": "BETA", "title": "Cloud KMS Autokey User" @@ -2890,13 +2877,6 @@ "stage": "GA", "title": "Cloud SQL Service Agent" }, - { - "description": "Role allowing access to Cloud SQL Studio", - "etag": "AA==", - "has_undocumented": true, - "name": "roles/cloudsql.studioUser", - "title": "Cloud SQL Studio User" - }, { "description": "Read-only access to Cloud SQL resources.", "etag": "AA==", @@ -3026,6 +3006,7 @@ { "description": "Admin access to Cloud Trace.", "etag": "AA==", + "has_undocumented": true, "name": "roles/cloudtrace.admin", "stage": "GA", "title": "Cloud Trace Admin" @@ -3040,6 +3021,7 @@ { "description": "User access to Cloud Trace. Can view traces, insights and stats. Can create, list, view, and delete tasks.", "etag": "AA==", + "has_undocumented": true, "name": "roles/cloudtrace.user", "stage": "GA", "title": "Cloud Trace User" @@ -4090,6 +4072,7 @@ { "description": "Full access to glossaries", "etag": "AA==", + "has_undocumented": true, "name": "roles/datacatalog.glossaryOwner", "stage": "BETA", "title": "DataCatalog Glossary Owner" @@ -4097,6 +4080,7 @@ { "description": "Can view glossaries and associate terms to entries", "etag": "AA==", + "has_undocumented": true, "name": "roles/datacatalog.glossaryUser", "stage": "BETA", "title": "DataCatalog Glossary User" @@ -5150,6 +5134,7 @@ "description": "Gives Dialogflow Service Account access to resources on behalf of user project for Integrations (Facebook Messenger, Slack, Telephony, etc.), BigQuery, Discovery Engine, and Vertex.", "etag": "AA==", "has_dataaccess": true, + "has_undocumented": true, "name": "roles/dialogflow.serviceAgent", "stage": "GA", "title": "Dialogflow Service Agent" @@ -5857,6 +5842,7 @@ "description": "Read access to Firebase Develop products and Analytics.", "etag": "AA==", "has_dataaccess": true, + "has_undocumented": true, "name": "roles/firebase.developViewer", "stage": "GA", "title": "Firebase Develop Viewer" @@ -5864,6 +5850,7 @@ { "description": "Full access to Firebase Grow products and Analytics.", "etag": "AA==", + "has_undocumented": true, "name": "roles/firebase.growthAdmin", "stage": "GA", "title": "Firebase Grow Admin" @@ -5871,6 +5858,7 @@ { "description": "Read access to Firebase Grow products and Analytics.", "etag": "AA==", + "has_undocumented": true, "name": "roles/firebase.growthViewer", "stage": "GA", "title": "Firebase Grow Viewer" @@ -5886,6 +5874,7 @@ { "description": "Full access to Firebase Quality products and Analytics.", "etag": "AA==", + "has_undocumented": true, "name": "roles/firebase.qualityAdmin", "stage": "GA", "title": "Firebase Quality Admin" @@ -5893,6 +5882,7 @@ { "description": "Read access to Firebase Quality products and Analytics.", "etag": "AA==", + "has_undocumented": true, "name": "roles/firebase.qualityViewer", "stage": "GA", "title": "Firebase Quality Viewer" @@ -5917,6 +5907,7 @@ "description": "Read-only access to Firebase products.", "etag": "AA==", "has_dataaccess": true, + "has_undocumented": true, "name": "roles/firebase.viewer", "stage": "GA", "title": "Firebase Viewer" @@ -7764,6 +7755,7 @@ { "description": "Gives Managed Kafka Service Agent access to Cloud Platform resources.", "etag": "AA==", + "has_undocumented": true, "name": "roles/managedkafka.serviceAgent", "stage": "GA", "title": "Managed Kafka Service Agent" @@ -8099,6 +8091,7 @@ "description": "Gives the Dataproc Metastore service account access to managed resources.", "etag": "AA==", "has_dataaccess": true, + "has_undocumented": true, "name": "roles/metastore.serviceAgent", "stage": "GA", "title": "Dataproc Metastore Service Agent" @@ -8657,13 +8650,6 @@ "stage": "GA", "title": "Organization Policy Viewer" }, - { - "description": "Full access to OS Config resources", - "etag": "AA==", - "has_undocumented": true, - "name": "roles/osconfig.admin", - "title": "OS Config Admin" - }, { "description": "Full admin access to GuestPolicies", "etag": "AA==", @@ -8785,13 +8771,6 @@ "stage": "BETA", "title": "Upgrade Report Viewer" }, - { - "description": "Readonly access to OS Config resources", - "etag": "AA==", - "has_undocumented": true, - "name": "roles/osconfig.viewer", - "title": "OS Config Viewer" - }, { "description": "Viewer of OS VulnerabilityReports", "etag": "AA==", @@ -10168,7 +10147,6 @@ "etag": "AA==", "has_dataaccess": true, "has_privesc": true, - "has_undocumented": true, "name": "roles/run.serviceAgent", "stage": "GA", "title": "Cloud Run Service Agent" @@ -10237,7 +10215,6 @@ { "description": "Service agent used by SecLM to access resources used by SecLM Workbenches.", "etag": "AA==", - "has_dataaccess": true, "has_undocumented": true, "name": "roles/seclm.serviceAgent", "stage": "GA", @@ -10843,7 +10820,6 @@ "etag": "AA==", "has_dataaccess": true, "has_privesc": true, - "has_undocumented": true, "name": "roles/serverless.serviceAgent", "stage": "GA", "title": "Cloud Run Service Agent" diff --git a/gcp/role_permissions.json b/gcp/role_permissions.json index 0bdcf6f03..c45bce483 100644 --- a/gcp/role_permissions.json +++ b/gcp/role_permissions.json @@ -5851,6 +5851,11 @@ "name": "Owner", "undocumented": false }, + { + "id": "roles/seclm.serviceAgent", + "name": "SecLM Service Agent", + "undocumented": true + }, { "id": "roles/spanner.serviceAgent", "name": "Cloud Spanner API Service Agent", @@ -33177,11 +33182,41 @@ "name": "Firebase Develop Admin", "undocumented": false }, + { + "id": "roles/firebase.developViewer", + "name": "Firebase Develop Viewer", + "undocumented": true + }, + { + "id": "roles/firebase.growthAdmin", + "name": "Firebase Grow Admin", + "undocumented": true + }, + { + "id": "roles/firebase.growthViewer", + "name": "Firebase Grow Viewer", + "undocumented": true + }, { "id": "roles/firebase.managementServiceAgent", "name": "Firebase Service Management Service Agent", "undocumented": false }, + { + "id": "roles/firebase.qualityAdmin", + "name": "Firebase Quality Admin", + "undocumented": true + }, + { + "id": "roles/firebase.qualityViewer", + "name": "Firebase Quality Viewer", + "undocumented": true + }, + { + "id": "roles/firebase.viewer", + "name": "Firebase Viewer", + "undocumented": true + }, { "id": "roles/owner", "name": "Owner", @@ -33256,16 +33291,46 @@ "name": "Firebase Develop Admin", "undocumented": false }, + { + "id": "roles/firebase.developViewer", + "name": "Firebase Develop Viewer", + "undocumented": true + }, + { + "id": "roles/firebase.growthAdmin", + "name": "Firebase Grow Admin", + "undocumented": true + }, + { + "id": "roles/firebase.growthViewer", + "name": "Firebase Grow Viewer", + "undocumented": true + }, { "id": "roles/firebase.managementServiceAgent", "name": "Firebase Service Management Service Agent", "undocumented": false }, + { + "id": "roles/firebase.qualityAdmin", + "name": "Firebase Quality Admin", + "undocumented": true + }, + { + "id": "roles/firebase.qualityViewer", + "name": "Firebase Quality Viewer", + "undocumented": true + }, { "id": "roles/firebase.sdkProvisioningServiceAgent", "name": "Firebase SDK Provisioning Service Agent", "undocumented": false }, + { + "id": "roles/firebase.viewer", + "name": "Firebase Viewer", + "undocumented": true + }, { "id": "roles/iam.securityAdmin", "name": "Security Admin", @@ -78599,7 +78664,7 @@ "cloudaicompanion.codeRepositoryIndexes.create": [ { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { @@ -78616,7 +78681,7 @@ "cloudaicompanion.codeRepositoryIndexes.delete": [ { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { @@ -78633,17 +78698,17 @@ "cloudaicompanion.codeRepositoryIndexes.get": [ { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { "id": "roles/cloudaicompanion.codeRepositoryIndexesViewer", - "name": "Cloud AI Companion Code Repository Indexes Viewer", + "name": "Code Repository Indexes Viewer", "undocumented": false }, { "id": "roles/cloudaicompanion.repositoryGroupsUser", - "name": "Cloud AI Companion Repository Groups User", + "name": "Repository Groups User", "undocumented": false }, { @@ -78670,12 +78735,12 @@ "cloudaicompanion.codeRepositoryIndexes.list": [ { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { "id": "roles/cloudaicompanion.codeRepositoryIndexesViewer", - "name": "Cloud AI Companion Code Repository Indexes Viewer", + "name": "Code Repository Indexes Viewer", "undocumented": false }, { @@ -78712,7 +78777,7 @@ "cloudaicompanion.codeRepositoryIndexes.update": [ { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { @@ -78729,7 +78794,7 @@ "cloudaicompanion.companions.generateChat": [ { "id": "roles/cloudaicompanion.user", - "name": "Cloud AI Companion User", + "name": "Gemini for Google Cloud User", "undocumented": false }, { @@ -78751,7 +78816,7 @@ "cloudaicompanion.companions.generateCode": [ { "id": "roles/cloudaicompanion.user", - "name": "Cloud AI Companion User", + "name": "Gemini for Google Cloud User", "undocumented": false }, { @@ -78783,7 +78848,7 @@ }, { "id": "roles/cloudaicompanion.user", - "name": "Cloud AI Companion User", + "name": "Gemini for Google Cloud User", "undocumented": false }, { @@ -78835,7 +78900,7 @@ "cloudaicompanion.instances.completeCode": [ { "id": "roles/cloudaicompanion.user", - "name": "Cloud AI Companion User", + "name": "Gemini for Google Cloud User", "undocumented": false }, { @@ -78857,7 +78922,7 @@ "cloudaicompanion.instances.completeTask": [ { "id": "roles/cloudaicompanion.user", - "name": "Cloud AI Companion User", + "name": "Gemini for Google Cloud User", "undocumented": false }, { @@ -78879,7 +78944,7 @@ "cloudaicompanion.instances.generateCode": [ { "id": "roles/cloudaicompanion.user", - "name": "Cloud AI Companion User", + "name": "Gemini for Google Cloud User", "undocumented": false }, { @@ -78901,7 +78966,7 @@ "cloudaicompanion.instances.generateText": [ { "id": "roles/cloudaicompanion.user", - "name": "Cloud AI Companion User", + "name": "Gemini for Google Cloud User", "undocumented": false }, { @@ -78923,7 +78988,7 @@ "cloudaicompanion.operations.cancel": [ { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { @@ -78940,7 +79005,7 @@ "cloudaicompanion.operations.delete": [ { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { @@ -78957,12 +79022,12 @@ "cloudaicompanion.operations.get": [ { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { "id": "roles/cloudaicompanion.codeRepositoryIndexesViewer", - "name": "Cloud AI Companion Code Repository Indexes Viewer", + "name": "Code Repository Indexes Viewer", "undocumented": false }, { @@ -78984,12 +79049,12 @@ "cloudaicompanion.operations.list": [ { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { "id": "roles/cloudaicompanion.codeRepositoryIndexesViewer", - "name": "Cloud AI Companion Code Repository Indexes Viewer", + "name": "Code Repository Indexes Viewer", "undocumented": false }, { @@ -79021,7 +79086,7 @@ "cloudaicompanion.repositoryGroups.create": [ { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { @@ -79038,7 +79103,7 @@ "cloudaicompanion.repositoryGroups.delete": [ { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { @@ -79055,17 +79120,17 @@ "cloudaicompanion.repositoryGroups.get": [ { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { "id": "roles/cloudaicompanion.codeRepositoryIndexesViewer", - "name": "Cloud AI Companion Code Repository Indexes Viewer", + "name": "Code Repository Indexes Viewer", "undocumented": false }, { "id": "roles/cloudaicompanion.repositoryGroupsUser", - "name": "Cloud AI Companion Repository Groups User", + "name": "Repository Groups User", "undocumented": false }, { @@ -79092,17 +79157,17 @@ "cloudaicompanion.repositoryGroups.getIamPolicy": [ { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { "id": "roles/cloudaicompanion.codeRepositoryIndexesViewer", - "name": "Cloud AI Companion Code Repository Indexes Viewer", + "name": "Code Repository Indexes Viewer", "undocumented": false }, { "id": "roles/cloudaicompanion.repositoryGroupsUser", - "name": "Cloud AI Companion Repository Groups User", + "name": "Repository Groups User", "undocumented": false }, { @@ -79139,12 +79204,12 @@ "cloudaicompanion.repositoryGroups.list": [ { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { "id": "roles/cloudaicompanion.codeRepositoryIndexesViewer", - "name": "Cloud AI Companion Code Repository Indexes Viewer", + "name": "Code Repository Indexes Viewer", "undocumented": false }, { @@ -79181,7 +79246,7 @@ "cloudaicompanion.repositoryGroups.setIamPolicy": [ { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { @@ -79198,7 +79263,7 @@ "cloudaicompanion.repositoryGroups.update": [ { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { @@ -79215,7 +79280,7 @@ "cloudaicompanion.repositoryGroups.use": [ { "id": "roles/cloudaicompanion.repositoryGroupsUser", - "name": "Cloud AI Companion Repository Groups User", + "name": "Repository Groups User", "undocumented": false }, { @@ -118263,6 +118328,11 @@ "name": "Cloud KMS Admin", "undocumented": false }, + { + "id": "roles/cloudkms.autokeyUser", + "name": "Cloud KMS Autokey User", + "undocumented": true + }, { "id": "roles/cloudkms.viewer", "name": "Cloud KMS Viewer", @@ -182268,16 +182338,6 @@ "name": "Owner", "undocumented": false }, - { - "id": "roles/run.serviceAgent", - "name": "Cloud Run Service Agent", - "undocumented": true - }, - { - "id": "roles/serverless.serviceAgent", - "name": "Cloud Run Service Agent", - "undocumented": true - }, { "id": "roles/servicenetworking.serviceAgent", "name": "Service Networking Service Agent", @@ -212537,16 +212597,6 @@ "name": "Owner", "undocumented": false }, - { - "id": "roles/run.serviceAgent", - "name": "Cloud Run Service Agent", - "undocumented": true - }, - { - "id": "roles/serverless.serviceAgent", - "name": "Cloud Run Service Agent", - "undocumented": true - }, { "id": "roles/tpu.xpnAgent", "name": "TPU Shared VPC Agent", @@ -270153,6 +270203,16 @@ "name": "DataCatalog Entry Viewer", "undocumented": false }, + { + "id": "roles/datacatalog.glossaryOwner", + "name": "DataCatalog Glossary Owner", + "undocumented": true + }, + { + "id": "roles/datacatalog.glossaryUser", + "name": "DataCatalog Glossary User", + "undocumented": true + }, { "id": "roles/datacatalog.searchAdmin", "name": "DataCatalog Search Admin", @@ -289992,6 +290052,11 @@ } ], "discoveryengine.collections.list": [ + { + "id": "roles/dialogflow.serviceAgent", + "name": "Dialogflow Service Agent", + "undocumented": true + }, { "id": "roles/discoveryengine.admin", "name": "Discovery Engine Admin", @@ -290552,6 +290617,11 @@ } ], "discoveryengine.dataStores.list": [ + { + "id": "roles/dialogflow.serviceAgent", + "name": "Dialogflow Service Agent", + "undocumented": true + }, { "id": "roles/discoveryengine.admin", "name": "Discovery Engine Admin", @@ -290893,6 +290963,11 @@ } ], "discoveryengine.engines.create": [ + { + "id": "roles/dialogflow.serviceAgent", + "name": "Dialogflow Service Agent", + "undocumented": true + }, { "id": "roles/discoveryengine.admin", "name": "Discovery Engine Admin", @@ -291077,6 +291152,11 @@ } ], "discoveryengine.engines.update": [ + { + "id": "roles/dialogflow.serviceAgent", + "name": "Dialogflow Service Agent", + "undocumented": true + }, { "id": "roles/discoveryengine.admin", "name": "Discovery Engine Admin", @@ -352334,6 +352414,11 @@ "name": "Metastore Federation Accessor", "undocumented": false }, + { + "id": "roles/metastore.serviceAgent", + "name": "Dataproc Metastore Service Agent", + "undocumented": true + }, { "id": "roles/owner", "name": "Owner", @@ -376501,6 +376586,16 @@ } ], "observability.scopes.get": [ + { + "id": "roles/cloudtrace.admin", + "name": "Cloud Trace Admin", + "undocumented": true + }, + { + "id": "roles/cloudtrace.user", + "name": "Cloud Trace User", + "undocumented": true + }, { "id": "roles/composer.serviceAgent", "name": "Cloud Composer API Service Agent", @@ -379606,6 +379701,11 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/managedkafka.serviceAgent", + "name": "Managed Kafka Service Agent", + "undocumented": true + }, { "id": "roles/owner", "name": "Owner", @@ -407393,17 +407493,17 @@ }, { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { "id": "roles/cloudaicompanion.codeRepositoryIndexesViewer", - "name": "Cloud AI Companion Code Repository Indexes Viewer", + "name": "Code Repository Indexes Viewer", "undocumented": false }, { "id": "roles/cloudaicompanion.user", - "name": "Cloud AI Companion User", + "name": "Gemini for Google Cloud User", "undocumented": false }, { @@ -413007,17 +413107,17 @@ }, { "id": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", - "name": "Cloud AI Companion Code Repository Indexes Admin", + "name": "Code Repository Indexes Admin", "undocumented": false }, { "id": "roles/cloudaicompanion.codeRepositoryIndexesViewer", - "name": "Cloud AI Companion Code Repository Indexes Viewer", + "name": "Code Repository Indexes Viewer", "undocumented": false }, { "id": "roles/cloudaicompanion.user", - "name": "Cloud AI Companion User", + "name": "Gemini for Google Cloud User", "undocumented": false }, { @@ -447094,11 +447194,6 @@ "name": "Serverless Integrations Service Agent", "undocumented": false }, - { - "id": "roles/seclm.serviceAgent", - "name": "SecLM Service Agent", - "undocumented": false - }, { "id": "roles/securedlandingzone.bqdwProjectRemediator", "name": "SLZ BQDW Blueprint Project Level Remediator", @@ -447590,11 +447685,6 @@ "name": "Cloud Run Source Developer", "undocumented": false }, - { - "id": "roles/seclm.serviceAgent", - "name": "SecLM Service Agent", - "undocumented": false - }, { "id": "roles/securedlandingzone.bqdwProjectRemediator", "name": "SLZ BQDW Blueprint Project Level Remediator", @@ -450731,11 +450821,6 @@ "name": "Serverless Integrations Service Agent", "undocumented": false }, - { - "id": "roles/seclm.serviceAgent", - "name": "SecLM Service Agent", - "undocumented": false - }, { "id": "roles/serverless.serviceAgent", "name": "Cloud Run Service Agent", @@ -451390,11 +451475,6 @@ "name": "Serverless Integrations Service Agent", "undocumented": false }, - { - "id": "roles/seclm.serviceAgent", - "name": "SecLM Service Agent", - "undocumented": false - }, { "id": "roles/serverless.serviceAgent", "name": "Cloud Run Service Agent", diff --git a/gcp/roles/apigee.deploymentInvoker.json b/gcp/roles/apigee.deploymentInvoker.json index 733d63573..a55bdfaf5 100644 --- a/gcp/roles/apigee.deploymentInvoker.json +++ b/gcp/roles/apigee.deploymentInvoker.json @@ -5,6 +5,6 @@ "apigee.deployments.invoke" ], "name": "roles/apigee.deploymentInvoker", - "stage": "ALPHA", + "stage": "GA", "title": "Apigee Deployment Invoker" } diff --git a/gcp/roles/cloudaicompanion.codeRepositoryIndexesAdmin.json b/gcp/roles/cloudaicompanion.codeRepositoryIndexesAdmin.json index 0b5128a16..7c3a109f2 100644 --- a/gcp/roles/cloudaicompanion.codeRepositoryIndexesAdmin.json +++ b/gcp/roles/cloudaicompanion.codeRepositoryIndexesAdmin.json @@ -23,5 +23,5 @@ ], "name": "roles/cloudaicompanion.codeRepositoryIndexesAdmin", "stage": "BETA", - "title": "Cloud AI Companion Code Repository Indexes Admin" + "title": "Code Repository Indexes Admin" } diff --git a/gcp/roles/cloudaicompanion.codeRepositoryIndexesViewer.json b/gcp/roles/cloudaicompanion.codeRepositoryIndexesViewer.json index 137c3bbb7..5fad2c373 100644 --- a/gcp/roles/cloudaicompanion.codeRepositoryIndexesViewer.json +++ b/gcp/roles/cloudaicompanion.codeRepositoryIndexesViewer.json @@ -14,5 +14,5 @@ ], "name": "roles/cloudaicompanion.codeRepositoryIndexesViewer", "stage": "BETA", - "title": "Cloud AI Companion Code Repository Indexes Viewer" + "title": "Code Repository Indexes Viewer" } diff --git a/gcp/roles/cloudaicompanion.repositoryGroupsUser.json b/gcp/roles/cloudaicompanion.repositoryGroupsUser.json index 7b68820e2..7387987b2 100644 --- a/gcp/roles/cloudaicompanion.repositoryGroupsUser.json +++ b/gcp/roles/cloudaicompanion.repositoryGroupsUser.json @@ -9,5 +9,5 @@ ], "name": "roles/cloudaicompanion.repositoryGroupsUser", "stage": "BETA", - "title": "Cloud AI Companion Repository Groups User" + "title": "Repository Groups User" } diff --git a/gcp/roles/cloudaicompanion.user.json b/gcp/roles/cloudaicompanion.user.json index 97899a807..1fc55de60 100644 --- a/gcp/roles/cloudaicompanion.user.json +++ b/gcp/roles/cloudaicompanion.user.json @@ -1,5 +1,5 @@ { - "description": "A user who can receive assistance from Cloud AI Companion", + "description": "A user who can use Gemini for Google Cloud", "etag": "AA==", "includedPermissions": [ "cloudaicompanion.companions.generateChat", @@ -14,5 +14,5 @@ ], "name": "roles/cloudaicompanion.user", "stage": "BETA", - "title": "Cloud AI Companion User" + "title": "Gemini for Google Cloud User" } diff --git a/gcp/roles/cloudkms.autokeyUser.json b/gcp/roles/cloudkms.autokeyUser.json index 916ed187b..642f3ee36 100644 --- a/gcp/roles/cloudkms.autokeyUser.json +++ b/gcp/roles/cloudkms.autokeyUser.json @@ -5,6 +5,7 @@ "cloudkms.keyHandles.create", "cloudkms.keyHandles.get", "cloudkms.keyHandles.list", + "cloudkms.operations.get", "cloudkms.projects.showEffectiveAutokeyConfig" ], "name": "roles/cloudkms.autokeyUser", diff --git a/gcp/roles/cloudtrace.admin.json b/gcp/roles/cloudtrace.admin.json index 556c5e9b1..67f4d2432 100644 --- a/gcp/roles/cloudtrace.admin.json +++ b/gcp/roles/cloudtrace.admin.json @@ -12,6 +12,7 @@ "cloudtrace.traces.get", "cloudtrace.traces.list", "cloudtrace.traces.patch", + "observability.scopes.get", "resourcemanager.projects.get", "resourcemanager.projects.list" ], diff --git a/gcp/roles/cloudtrace.user.json b/gcp/roles/cloudtrace.user.json index 2a083dae7..268b87831 100644 --- a/gcp/roles/cloudtrace.user.json +++ b/gcp/roles/cloudtrace.user.json @@ -11,6 +11,7 @@ "cloudtrace.tasks.list", "cloudtrace.traces.get", "cloudtrace.traces.list", + "observability.scopes.get", "resourcemanager.projects.get", "resourcemanager.projects.list" ], diff --git a/gcp/roles/datacatalog.glossaryOwner.json b/gcp/roles/datacatalog.glossaryOwner.json index 3e5a511cf..8bb9c50d8 100644 --- a/gcp/roles/datacatalog.glossaryOwner.json +++ b/gcp/roles/datacatalog.glossaryOwner.json @@ -31,7 +31,8 @@ "datacatalog.relationships.deleteIsDescribedBy", "datacatalog.relationships.deleteIsRelatedTo", "datacatalog.relationships.deleteIsSynonymousTo", - "datacatalog.relationships.list" + "datacatalog.relationships.list", + "dataplex.projects.search" ], "name": "roles/datacatalog.glossaryOwner", "stage": "BETA", diff --git a/gcp/roles/datacatalog.glossaryUser.json b/gcp/roles/datacatalog.glossaryUser.json index b510dacab..edc231099 100644 --- a/gcp/roles/datacatalog.glossaryUser.json +++ b/gcp/roles/datacatalog.glossaryUser.json @@ -14,7 +14,8 @@ "datacatalog.relationships.deleteIsDescribedBy", "datacatalog.relationships.deleteIsRelatedTo", "datacatalog.relationships.deleteIsSynonymousTo", - "datacatalog.relationships.list" + "datacatalog.relationships.list", + "dataplex.projects.search" ], "name": "roles/datacatalog.glossaryUser", "stage": "BETA", diff --git a/gcp/roles/dialogflow.serviceAgent.json b/gcp/roles/dialogflow.serviceAgent.json index 546d2d326..f7f003071 100644 --- a/gcp/roles/dialogflow.serviceAgent.json +++ b/gcp/roles/dialogflow.serviceAgent.json @@ -102,8 +102,12 @@ "dialogflow.versions.list", "dialogflow.webhooks.get", "dialogflow.webhooks.list", + "discoveryengine.collections.list", + "discoveryengine.dataStores.list", + "discoveryengine.engines.create", "discoveryengine.engines.delete", "discoveryengine.engines.get", + "discoveryengine.engines.update", "discoveryengine.servingConfigs.search", "dlp.deidentifyTemplates.get", "dlp.deidentifyTemplates.list", diff --git a/gcp/roles/firebase.developViewer.json b/gcp/roles/firebase.developViewer.json index 4acf3f2c3..f24e8133e 100644 --- a/gcp/roles/firebase.developViewer.json +++ b/gcp/roles/firebase.developViewer.json @@ -2,6 +2,8 @@ "description": "Read access to Firebase Develop products and Analytics.", "etag": "AA==", "includedPermissions": [ + "apikeys.keys.get", + "apikeys.keys.list", "automl.annotationSpecs.get", "automl.annotationSpecs.list", "automl.annotations.list", diff --git a/gcp/roles/firebase.growthAdmin.json b/gcp/roles/firebase.growthAdmin.json index 6d51d95a5..9209ae44a 100644 --- a/gcp/roles/firebase.growthAdmin.json +++ b/gcp/roles/firebase.growthAdmin.json @@ -2,6 +2,8 @@ "description": "Full access to Firebase Grow products and Analytics.", "etag": "AA==", "includedPermissions": [ + "apikeys.keys.get", + "apikeys.keys.list", "clientauthconfig.clients.get", "clientauthconfig.clients.list", "cloudconfig.configs.get", diff --git a/gcp/roles/firebase.growthViewer.json b/gcp/roles/firebase.growthViewer.json index eecc38dc6..91e141a80 100644 --- a/gcp/roles/firebase.growthViewer.json +++ b/gcp/roles/firebase.growthViewer.json @@ -2,6 +2,8 @@ "description": "Read access to Firebase Grow products and Analytics.", "etag": "AA==", "includedPermissions": [ + "apikeys.keys.get", + "apikeys.keys.list", "cloudconfig.configs.get", "cloudnotifications.activities.list", "fcmdata.deliverydata.list", diff --git a/gcp/roles/firebase.qualityAdmin.json b/gcp/roles/firebase.qualityAdmin.json index 5e740b2ad..cb5df5d9c 100644 --- a/gcp/roles/firebase.qualityAdmin.json +++ b/gcp/roles/firebase.qualityAdmin.json @@ -2,6 +2,8 @@ "description": "Full access to Firebase Quality products and Analytics.", "etag": "AA==", "includedPermissions": [ + "apikeys.keys.get", + "apikeys.keys.list", "cloudnotifications.activities.list", "firebase.billingPlans.get", "firebase.clients.get", diff --git a/gcp/roles/firebase.qualityViewer.json b/gcp/roles/firebase.qualityViewer.json index 5cc7fdccb..98b7908de 100644 --- a/gcp/roles/firebase.qualityViewer.json +++ b/gcp/roles/firebase.qualityViewer.json @@ -2,6 +2,8 @@ "description": "Read access to Firebase Quality products and Analytics.", "etag": "AA==", "includedPermissions": [ + "apikeys.keys.get", + "apikeys.keys.list", "cloudnotifications.activities.list", "firebase.billingPlans.get", "firebase.clients.get", diff --git a/gcp/roles/firebase.viewer.json b/gcp/roles/firebase.viewer.json index cfe451343..8e005ebf3 100644 --- a/gcp/roles/firebase.viewer.json +++ b/gcp/roles/firebase.viewer.json @@ -2,6 +2,8 @@ "description": "Read-only access to Firebase products.", "etag": "AA==", "includedPermissions": [ + "apikeys.keys.get", + "apikeys.keys.list", "automl.annotationSpecs.get", "automl.annotationSpecs.list", "automl.annotations.list", diff --git a/gcp/roles/managedkafka.serviceAgent.json b/gcp/roles/managedkafka.serviceAgent.json index 345ae86fc..cb367dd8f 100644 --- a/gcp/roles/managedkafka.serviceAgent.json +++ b/gcp/roles/managedkafka.serviceAgent.json @@ -30,6 +30,7 @@ "dns.resourceRecordSets.list", "dns.resourceRecordSets.update", "managedkafka.clusters.connect", + "privateca.caPools.get", "servicedirectory.namespaces.create", "servicedirectory.services.create", "servicedirectory.services.delete" diff --git a/gcp/roles/metastore.serviceAgent.json b/gcp/roles/metastore.serviceAgent.json index bd74fa9ba..2de486f67 100644 --- a/gcp/roles/metastore.serviceAgent.json +++ b/gcp/roles/metastore.serviceAgent.json @@ -41,6 +41,7 @@ "metastore.databases.get", "metastore.databases.setIamPolicy", "metastore.databases.update", + "metastore.federations.use", "metastore.services.get", "metastore.tables.get", "metastore.tables.setIamPolicy", diff --git a/gcp/roles/run.serviceAgent.json b/gcp/roles/run.serviceAgent.json index a02d791d9..003cdd8a5 100644 --- a/gcp/roles/run.serviceAgent.json +++ b/gcp/roles/run.serviceAgent.json @@ -41,10 +41,8 @@ "compute.globalOperations.get", "compute.networks.access", "compute.networks.get", - "compute.regionOperations.get", "compute.subnetworks.get", "compute.subnetworks.use", - "compute.zoneOperations.get", "iam.serviceAccounts.actAs", "iam.serviceAccounts.getAccessToken", "iam.serviceAccounts.getOpenIdToken", diff --git a/gcp/roles/seclm.serviceAgent.json b/gcp/roles/seclm.serviceAgent.json index 01c0b3d0c..ed091a441 100644 --- a/gcp/roles/seclm.serviceAgent.json +++ b/gcp/roles/seclm.serviceAgent.json @@ -2,15 +2,12 @@ "description": "Service agent used by SecLM to access resources used by SecLM Workbenches.", "etag": "AA==", "includedPermissions": [ + "aiplatform.endpoints.predict", "aiplatform.locations.get", "discoveryengine.dataStores.completeQuery", "discoveryengine.dataStores.get", "discoveryengine.dataStores.list", - "discoveryengine.servingConfigs.search", - "storage.buckets.get", - "storage.buckets.list", - "storage.objects.get", - "storage.objects.list" + "discoveryengine.servingConfigs.search" ], "name": "roles/seclm.serviceAgent", "stage": "GA", diff --git a/gcp/roles/serverless.serviceAgent.json b/gcp/roles/serverless.serviceAgent.json index 34b8d0eb3..5e798ea03 100644 --- a/gcp/roles/serverless.serviceAgent.json +++ b/gcp/roles/serverless.serviceAgent.json @@ -40,10 +40,8 @@ "compute.globalOperations.get", "compute.networks.access", "compute.networks.get", - "compute.regionOperations.get", "compute.subnetworks.get", "compute.subnetworks.use", - "compute.zoneOperations.get", "iam.serviceAccounts.actAs", "iam.serviceAccounts.getAccessToken", "iam.serviceAccounts.getOpenIdToken", diff --git a/gcp/tags.json b/gcp/tags.json index 80f661083..f8389f3da 100644 --- a/gcp/tags.json +++ b/gcp/tags.json @@ -1,137 +1,137 @@ { "iam": { "CredentialExposure": [ - "iam.serviceAccountKeys.create", - "cloudfunctions.functions.create", + "compute.instances.create", "cloudfunctions.functions.sourceCodeSet", - "compute.instances.osAdminLogin", - "bigquery.connections.get", "cloudfunctions.functions.update", - "compute.instances.create" + "bigquery.connections.get", + "compute.instances.osAdminLogin", + "iam.serviceAccountKeys.create", + "cloudfunctions.functions.create" ], "DataAccess": [ - "appengine.memcache.get", - "pubsub.subscriptions.consume", - "container.services.proxy", - "datastore.entities.get", - "appengine.instances.enableDebug", - "bigquery.models.export", - "appengine.memcache.list", - "pubsub.topics.attachSubscription", - "pubsub.snapshots.seek", - "compute.instances.osLogin", - "storage.objects.get", - "cloudfunctions.functions.invoke", - "bigquery.tables.export", + "cloudfunctions.functions.call", "compute.images.create", - "cloudfunctions.functions.create", - "bigquery.models.getData", - "container.replicaSets.update", - "container.jobs.update", - "bigquery.connections.use", - "container.jobs.create", - "container.statefulSets.create", + "bigquery.tables.getData", "cloudfunctions.functions.sourceCodeSet", - "cloudfunctions.functions.call", "container.replicaSets.create", - "container.pods.create", - "compute.instances.osAdminLogin", - "container.statefulSets.update", - "cloudfunctions.functions.update", + "container.jobs.create", + "bigquery.rowAccessPolicies.getFilteredData", + "appengine.memcache.get", + "bigquery.tables.export", + "bigquery.models.getData", "compute.instances.getSerialPortOutput", + "appengine.memcache.getKey", "compute.instances.getGuestAttributes", "compute.instances.getScreenshot", - "bigquery.rowAccessPolicies.overrideTimeTravelRestrictions", - "bigquery.rowAccessPolicies.getFilteredData", - "bigquery.tables.getData", + "compute.instances.osAdminLogin", "container.deployments.update", + "pubsub.subscriptions.consume", + "bigquery.rowAccessPolicies.overrideTimeTravelRestrictions", + "appengine.instances.enableDebug", + "container.services.proxy", + "pubsub.topics.attachSubscription", + "appengine.memcache.list", + "bigquery.models.export", + "compute.instances.osLogin", + "storage.objects.get", "container.deployments.create", - "appengine.memcache.getKey" + "datastore.entities.get", + "container.statefulSets.update", + "cloudfunctions.functions.update", + "bigquery.connections.use", + "container.jobs.update", + "container.pods.create", + "container.replicaSets.update", + "cloudfunctions.functions.invoke", + "container.statefulSets.create", + "pubsub.snapshots.seek", + "cloudfunctions.functions.create" ], "PrivEsc": [ - "compute.instances.setIamPolicy", - "bigquery.dataPolicies.setIamPolicy", - "compute.firewallPolicies.setIamPolicy", - "compute.instances.createTagBinding", - "pubsub.schemas.setIamPolicy", - "bigquery.rowAccessPolicies.setIamPolicy", + "container.roles.escalate", + "container.clusterRoles.bind", + "compute.backendServices.addSignedUrlKey", + "container.roles.update", + "container.clusterRoleBindings.update", + "domains.registrations.createTagBinding", + "cloudbuild.builds.create", "bigquery.datasets.createTagBinding", - "compute.disks.deleteTagBinding", + "container.clusters.createTagBinding", + "compute.instances.createTagBinding", + "pubsub.topics.setIamPolicy", + "iam.serviceAccounts.getAccessToken", "bigquery.tables.setIamPolicy", - "iam.serviceAccountKeys.enable", - "dns.policies.setIamPolicy", - "domains.registrations.deleteTagBinding", - "container.pods.exec", + "compute.disks.createTagBinding", + "container.clusters.deleteTagBinding", "compute.images.createTagBinding", - "compute.disks.setIamPolicy", - "bigquery.datasets.updateTag", + "bigquery.datasets.setIamPolicy", + "dns.managedZones.setIamPolicy", + "compute.instances.addAccessConfig", "compute.backendServices.update", - "container.roles.update", + "pubsub.schemas.setIamPolicy", + "pubsub.snapshots.setIamPolicy", + "bigquery.rowAccessPolicies.setIamPolicy", + "compute.instances.setIamPolicy", + "iam.serviceAccountKeys.enable", + "storage.buckets.deleteTagBinding", + "compute.backendBuckets.setSecurityPolicy", + "container.roleBindings.create", + "bigquery.dataPolicies.setIamPolicy", + "compute.instances.updateNetworkInterface", + "compute.backendBuckets.update", + "resourcemanager.projects.setIamPolicy", "compute.globalNetworkEndpointGroups.setIamPolicy", - "bigquery.datasets.setIamPolicy", - "storage.buckets.setIamPolicy", - "container.clusterRoles.escalate", + "container.roleBindings.update", + "iam.roles.update", + "bigquery.tables.updateTag", + "container.roles.bind", + "compute.disks.deleteTagBinding", + "bigquery.tables.setCategory", + "compute.instances.use", + "bigquery.datasets.deleteTagBinding", "compute.backendServices.setSecurityPolicy", - "compute.backendServices.addSignedUrlKey", - "iam.serviceAccounts.getAccessToken", - "compute.backendBuckets.addSignedUrlKey", - "compute.instances.updateNetworkInterface", - "billing.accounts.setIamPolicy", - "compute.backendServices.setIamPolicy", - "container.roles.escalate", - "container.serviceAccounts.createToken", + "iam.serviceAccounts.setIamPolicy", + "compute.images.setIamPolicy", + "bigquery.datasets.updateTag", "iam.serviceAccounts.getOpenIdToken", - "pubsub.topics.setIamPolicy", - "storage.buckets.deleteTagBinding", - "compute.backendBuckets.update", - "domains.registrations.setIamPolicy", - "storage.objects.setIamPolicy", - "bigquery.connections.setIamPolicy", - "cloudfunctions.functions.setIamPolicy", "container.clusterRoleBindings.create", - "pubsub.topics.updateTag", - "compute.instances.deleteTagBinding", - "compute.backendBuckets.setIamPolicy", - "container.secrets.get", "compute.networkEndpointGroups.setIamPolicy", - "compute.instances.addAccessConfig", - "container.clusterRoleBindings.update", - "container.roleBindings.update", - "container.clusterRoles.bind", + "compute.instances.deleteTagBinding", "resourcemanager.tagkeys.setIamPolicy", - "compute.backendBuckets.setSecurityPolicy", - "iam.serviceAccounts.signJwt", - "compute.instances.useReadOnly", - "container.clusters.createTagBinding", - "pubsub.snapshots.setIamPolicy", - "container.roles.bind", - "container.nodes.proxy", - "iam.serviceAccounts.signBlob", - "resourcemanager.projects.setIamPolicy", + "dns.policies.setIamPolicy", + "domains.registrations.setIamPolicy", "container.clusterRoles.update", - "secretmanager.secrets.setIamPolicy", - "storage.buckets.createTagBinding", + "pubsub.topics.updateTag", + "bigquery.connections.setIamPolicy", + "domains.registrations.deleteTagBinding", + "compute.backendServices.setIamPolicy", + "container.secrets.get", "compute.images.deleteTagBinding", - "compute.images.setIamPolicy", - "dns.managedZones.setIamPolicy", - "compute.instances.updateAccessConfig", - "domains.registrations.createTagBinding", + "container.pods.exec", "resourcemanager.tagvalues.setIamPolicy", + "iam.serviceAccounts.signBlob", + "container.nodes.proxy", + "cloudbuild.connections.setIamPolicy", + "compute.backendBuckets.setIamPolicy", + "storage.objects.setIamPolicy", + "container.serviceAccounts.createToken", + "iam.serviceAccounts.implicitDelegation", + "billing.accounts.setIamPolicy", "iam.serviceAccounts.actAs", - "iam.serviceAccounts.setIamPolicy", - "bigquery.tables.updateTag", - "iam.roles.update", + "compute.backendBuckets.addSignedUrlKey", + "compute.firewallPolicies.setIamPolicy", "pubsub.subscriptions.setIamPolicy", - "bigquery.tables.setCategory", - "iam.serviceAccounts.implicitDelegation", - "compute.instances.use", - "bigquery.datasets.deleteTagBinding", + "iam.serviceAccounts.signJwt", + "compute.instances.updateAccessConfig", + "compute.disks.setIamPolicy", + "cloudfunctions.functions.setIamPolicy", "container.secrets.list", - "container.clusters.deleteTagBinding", - "cloudbuild.connections.setIamPolicy", - "container.roleBindings.create", - "compute.disks.createTagBinding", - "cloudbuild.builds.create" + "storage.buckets.setIamPolicy", + "storage.buckets.createTagBinding", + "secretmanager.secrets.setIamPolicy", + "compute.instances.useReadOnly", + "container.clusterRoles.escalate" ] } } \ No newline at end of file diff --git a/util/aws_js/iam_definition.json b/util/aws_js/iam_definition.json index 627d02a37..e82624022 100644 --- a/util/aws_js/iam_definition.json +++ b/util/aws_js/iam_definition.json @@ -4202,7 +4202,9 @@ "resource_types": [ { "condition_keys": [], - "dependent_actions": [], + "dependent_actions": [ + "s3:ListAllMyBuckets" + ], "resource_type": "" } ] @@ -148054,6 +148056,20 @@ } ] }, + { + "access_level": "Write", + "description": "Grants permission to associate SBOM files to a package version", + "privilege": "AssociateSbomWithPackageVersion", + "resource_types": [ + { + "condition_keys": [], + "dependent_actions": [ + "iot:GetIndexingConfiguration" + ], + "resource_type": "packageversion*" + } + ] + }, { "access_level": "Write", "description": "Grants permission to associate a group with a continuous job", @@ -148628,7 +148644,8 @@ { "condition_keys": [], "dependent_actions": [ - "iot:GetIndexingConfiguration" + "iot:GetIndexingConfiguration", + "s3:GetObjectVersion" ], "resource_type": "package*" }, @@ -149863,6 +149880,18 @@ } ] }, + { + "access_level": "Write", + "description": "Grants permission to disassociate SBOM files from a package version", + "privilege": "DisassociateSbomFromPackageVersion", + "resource_types": [ + { + "condition_keys": [], + "dependent_actions": [], + "resource_type": "packageversion*" + } + ] + }, { "access_level": "Write", "description": "Grants permission to enable the specified rule", @@ -150641,6 +150670,18 @@ } ] }, + { + "access_level": "List", + "description": "Grants permission to list SBOM validation results of a package version", + "privilege": "ListSbomValidationResults", + "resource_types": [ + { + "condition_keys": [], + "dependent_actions": [], + "resource_type": "packageversion*" + } + ] + }, { "access_level": "List", "description": "Grants permission to list all of your scheduled audits", @@ -151889,7 +151930,8 @@ { "condition_keys": [], "dependent_actions": [ - "iot:GetIndexingConfiguration" + "iot:GetIndexingConfiguration", + "s3:GetObjectVersion" ], "resource_type": "package*" }, @@ -241535,6 +241577,16 @@ "condition": "s3express:x-amz-content-sha256", "description": "Filters access by unsigned content in your bucket", "type": "String" + }, + { + "condition": "s3express:x-amz-server-side-encryption", + "description": "Filters access by server-side encryption", + "type": "String" + }, + { + "condition": "s3express:x-amz-server-side-encryption-aws-kms-key-id", + "description": "Filters access by AWS KMS customer managed key for server-side encryption", + "type": "ARN" } ], "prefix": "s3express", @@ -241556,7 +241608,9 @@ "s3express:ResourceAccount", "s3express:signatureversion", "s3express:TlsVersion", - "s3express:x-amz-content-sha256" + "s3express:x-amz-content-sha256", + "s3express:x-amz-server-side-encryption", + "s3express:x-amz-server-side-encryption-aws-kms-key-id" ], "dependent_actions": [], "resource_type": "" @@ -241657,6 +241711,29 @@ } ] }, + { + "access_level": "Read", + "description": "Grants permission to return the default encryption configuration for a directory bucket", + "privilege": "GetEncryptionConfiguration", + "resource_types": [ + { + "condition_keys": [], + "dependent_actions": [], + "resource_type": "bucket*" + }, + { + "condition_keys": [ + "s3express:authType", + "s3express:ResourceAccount", + "s3express:signatureversion", + "s3express:TlsVersion", + "s3express:x-amz-content-sha256" + ], + "dependent_actions": [], + "resource_type": "" + } + ] + }, { "access_level": "List", "description": "Grants permission to list all directory buckets owned by the authenticated sender of the request", @@ -241697,6 +241774,29 @@ "resource_type": "" } ] + }, + { + "access_level": "Write", + "description": "Grants permission to set the encryption configuration for a directory bucket", + "privilege": "PutEncryptionConfiguration", + "resource_types": [ + { + "condition_keys": [], + "dependent_actions": [], + "resource_type": "bucket*" + }, + { + "condition_keys": [ + "s3express:authType", + "s3express:ResourceAccount", + "s3express:signatureversion", + "s3express:TlsVersion", + "s3express:x-amz-content-sha256" + ], + "dependent_actions": [], + "resource_type": "" + } + ] } ], "resources": [