From 781f765059bfbb66d76697c08c19ca174d69cc6f Mon Sep 17 00:00:00 2001 From: "Ian Mckay [bot]" Date: Sun, 18 Aug 2024 14:08:57 +0000 Subject: [PATCH] Update SAR data --- aws/historic_counts.json | 8 + azure/built-in-roles-raw.json | 2002 +- azure/built-in-roles.json | 31120 +++++++++------- azure/provider-operations.json | 534 +- gcp/map.json | 244 +- gcp/predefined_roles.json | 5 +- gcp/role_permissions.json | 692 +- ...rtifactregistry.createOnPushRepoAdmin.json | 3 + .../artifactregistry.createOnPushWriter.json | 2 + gcp/roles/backupdr.backupvaultAdmin.json | 2 + gcp/roles/backupdr.user.json | 2 + gcp/roles/beyondcorp.admin.json | 2 + gcp/roles/cloudbuild.serviceAgent.json | 2 + gcp/roles/cloudkms.admin.json | 1 + gcp/roles/composer.worker.json | 3 + gcp/roles/datacatalog.dataSteward.json | 1 + gcp/roles/dataflow.serviceAgent.json | 2 + gcp/roles/dataform.viewer.json | 1 + gcp/roles/dataplex.serviceAgent.json | 2 + gcp/roles/discoveryengine.admin.json | 2 + gcp/roles/discoveryengine.editor.json | 1 + gcp/roles/iam.securityAdmin.json | 10 + gcp/roles/iam.securityReviewer.json | 10 + gcp/roles/managedflink.admin.json | 16 + gcp/roles/networkmanagement.admin.json | 9 +- gcp/roles/owner.json | 67 +- gcp/tags.json | 194 +- 27 files changed, 19299 insertions(+), 15638 deletions(-) diff --git a/aws/historic_counts.json b/aws/historic_counts.json index 1cd88d6c1..af31d0689 100644 --- a/aws/historic_counts.json +++ b/aws/historic_counts.json @@ -6147,6 +6147,10 @@ { "count": 15500, "date": "2024-08-17T13:43:18" + }, + { + "count": 15500, + "date": "2024-08-18T14:08:52" } ], "iam": [ @@ -10889,6 +10893,10 @@ { "count": 17111, "date": "2024-08-17T13:43:18" + }, + { + "count": 17111, + "date": "2024-08-18T14:08:52" } ] } \ No newline at end of file diff --git a/azure/built-in-roles-raw.json b/azure/built-in-roles-raw.json index c08f8bf76..2f1819a9a 100644 --- a/azure/built-in-roles-raw.json +++ b/azure/built-in-roles-raw.json @@ -10170,12 +10170,10 @@ "assignableScopes": [ "/" ], - "description": "Arc ScVmm VM Contributor has permissions to perform all VM actions.", + "description": "Azure Arc ScVmm Private Cloud User has permissions to use the ScVmm resources to deploy VMs.", "permissions": [ { "actions": [ - "microsoft.scvmm/virtualmachines/*", - "microsoft.scvmm/virtualMachineInstances/*", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -10201,37 +10199,15 @@ "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/operationresults/read", + "microsoft.scvmm/virtualnetworks/join/action", + "microsoft.scvmm/virtualnetworks/Read", + "microsoft.scvmm/virtualmachinetemplates/clone/action", + "microsoft.scvmm/virtualmachinetemplates/Read", + "microsoft.scvmm/clouds/deploy/action", + "microsoft.scvmm/clouds/Read", "Microsoft.ExtendedLocation/customLocations/Read", "Microsoft.ExtendedLocation/customLocations/deploy/action", - "Microsoft.HybridCompute/machines/read", - "Microsoft.HybridCompute/machines/write", - "Microsoft.HybridCompute/machines/delete", - "Microsoft.HybridCompute/machines/UpgradeExtensions/action", - "Microsoft.HybridCompute/machines/assessPatches/action", - "Microsoft.HybridCompute/machines/installPatches/action", - "Microsoft.HybridCompute/machines/extensions/read", - "Microsoft.HybridCompute/machines/extensions/write", - "Microsoft.HybridCompute/machines/extensions/delete", - "Microsoft.HybridCompute/operations/read", - "Microsoft.HybridCompute/locations/operationresults/read", - "Microsoft.HybridCompute/locations/operationstatus/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", - "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", - "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", - "Microsoft.HybridCompute/osType/agentVersions/read", - "Microsoft.HybridCompute/osType/agentVersions/latest/read", - "Microsoft.HybridCompute/machines/runcommands/read", - "Microsoft.HybridCompute/machines/runcommands/write", - "Microsoft.HybridCompute/machines/runcommands/delete", - "Microsoft.HybridCompute/machines/licenseProfiles/read", - "Microsoft.HybridCompute/machines/licenseProfiles/write", - "Microsoft.HybridCompute/machines/licenseProfiles/delete", - "Microsoft.HybridCompute/licenses/read", - "Microsoft.HybridCompute/licenses/write", - "Microsoft.HybridCompute/licenses/delete" + "Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read" ], "condition": null, "conditionVersion": null, @@ -10240,7 +10216,7 @@ "notDataActions": [] } ], - "roleName": "Azure Arc ScVmm VM Contributor", + "roleName": "Azure Arc ScVmm Private Cloud User", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -10248,11 +10224,12 @@ "assignableScopes": [ "/" ], - "description": "Arc ScVmm VM Administrator has permissions to perform all ScVmm actions.", + "description": "Arc ScVmm VM Contributor has permissions to perform all VM actions.", "permissions": [ { "actions": [ - "Microsoft.ScVmm/*", + "microsoft.scvmm/virtualmachines/*", + "microsoft.scvmm/virtualMachineInstances/*", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -10317,7 +10294,7 @@ "notDataActions": [] } ], - "roleName": "Azure Arc ScVmm Administrator role", + "roleName": "Azure Arc ScVmm VM Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -10375,10 +10352,11 @@ "assignableScopes": [ "/" ], - "description": "Azure Arc ScVmm Private Cloud User has permissions to use the ScVmm resources to deploy VMs.", + "description": "Arc ScVmm VM Administrator has permissions to perform all ScVmm actions.", "permissions": [ { "actions": [ + "Microsoft.ScVmm/*", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -10404,15 +10382,37 @@ "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/operationresults/read", - "microsoft.scvmm/virtualnetworks/join/action", - "microsoft.scvmm/virtualnetworks/Read", - "microsoft.scvmm/virtualmachinetemplates/clone/action", - "microsoft.scvmm/virtualmachinetemplates/Read", - "microsoft.scvmm/clouds/deploy/action", - "microsoft.scvmm/clouds/Read", "Microsoft.ExtendedLocation/customLocations/Read", "Microsoft.ExtendedLocation/customLocations/deploy/action", - "Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read" + "Microsoft.HybridCompute/machines/read", + "Microsoft.HybridCompute/machines/write", + "Microsoft.HybridCompute/machines/delete", + "Microsoft.HybridCompute/machines/UpgradeExtensions/action", + "Microsoft.HybridCompute/machines/assessPatches/action", + "Microsoft.HybridCompute/machines/installPatches/action", + "Microsoft.HybridCompute/machines/extensions/read", + "Microsoft.HybridCompute/machines/extensions/write", + "Microsoft.HybridCompute/machines/extensions/delete", + "Microsoft.HybridCompute/operations/read", + "Microsoft.HybridCompute/locations/operationresults/read", + "Microsoft.HybridCompute/locations/operationstatus/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", + "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", + "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", + "Microsoft.HybridCompute/osType/agentVersions/read", + "Microsoft.HybridCompute/osType/agentVersions/latest/read", + "Microsoft.HybridCompute/machines/runcommands/read", + "Microsoft.HybridCompute/machines/runcommands/write", + "Microsoft.HybridCompute/machines/runcommands/delete", + "Microsoft.HybridCompute/machines/licenseProfiles/read", + "Microsoft.HybridCompute/machines/licenseProfiles/write", + "Microsoft.HybridCompute/machines/licenseProfiles/delete", + "Microsoft.HybridCompute/licenses/read", + "Microsoft.HybridCompute/licenses/write", + "Microsoft.HybridCompute/licenses/delete" ], "condition": null, "conditionVersion": null, @@ -10421,7 +10421,7 @@ "notDataActions": [] } ], - "roleName": "Azure Arc ScVmm Private Cloud User", + "roleName": "Azure Arc ScVmm Administrator role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -10429,27 +10429,32 @@ "assignableScopes": [ "/" ], - "description": "Can read, create, modify and delete HDInsight on AKS cluster pools and create clusters", + "description": "Grants a user/group the ability to create, delete and manage clusters within a given cluster pool. Cluster Admin can also run workloads, monitor, and manage all user activity on these clusters.", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.HDInsight/clusterPools/clusters/read", "Microsoft.HDInsight/clusterPools/clusters/write", - "Microsoft.HDInsight/clusterPools/delete", - "Microsoft.HDInsight/clusterPools/read", - "Microsoft.HDInsight/clusterPools/write", - "Microsoft.HDInsight/clusterpools/availableupgrades/read", - "Microsoft.HDInsight/clusterpools/upgrade/action", - "Microsoft.HDInsight/clusterPools/upgradehistories/read", + "Microsoft.HDInsight/clusterPools/clusters/delete", + "Microsoft.HDInsight/clusterPools/clusters/resize/action", + "Microsoft.HDInsight/clusterpools/clusters/instanceviews/read", + "Microsoft.HDInsight/clusterPools/clusters/jobs/read", + "Microsoft.HDInsight/clusterPools/clusters/runjob/action", + "Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read", + "Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read", + "Microsoft.HDInsight/clusterPools/clusters/upgrade/action", + "Microsoft.HDInsight/clusterPools/clusters/rollback/action", + "Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read", + "Microsoft.HDInsight/clusterPools/clusters/libraries/read", + "Microsoft.HDInsight/clusterPools/clusters/managelibraries/action", "Microsoft.ResourceHealth/availabilityStatuses/read", "Microsoft.Resources/deployments/operations/read", - "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/deployments/*/read", "Microsoft.Resources/deployments/read", + "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/deployments/write", "Microsoft.Resources/deployments/exportTemplate/action", - "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", "Microsoft.Resources/subscriptions/resourceGroups/read", @@ -10471,7 +10476,7 @@ "notDataActions": [] } ], - "roleName": "HDInsight on AKS Cluster Pool Admin", + "roleName": "HDInsight on AKS Cluster Admin", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -10479,32 +10484,27 @@ "assignableScopes": [ "/" ], - "description": "Grants a user/group the ability to create, delete and manage clusters within a given cluster pool. Cluster Admin can also run workloads, monitor, and manage all user activity on these clusters.", + "description": "Can read, create, modify and delete HDInsight on AKS cluster pools and create clusters", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.HDInsight/clusterPools/clusters/read", "Microsoft.HDInsight/clusterPools/clusters/write", - "Microsoft.HDInsight/clusterPools/clusters/delete", - "Microsoft.HDInsight/clusterPools/clusters/resize/action", - "Microsoft.HDInsight/clusterpools/clusters/instanceviews/read", - "Microsoft.HDInsight/clusterPools/clusters/jobs/read", - "Microsoft.HDInsight/clusterPools/clusters/runjob/action", - "Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read", - "Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read", - "Microsoft.HDInsight/clusterPools/clusters/upgrade/action", - "Microsoft.HDInsight/clusterPools/clusters/rollback/action", - "Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read", - "Microsoft.HDInsight/clusterPools/clusters/libraries/read", - "Microsoft.HDInsight/clusterPools/clusters/managelibraries/action", + "Microsoft.HDInsight/clusterPools/delete", + "Microsoft.HDInsight/clusterPools/read", + "Microsoft.HDInsight/clusterPools/write", + "Microsoft.HDInsight/clusterpools/availableupgrades/read", + "Microsoft.HDInsight/clusterpools/upgrade/action", + "Microsoft.HDInsight/clusterPools/upgradehistories/read", "Microsoft.ResourceHealth/availabilityStatuses/read", "Microsoft.Resources/deployments/operations/read", + "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/deployments/*/read", "Microsoft.Resources/deployments/read", - "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/deployments/write", "Microsoft.Resources/deployments/exportTemplate/action", + "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", "Microsoft.Resources/subscriptions/resourceGroups/read", @@ -10526,7 +10526,7 @@ "notDataActions": [] } ], - "roleName": "HDInsight on AKS Cluster Admin", + "roleName": "HDInsight on AKS Cluster Pool Admin", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -10708,6 +10708,40 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, + { + "assignableScopes": [ + "/" + ], + "description": "Provide permission to the Azure Virtual Desktop Resource Provider to start virtual machines.", + "permissions": [ + { + "actions": [ + "Microsoft.Compute/virtualMachines/start/action", + "Microsoft.Compute/virtualMachines/read", + "Microsoft.Compute/virtualMachines/instanceView/read", + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.HybridCompute/machines/read", + "Microsoft.HybridCompute/operations/read", + "Microsoft.HybridCompute/locations/operationresults/read", + "Microsoft.HybridCompute/locations/operationstatus/read", + "Microsoft.AzureStackHCI/virtualMachineInstances/read", + "Microsoft.AzureStackHCI/virtualMachineInstances/start/action", + "Microsoft.AzureStackHCI/operations/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Desktop Virtualization Power On Contributor", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, { "assignableScopes": [ "/" @@ -10846,24 +10880,13 @@ "assignableScopes": [ "/" ], - "description": "Provide permission to the Azure Virtual Desktop Resource Provider to start virtual machines.", + "description": "Lets you grant Access Review System app permissions to discover and revoke access as needed by the access review process.", "permissions": [ { "actions": [ - "Microsoft.Compute/virtualMachines/start/action", - "Microsoft.Compute/virtualMachines/read", - "Microsoft.Compute/virtualMachines/instanceView/read", - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.HybridCompute/machines/read", - "Microsoft.HybridCompute/operations/read", - "Microsoft.HybridCompute/locations/operationresults/read", - "Microsoft.HybridCompute/locations/operationstatus/read", - "Microsoft.AzureStackHCI/virtualMachineInstances/read", - "Microsoft.AzureStackHCI/virtualMachineInstances/start/action", - "Microsoft.AzureStackHCI/operations/read" + "Microsoft.Authorization/roleAssignments/read", + "Microsoft.Authorization/roleAssignments/delete", + "Microsoft.Management/getEntities/action" ], "condition": null, "conditionVersion": null, @@ -10872,7 +10895,7 @@ "notDataActions": [] } ], - "roleName": "Desktop Virtualization Power On Contributor", + "roleName": "Access Review Operator Service Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -10900,29 +10923,6 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, - { - "assignableScopes": [ - "/" - ], - "description": "Lets you grant Access Review System app permissions to discover and revoke access as needed by the access review process.", - "permissions": [ - { - "actions": [ - "Microsoft.Authorization/roleAssignments/read", - "Microsoft.Authorization/roleAssignments/delete", - "Microsoft.Management/getEntities/action" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "Access Review Operator Service Role", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, { "assignableScopes": [ "/" @@ -10998,7 +10998,7 @@ "assignableScopes": [ "/" ], - "description": "Grants read/write access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace.  Applying this role at cluster scope will give access across all namespaces.", + "description": "Grants read-only access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.", "permissions": [ { "actions": [ @@ -11013,38 +11013,65 @@ "conditionVersion": null, "dataActions": [ "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", - "Microsoft.ContainerService/fleets/apps/daemonsets/*", - "Microsoft.ContainerService/fleets/apps/deployments/*", - "Microsoft.ContainerService/fleets/apps/statefulsets/*", - "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*", - "Microsoft.ContainerService/fleets/batch/cronjobs/*", - "Microsoft.ContainerService/fleets/batch/jobs/*", - "Microsoft.ContainerService/fleets/configmaps/*", - "Microsoft.ContainerService/fleets/endpoints/*", + "Microsoft.ContainerService/fleets/apps/daemonsets/read", + "Microsoft.ContainerService/fleets/apps/deployments/read", + "Microsoft.ContainerService/fleets/apps/statefulsets/read", + "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read", + "Microsoft.ContainerService/fleets/batch/cronjobs/read", + "Microsoft.ContainerService/fleets/batch/jobs/read", + "Microsoft.ContainerService/fleets/configmaps/read", + "Microsoft.ContainerService/fleets/endpoints/read", "Microsoft.ContainerService/fleets/events.k8s.io/events/read", "Microsoft.ContainerService/fleets/events/read", - "Microsoft.ContainerService/fleets/extensions/daemonsets/*", - "Microsoft.ContainerService/fleets/extensions/deployments/*", - "Microsoft.ContainerService/fleets/extensions/ingresses/*", - "Microsoft.ContainerService/fleets/extensions/networkpolicies/*", + "Microsoft.ContainerService/fleets/extensions/daemonsets/read", + "Microsoft.ContainerService/fleets/extensions/deployments/read", + "Microsoft.ContainerService/fleets/extensions/ingresses/read", + "Microsoft.ContainerService/fleets/extensions/networkpolicies/read", "Microsoft.ContainerService/fleets/limitranges/read", "Microsoft.ContainerService/fleets/namespaces/read", - "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*", - "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*", - "Microsoft.ContainerService/fleets/persistentvolumeclaims/*", - "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*", - "Microsoft.ContainerService/fleets/replicationcontrollers/*", - "Microsoft.ContainerService/fleets/replicationcontrollers/*", + "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read", + "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read", + "Microsoft.ContainerService/fleets/persistentvolumeclaims/read", + "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read", + "Microsoft.ContainerService/fleets/replicationcontrollers/read", + "Microsoft.ContainerService/fleets/replicationcontrollers/read", "Microsoft.ContainerService/fleets/resourcequotas/read", - "Microsoft.ContainerService/fleets/secrets/*", - "Microsoft.ContainerService/fleets/serviceaccounts/*", - "Microsoft.ContainerService/fleets/services/*" + "Microsoft.ContainerService/fleets/serviceaccounts/read", + "Microsoft.ContainerService/fleets/services/read" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Kubernetes Fleet Manager RBAC Writer", + "roleName": "Azure Kubernetes Fleet Manager RBAC Reader", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "assignableScopes": [ + "/" + ], + "description": "Grants read/write access to all Kubernetes resources in the fleet-managed hub cluster.", + "permissions": [ + { + "actions": [ + "Microsoft.Authorization/*/read", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.ContainerService/fleets/read", + "Microsoft.ContainerService/fleets/listCredentials/action" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.ContainerService/fleets/*" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Kubernetes Fleet Manager RBAC Cluster Admin", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -11109,29 +11136,7 @@ "assignableScopes": [ "/" ], - "description": "Grants read/write access to Azure resources provided by Azure Kubernetes Fleet Manager, including fleets, fleet members, fleet update strategies, fleet update runs, etc.", - "permissions": [ - { - "actions": [ - "Microsoft.ContainerService/fleets/*", - "Microsoft.Resources/deployments/*" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "Azure Kubernetes Fleet Manager Contributor Role", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, - { - "assignableScopes": [ - "/" - ], - "description": "Grants read-only access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.", + "description": "Grants read/write access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace.  Applying this role at cluster scope will give access across all namespaces.", "permissions": [ { "actions": [ @@ -11146,37 +11151,38 @@ "conditionVersion": null, "dataActions": [ "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", - "Microsoft.ContainerService/fleets/apps/daemonsets/read", - "Microsoft.ContainerService/fleets/apps/deployments/read", - "Microsoft.ContainerService/fleets/apps/statefulsets/read", - "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read", - "Microsoft.ContainerService/fleets/batch/cronjobs/read", - "Microsoft.ContainerService/fleets/batch/jobs/read", - "Microsoft.ContainerService/fleets/configmaps/read", - "Microsoft.ContainerService/fleets/endpoints/read", + "Microsoft.ContainerService/fleets/apps/daemonsets/*", + "Microsoft.ContainerService/fleets/apps/deployments/*", + "Microsoft.ContainerService/fleets/apps/statefulsets/*", + "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*", + "Microsoft.ContainerService/fleets/batch/cronjobs/*", + "Microsoft.ContainerService/fleets/batch/jobs/*", + "Microsoft.ContainerService/fleets/configmaps/*", + "Microsoft.ContainerService/fleets/endpoints/*", "Microsoft.ContainerService/fleets/events.k8s.io/events/read", "Microsoft.ContainerService/fleets/events/read", - "Microsoft.ContainerService/fleets/extensions/daemonsets/read", - "Microsoft.ContainerService/fleets/extensions/deployments/read", - "Microsoft.ContainerService/fleets/extensions/ingresses/read", - "Microsoft.ContainerService/fleets/extensions/networkpolicies/read", + "Microsoft.ContainerService/fleets/extensions/daemonsets/*", + "Microsoft.ContainerService/fleets/extensions/deployments/*", + "Microsoft.ContainerService/fleets/extensions/ingresses/*", + "Microsoft.ContainerService/fleets/extensions/networkpolicies/*", "Microsoft.ContainerService/fleets/limitranges/read", "Microsoft.ContainerService/fleets/namespaces/read", - "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read", - "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read", - "Microsoft.ContainerService/fleets/persistentvolumeclaims/read", - "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read", - "Microsoft.ContainerService/fleets/replicationcontrollers/read", - "Microsoft.ContainerService/fleets/replicationcontrollers/read", + "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*", + "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*", + "Microsoft.ContainerService/fleets/persistentvolumeclaims/*", + "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*", + "Microsoft.ContainerService/fleets/replicationcontrollers/*", + "Microsoft.ContainerService/fleets/replicationcontrollers/*", "Microsoft.ContainerService/fleets/resourcequotas/read", - "Microsoft.ContainerService/fleets/serviceaccounts/read", - "Microsoft.ContainerService/fleets/services/read" + "Microsoft.ContainerService/fleets/secrets/*", + "Microsoft.ContainerService/fleets/serviceaccounts/*", + "Microsoft.ContainerService/fleets/services/*" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Kubernetes Fleet Manager RBAC Reader", + "roleName": "Azure Kubernetes Fleet Manager RBAC Writer", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -11184,27 +11190,21 @@ "assignableScopes": [ "/" ], - "description": "Grants read/write access to all Kubernetes resources in the fleet-managed hub cluster.", + "description": "Grants read/write access to Azure resources provided by Azure Kubernetes Fleet Manager, including fleets, fleet members, fleet update strategies, fleet update runs, etc.", "permissions": [ { "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ContainerService/fleets/read", - "Microsoft.ContainerService/fleets/listCredentials/action" + "Microsoft.ContainerService/fleets/*", + "Microsoft.Resources/deployments/*" ], "condition": null, "conditionVersion": null, - "dataActions": [ - "Microsoft.ContainerService/fleets/*" - ], + "dataActions": [], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Kubernetes Fleet Manager RBAC Cluster Admin", + "roleName": "Azure Kubernetes Fleet Manager Contributor Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -11284,14 +11284,11 @@ "assignableScopes": [ "/" ], - "description": "Allows full access to Template Spec operations at the assigned scope.", + "description": "Allows read access to Template Specs at the assigned scope.", "permissions": [ { "actions": [ - "Microsoft.Resources/templateSpecs/*", - "Microsoft.Authorization/*/read", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read" + "Microsoft.Resources/templateSpecs/*/read" ], "condition": null, "conditionVersion": null, @@ -11300,7 +11297,7 @@ "notDataActions": [] } ], - "roleName": "Template Spec Contributor", + "roleName": "Template Spec Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -11308,11 +11305,14 @@ "assignableScopes": [ "/" ], - "description": "Allows read access to Template Specs at the assigned scope.", + "description": "Allows full access to Template Spec operations at the assigned scope.", "permissions": [ { "actions": [ - "Microsoft.Resources/templateSpecs/*/read" + "Microsoft.Resources/templateSpecs/*", + "Microsoft.Authorization/*/read", + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, "conditionVersion": null, @@ -11321,7 +11321,7 @@ "notDataActions": [] } ], - "roleName": "Template Spec Reader", + "roleName": "Template Spec Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -11472,19 +11472,35 @@ "assignableScopes": [ "/" ], - "description": "Azure Center for SAP solutions service role - This role is intended to be used for providing the permissions to user assigned managed identity. Azure Center for SAP solutions will use this identity to deploy and manage SAP systems.", + "description": "This role provides read access to all capabilities of Azure Center for SAP solutions.", "permissions": [ { "actions": [ - "Microsoft.Resources/subscriptions/resourceGroups/write", + "Microsoft.Advisor/configurations/read", + "Microsoft.Advisor/recommendations/read", + "Microsoft.Workloads/sapvirtualInstances/*/read", + "Microsoft.Workloads/Locations/*/read", + "Microsoft.Workloads/Operations/read", + "Microsoft.Workloads/Locations/OperationStatuses/read", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/deployments/*", + "Microsoft.Insights/alertRules/read", + "Microsoft.Insights/metrics/read", + "Microsoft.Insights/metricDefinitions/read", + "Microsoft.Resources/deployments/read", + "Microsoft.Authorization/*/read", "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourcegroups/deployments/*", + "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", + "Microsoft.ResourceHealth/availabilityStatuses/read", + "Microsoft.Network/virtualNetworks/read", + "Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read", + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Network/virtualNetworks/subnets/virtualMachines/read", + "Microsoft.Network/networkInterfaces/read", + "Microsoft.Network/networkInterfaces/ipconfigurations/read", + "Microsoft.Network/networkInterfaces/loadBalancers/read", + "Microsoft.Network/networkInterfaces/providers/Microsoft.Insights/metricDefinitions/read", "Microsoft.Network/loadBalancers/read", - "Microsoft.Network/loadBalancers/write", "Microsoft.Network/loadBalancers/backendAddressPools/read", - "Microsoft.Network/loadBalancers/backendAddressPools/write", "Microsoft.Network/loadBalancers/frontendIPConfigurations/read", "Microsoft.Network/loadBalancers/loadBalancingRules/read", "Microsoft.Network/loadBalancers/inboundNatRules/read", @@ -11493,44 +11509,16 @@ "Microsoft.Network/loadBalancers/outboundRules/read", "Microsoft.Network/loadBalancers/virtualMachines/read", "Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read", - "Microsoft.Network/networkInterfaces/read", - "Microsoft.Network/networkInterfaces/write", - "Microsoft.Network/networkInterfaces/ipconfigurations/read", - "Microsoft.Network/networkInterfaces/loadBalancers/read", - "Microsoft.Network/virtualNetworks/read", - "Microsoft.Network/virtualNetworks/checkIpAddressAvailability/read", - "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/virtualNetworks/subnets/virtualMachines/read", - "Microsoft.Network/virtualNetworks/virtualMachines/read", - "Microsoft.Network/networkInterfaces/ipconfigurations/join/action", "Microsoft.Network/privateEndpoints/read", - "Microsoft.Network/privateEndpoints/write", - "Microsoft.Network/networkInterfaces/join/action", - "Microsoft.Network/loadBalancers/backendAddressPools/join/action", - "Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action", - "Microsoft.Network/virtualNetworks/subnets/join/action", - "Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action", "Microsoft.Storage/storageAccounts/read", - "Microsoft.Storage/storageAccounts/write", - "Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action", "Microsoft.Storage/storageAccounts/blobServices/read", "Microsoft.Storage/storageAccounts/blobServices/containers/read", "Microsoft.Storage/storageAccounts/fileServices/read", - "Microsoft.Storage/storageAccounts/fileServices/write", "Microsoft.Storage/storageAccounts/fileServices/shares/read", - "Microsoft.Storage/storageAccounts/fileServices/shares/write", "Microsoft.Compute/virtualMachines/read", - "Microsoft.Compute/virtualMachines/write", - "Microsoft.Compute/virtualMachines/instanceView/read", "Microsoft.Compute/availabilitySets/read", - "Microsoft.Compute/availabilitySets/write", - "Microsoft.Compute/skus/read", - "Microsoft.Compute/sshPublicKeys/read", "Microsoft.Compute/virtualMachines/extensions/read", - "Microsoft.Compute/virtualMachines/extensions/write", - "Microsoft.Compute/virtualMachines/extensions/delete", - "Microsoft.Compute/disks/read", - "Microsoft.Compute/disks/write" + "Microsoft.Compute/disks/read" ], "condition": null, "conditionVersion": null, @@ -11539,7 +11527,7 @@ "notDataActions": [] } ], - "roleName": "Azure Center for SAP solutions service role", + "roleName": "Azure Center for SAP solutions reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -11547,35 +11535,19 @@ "assignableScopes": [ "/" ], - "description": "This role provides read access to all capabilities of Azure Center for SAP solutions.", + "description": "Azure Center for SAP solutions service role - This role is intended to be used for providing the permissions to user assigned managed identity. Azure Center for SAP solutions will use this identity to deploy and manage SAP systems.", "permissions": [ { "actions": [ - "Microsoft.Advisor/configurations/read", - "Microsoft.Advisor/recommendations/read", - "Microsoft.Workloads/sapvirtualInstances/*/read", - "Microsoft.Workloads/Locations/*/read", - "Microsoft.Workloads/Operations/read", - "Microsoft.Workloads/Locations/OperationStatuses/read", + "Microsoft.Resources/subscriptions/resourceGroups/write", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Insights/alertRules/read", - "Microsoft.Insights/metrics/read", - "Microsoft.Insights/metricDefinitions/read", - "Microsoft.Resources/deployments/read", - "Microsoft.Authorization/*/read", + "Microsoft.Resources/deployments/*", "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", - "Microsoft.ResourceHealth/availabilityStatuses/read", - "Microsoft.Network/virtualNetworks/read", - "Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read", - "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/virtualNetworks/subnets/virtualMachines/read", - "Microsoft.Network/networkInterfaces/read", - "Microsoft.Network/networkInterfaces/ipconfigurations/read", - "Microsoft.Network/networkInterfaces/loadBalancers/read", - "Microsoft.Network/networkInterfaces/providers/Microsoft.Insights/metricDefinitions/read", + "Microsoft.Resources/subscriptions/resourcegroups/deployments/*", "Microsoft.Network/loadBalancers/read", + "Microsoft.Network/loadBalancers/write", "Microsoft.Network/loadBalancers/backendAddressPools/read", + "Microsoft.Network/loadBalancers/backendAddressPools/write", "Microsoft.Network/loadBalancers/frontendIPConfigurations/read", "Microsoft.Network/loadBalancers/loadBalancingRules/read", "Microsoft.Network/loadBalancers/inboundNatRules/read", @@ -11584,16 +11556,44 @@ "Microsoft.Network/loadBalancers/outboundRules/read", "Microsoft.Network/loadBalancers/virtualMachines/read", "Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read", + "Microsoft.Network/networkInterfaces/read", + "Microsoft.Network/networkInterfaces/write", + "Microsoft.Network/networkInterfaces/ipconfigurations/read", + "Microsoft.Network/networkInterfaces/loadBalancers/read", + "Microsoft.Network/virtualNetworks/read", + "Microsoft.Network/virtualNetworks/checkIpAddressAvailability/read", + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Network/virtualNetworks/subnets/virtualMachines/read", + "Microsoft.Network/virtualNetworks/virtualMachines/read", + "Microsoft.Network/networkInterfaces/ipconfigurations/join/action", "Microsoft.Network/privateEndpoints/read", + "Microsoft.Network/privateEndpoints/write", + "Microsoft.Network/networkInterfaces/join/action", + "Microsoft.Network/loadBalancers/backendAddressPools/join/action", + "Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action", + "Microsoft.Network/virtualNetworks/subnets/join/action", + "Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action", "Microsoft.Storage/storageAccounts/read", + "Microsoft.Storage/storageAccounts/write", + "Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action", "Microsoft.Storage/storageAccounts/blobServices/read", "Microsoft.Storage/storageAccounts/blobServices/containers/read", "Microsoft.Storage/storageAccounts/fileServices/read", + "Microsoft.Storage/storageAccounts/fileServices/write", "Microsoft.Storage/storageAccounts/fileServices/shares/read", + "Microsoft.Storage/storageAccounts/fileServices/shares/write", "Microsoft.Compute/virtualMachines/read", + "Microsoft.Compute/virtualMachines/write", + "Microsoft.Compute/virtualMachines/instanceView/read", "Microsoft.Compute/availabilitySets/read", + "Microsoft.Compute/availabilitySets/write", + "Microsoft.Compute/skus/read", + "Microsoft.Compute/sshPublicKeys/read", "Microsoft.Compute/virtualMachines/extensions/read", - "Microsoft.Compute/disks/read" + "Microsoft.Compute/virtualMachines/extensions/write", + "Microsoft.Compute/virtualMachines/extensions/delete", + "Microsoft.Compute/disks/read", + "Microsoft.Compute/disks/write" ], "condition": null, "conditionVersion": null, @@ -11602,7 +11602,7 @@ "notDataActions": [] } ], - "roleName": "Azure Center for SAP solutions reader", + "roleName": "Azure Center for SAP solutions service role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -11862,12 +11862,16 @@ "assignableScopes": [ "/" ], - "description": "List cluster monitoring user credential action.", + "description": "View all containerapp resources, but does not allow you to make any changes.", "permissions": [ { "actions": [ - "Microsoft.ContainerService/managedClusters/listClusterMonitoringUserCredential/action", - "Microsoft.ContainerService/managedClusters/read" + "Microsoft.App/containerApps/*/read", + "Microsoft.App/containerApps/read", + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, "conditionVersion": null, @@ -11876,7 +11880,7 @@ "notDataActions": [] } ], - "roleName": "Azure Kubernetes Service Cluster Monitoring User", + "roleName": "ContainerApp Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -11884,16 +11888,12 @@ "assignableScopes": [ "/" ], - "description": "View all containerapp resources, but does not allow you to make any changes.", + "description": "List cluster monitoring user credential action.", "permissions": [ { "actions": [ - "Microsoft.App/containerApps/*/read", - "Microsoft.App/containerApps/read", - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read" + "Microsoft.ContainerService/managedClusters/listClusterMonitoringUserCredential/action", + "Microsoft.ContainerService/managedClusters/read" ], "condition": null, "conditionVersion": null, @@ -11902,7 +11902,7 @@ "notDataActions": [] } ], - "roleName": "ContainerApp Reader", + "roleName": "Azure Kubernetes Service Cluster Monitoring User", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -12220,37 +12220,6 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, - { - "assignableScopes": [ - "/" - ], - "description": "Provide access to CWUM Solution by Bayer Ag Powered Services", - "permissions": [ - { - "actions": [], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.AgFoodPlatform/farmBeats/parties/read", - "Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read", - "Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write", - "Microsoft.AgFoodPlatform/farmBeats/parties/farms/read", - "Microsoft.AgFoodPlatform/farmBeats/parties/farms/write", - "Microsoft.AgFoodPlatform/farmBeats/parties/fields/read", - "Microsoft.AgFoodPlatform/farmBeats/parties/fields/write", - "Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*", - "Microsoft.AgFoodPlatform/farmBeats/scenes/*", - "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*", - "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*" - ], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "Bayer Ag Powered Services CWUM Solution", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, { "assignableScopes": [ "/" @@ -12297,6 +12266,37 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, + { + "assignableScopes": [ + "/" + ], + "description": "Provide access to CWUM Solution by Bayer Ag Powered Services", + "permissions": [ + { + "actions": [], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.AgFoodPlatform/farmBeats/parties/read", + "Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read", + "Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write", + "Microsoft.AgFoodPlatform/farmBeats/parties/farms/read", + "Microsoft.AgFoodPlatform/farmBeats/parties/farms/write", + "Microsoft.AgFoodPlatform/farmBeats/parties/fields/read", + "Microsoft.AgFoodPlatform/farmBeats/parties/fields/write", + "Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*", + "Microsoft.AgFoodPlatform/farmBeats/scenes/*", + "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*", + "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*" + ], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Bayer Ag Powered Services CWUM Solution", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, { "assignableScopes": [ "/" @@ -12326,12 +12326,14 @@ "assignableScopes": [ "/" ], - "description": "For internal use within Azure. Can view Azure Front Door secrets, but can't make changes.", + "description": "For internal use within Azure. Can manage Azure Front Door secrets, but can't grant access to other users.", "permissions": [ { "actions": [ "Microsoft.Cdn/operationresults/profileresults/secretresults/read", "Microsoft.Cdn/profiles/secrets/read", + "Microsoft.Cdn/profiles/secrets/write", + "Microsoft.Cdn/profiles/secrets/delete", "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, @@ -12341,7 +12343,7 @@ "notDataActions": [] } ], - "roleName": "Azure Front Door Secret Reader", + "roleName": "Azure Front Door Secret Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -12349,14 +12351,35 @@ "assignableScopes": [ "/" ], - "description": "For internal use within Azure. Can manage Azure Front Door secrets, but can't grant access to other users.", + "description": "For internal use within Azure. Can view Azure Front Door domains, but can't make changes.", + "permissions": [ + { + "actions": [ + "Microsoft.Cdn/operationresults/profileresults/customdomainresults/read", + "Microsoft.Cdn/profiles/customdomains/read", + "Microsoft.Resources/subscriptions/resourceGroups/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Front Door Domain Reader", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "assignableScopes": [ + "/" + ], + "description": "For internal use within Azure. Can view Azure Front Door secrets, but can't make changes.", "permissions": [ { "actions": [ "Microsoft.Cdn/operationresults/profileresults/secretresults/read", "Microsoft.Cdn/profiles/secrets/read", - "Microsoft.Cdn/profiles/secrets/write", - "Microsoft.Cdn/profiles/secrets/delete", "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, @@ -12366,7 +12389,7 @@ "notDataActions": [] } ], - "roleName": "Azure Front Door Secret Contributor", + "roleName": "Azure Front Door Secret Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -12374,12 +12397,15 @@ "assignableScopes": [ "/" ], - "description": "For internal use within Azure. Can view Azure Front Door domains, but can't make changes.", + "description": "Grants full access to manage backup and export resources", "permissions": [ { "actions": [ - "Microsoft.Cdn/operationresults/profileresults/customdomainresults/read", - "Microsoft.Cdn/profiles/customdomains/read", + "Microsoft.DBforMySQL/flexibleServers/validateBackup/action", + "Microsoft.DBforMySQL/flexibleServers/backupAndExport/action", + "Microsoft.DBforMySQL/locations/operationResults/read", + "Microsoft.DBforMySQL/locations/azureAsyncOperation/read", + "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, @@ -12389,7 +12415,55 @@ "notDataActions": [] } ], - "roleName": "Azure Front Door Domain Reader", + "roleName": "MySQL Backup And Export Operator", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "assignableScopes": [ + "/" + ], + "description": "Allows user to create, modify, describe, or delete NGFirewalls.", + "permissions": [ + { + "actions": [ + "PaloAltoNetworks.Cloudngfw/firewalls/*", + "PaloAltoNetworks.Cloudngfw/localRulestacks/read", + "PaloAltoNetworks.Cloudngfw/globalRulestacks/read", + "PaloAltoNetworks.Cloudngfw/Locations/operationStatuses/read", + "Microsoft.OperationalInsights/workspaces/write", + "Microsoft.OperationalInsights/workspaces/sharedKeys/read", + "Microsoft.OperationalInsights/workspaces/read", + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.Insights/metrics/read", + "Microsoft.Insights/metricDefinitions/read", + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.ResourceHealth/availabilityStatuses/read", + "Microsoft.Support/*", + "Microsoft.Network/virtualNetworks/read", + "Microsoft.Network/virtualNetworks/subnets/join/action", + "Microsoft.Network/publicIPAddresses/write", + "Microsoft.Network/publicIPAddresses/read", + "Microsoft.Network/publicIPAddresses/join/action", + "Microsoft.Network/networkVirtualAppliances/read", + "Microsoft.Network/networkVirtualAppliances/write", + "Microsoft.Network/networkVirtualAppliances/delete", + "Microsoft.Network/virtualHubs/read", + "Microsoft.Network/virtualWans/read", + "Microsoft.Network/virtualWans/virtualHubs/read", + "Microsoft.Network/networkSecurityGroups/read", + "Microsoft.Network/networkSecurityGroups/join/action" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "LocalNGFirewallAdministrator role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -12509,80 +12583,6 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, - { - "assignableScopes": [ - "/" - ], - "description": "Grants full access to manage backup and export resources", - "permissions": [ - { - "actions": [ - "Microsoft.DBforMySQL/flexibleServers/validateBackup/action", - "Microsoft.DBforMySQL/flexibleServers/backupAndExport/action", - "Microsoft.DBforMySQL/locations/operationResults/read", - "Microsoft.DBforMySQL/locations/azureAsyncOperation/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "MySQL Backup And Export Operator", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, - { - "assignableScopes": [ - "/" - ], - "description": "Allows user to create, modify, describe, or delete NGFirewalls.", - "permissions": [ - { - "actions": [ - "PaloAltoNetworks.Cloudngfw/firewalls/*", - "PaloAltoNetworks.Cloudngfw/localRulestacks/read", - "PaloAltoNetworks.Cloudngfw/globalRulestacks/read", - "PaloAltoNetworks.Cloudngfw/Locations/operationStatuses/read", - "Microsoft.OperationalInsights/workspaces/write", - "Microsoft.OperationalInsights/workspaces/sharedKeys/read", - "Microsoft.OperationalInsights/workspaces/read", - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Insights/metrics/read", - "Microsoft.Insights/metricDefinitions/read", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ResourceHealth/availabilityStatuses/read", - "Microsoft.Support/*", - "Microsoft.Network/virtualNetworks/read", - "Microsoft.Network/virtualNetworks/subnets/join/action", - "Microsoft.Network/publicIPAddresses/write", - "Microsoft.Network/publicIPAddresses/read", - "Microsoft.Network/publicIPAddresses/join/action", - "Microsoft.Network/networkVirtualAppliances/read", - "Microsoft.Network/networkVirtualAppliances/write", - "Microsoft.Network/networkVirtualAppliances/delete", - "Microsoft.Network/virtualHubs/read", - "Microsoft.Network/virtualWans/read", - "Microsoft.Network/virtualWans/virtualHubs/read", - "Microsoft.Network/networkSecurityGroups/read", - "Microsoft.Network/networkSecurityGroups/join/action" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "LocalNGFirewallAdministrator role", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, { "assignableScopes": [ "/" @@ -12658,20 +12658,11 @@ "assignableScopes": [ "/" ], - "description": "Has the same access as API Management Service Workspace API Developer as well as read access to users and write access to allow assigning users to groups. This role should be assigned on the service scope.", + "description": "Has read-only access to entities in the workspace. This role should be assigned on the workspace scope.", "permissions": [ { "actions": [ - "Microsoft.ApiManagement/service/users/read", - "Microsoft.ApiManagement/service/tags/read", - "Microsoft.ApiManagement/service/tags/apiLinks/*", - "Microsoft.ApiManagement/service/tags/operationLinks/*", - "Microsoft.ApiManagement/service/tags/productLinks/*", - "Microsoft.ApiManagement/service/products/read", - "Microsoft.ApiManagement/service/products/apiLinks/*", - "Microsoft.ApiManagement/service/groups/read", - "Microsoft.ApiManagement/service/groups/users/*", - "Microsoft.ApiManagement/service/read", + "Microsoft.ApiManagement/service/workspaces/*/read", "Microsoft.Authorization/*/read" ], "condition": null, @@ -12681,7 +12672,7 @@ "notDataActions": [] } ], - "roleName": "API Management Service Workspace API Product Manager", + "roleName": "API Management Workspace Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -12689,23 +12680,16 @@ "assignableScopes": [ "/" ], - "description": "Has read access to entities in the workspace and read and write access to entities for editing APIs. This role should be assigned on the workspace scope.", + "description": "Has read access to entities in the workspace and read and write access to entities for publishing APIs. This role should be assigned on the workspace scope.", "permissions": [ { "actions": [ "Microsoft.ApiManagement/service/workspaces/*/read", - "Microsoft.ApiManagement/service/workspaces/apis/*", - "Microsoft.ApiManagement/service/workspaces/apiVersionSets/*", - "Microsoft.ApiManagement/service/workspaces/policies/*", - "Microsoft.ApiManagement/service/workspaces/schemas/*", "Microsoft.ApiManagement/service/workspaces/products/*", - "Microsoft.ApiManagement/service/workspaces/policyFragments/*", - "Microsoft.ApiManagement/service/workspaces/namedValues/*", + "Microsoft.ApiManagement/service/workspaces/subscriptions/*", + "Microsoft.ApiManagement/service/workspaces/groups/*", "Microsoft.ApiManagement/service/workspaces/tags/*", - "Microsoft.ApiManagement/service/workspaces/backends/*", - "Microsoft.ApiManagement/service/workspaces/certificates/*", - "Microsoft.ApiManagement/service/workspaces/diagnostics/*", - "Microsoft.ApiManagement/service/workspaces/loggers/*", + "Microsoft.ApiManagement/service/workspaces/notifications/*", "Microsoft.Authorization/*/read" ], "condition": null, @@ -12715,7 +12699,7 @@ "notDataActions": [] } ], - "roleName": "API Management Workspace API Developer", + "roleName": "API Management Workspace API Product Manager", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -12723,11 +12707,23 @@ "assignableScopes": [ "/" ], - "description": "Has read-only access to entities in the workspace. This role should be assigned on the workspace scope.", + "description": "Has read access to entities in the workspace and read and write access to entities for editing APIs. This role should be assigned on the workspace scope.", "permissions": [ { "actions": [ "Microsoft.ApiManagement/service/workspaces/*/read", + "Microsoft.ApiManagement/service/workspaces/apis/*", + "Microsoft.ApiManagement/service/workspaces/apiVersionSets/*", + "Microsoft.ApiManagement/service/workspaces/policies/*", + "Microsoft.ApiManagement/service/workspaces/schemas/*", + "Microsoft.ApiManagement/service/workspaces/products/*", + "Microsoft.ApiManagement/service/workspaces/policyFragments/*", + "Microsoft.ApiManagement/service/workspaces/namedValues/*", + "Microsoft.ApiManagement/service/workspaces/tags/*", + "Microsoft.ApiManagement/service/workspaces/backends/*", + "Microsoft.ApiManagement/service/workspaces/certificates/*", + "Microsoft.ApiManagement/service/workspaces/diagnostics/*", + "Microsoft.ApiManagement/service/workspaces/loggers/*", "Microsoft.Authorization/*/read" ], "condition": null, @@ -12737,7 +12733,7 @@ "notDataActions": [] } ], - "roleName": "API Management Workspace Reader", + "roleName": "API Management Workspace API Developer", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -12745,16 +12741,20 @@ "assignableScopes": [ "/" ], - "description": "Has read access to entities in the workspace and read and write access to entities for publishing APIs. This role should be assigned on the workspace scope.", + "description": "Has the same access as API Management Service Workspace API Developer as well as read access to users and write access to allow assigning users to groups. This role should be assigned on the service scope.", "permissions": [ { "actions": [ - "Microsoft.ApiManagement/service/workspaces/*/read", - "Microsoft.ApiManagement/service/workspaces/products/*", - "Microsoft.ApiManagement/service/workspaces/subscriptions/*", - "Microsoft.ApiManagement/service/workspaces/groups/*", - "Microsoft.ApiManagement/service/workspaces/tags/*", - "Microsoft.ApiManagement/service/workspaces/notifications/*", + "Microsoft.ApiManagement/service/users/read", + "Microsoft.ApiManagement/service/tags/read", + "Microsoft.ApiManagement/service/tags/apiLinks/*", + "Microsoft.ApiManagement/service/tags/operationLinks/*", + "Microsoft.ApiManagement/service/tags/productLinks/*", + "Microsoft.ApiManagement/service/products/read", + "Microsoft.ApiManagement/service/products/apiLinks/*", + "Microsoft.ApiManagement/service/groups/read", + "Microsoft.ApiManagement/service/groups/users/*", + "Microsoft.ApiManagement/service/read", "Microsoft.Authorization/*/read" ], "condition": null, @@ -12764,7 +12764,7 @@ "notDataActions": [] } ], - "roleName": "API Management Workspace API Product Manager", + "roleName": "API Management Service Workspace API Product Manager", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -12890,29 +12890,6 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, - { - "assignableScopes": [ - "/" - ], - "description": "Read subscriptions, images, azure firewalls. This role is used in Windows365 scenarios.", - "permissions": [ - { - "actions": [ - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Authorization/*/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "Windows365SubscriptionReader", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, { "assignableScopes": [ "/" @@ -12952,11 +12929,13 @@ "assignableScopes": [ "/" ], - "description": "Read, download the reports objects and related other resource objects.", + "description": "Read subscriptions, images, azure firewalls. This role is used in Windows365 scenarios.", "permissions": [ { "actions": [ - "*/read" + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Authorization/*/read" ], "condition": null, "conditionVersion": null, @@ -12965,7 +12944,7 @@ "notDataActions": [] } ], - "roleName": "App Compliance Automation Reader", + "roleName": "Windows365SubscriptionReader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -13017,6 +12996,27 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, + { + "assignableScopes": [ + "/" + ], + "description": "Read, download the reports objects and related other resource objects.", + "permissions": [ + { + "actions": [ + "*/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "App Compliance Automation Reader", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, { "assignableScopes": [ "/" @@ -13134,28 +13134,6 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, - { - "assignableScopes": [ - "/" - ], - "description": "Can list workspace connection secrets", - "permissions": [ - { - "actions": [ - "Microsoft.MachineLearningServices/workspaces/connections/listsecrets/action", - "Microsoft.MachineLearningServices/workspaces/metadata/secrets/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "Azure Machine Learning Workspace Connection Secrets Reader", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, { "assignableScopes": [ "/" @@ -13196,6 +13174,28 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, + { + "assignableScopes": [ + "/" + ], + "description": "Can list workspace connection secrets", + "permissions": [ + { + "actions": [ + "Microsoft.MachineLearningServices/workspaces/connections/listsecrets/action", + "Microsoft.MachineLearningServices/workspaces/metadata/secrets/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Machine Learning Workspace Connection Secrets Reader", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, { "assignableScopes": [ "/" @@ -13207,14 +13207,14 @@ "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.CognitiveSearch/indexes/schema/*", - "Microsoft.CognitiveSearch/indexes/documents/*" + "Microsoft.CognitiveSearch/indexes/schema/read", + "Microsoft.CognitiveSearch/indexes/documents/read" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Cognitive Search Serverless Data Contributor (Deprecated)", + "roleName": "Cognitive Search Serverless Data Reader (Deprecated)", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -13229,14 +13229,14 @@ "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.CognitiveSearch/indexes/schema/read", - "Microsoft.CognitiveSearch/indexes/documents/read" + "Microsoft.CognitiveSearch/indexes/schema/*", + "Microsoft.CognitiveSearch/indexes/documents/*" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Cognitive Search Serverless Data Reader (Deprecated)", + "roleName": "Cognitive Search Serverless Data Contributor (Deprecated)", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -13532,6 +13532,33 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, + { + "assignableScopes": [ + "/" + ], + "description": "You have read-only access to all resources in a Standard logic app and workflows, including the workflow runs and their history.", + "permissions": [ + { + "actions": [ + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/operations/read", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Support/*", + "Microsoft.Web/*/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Logic Apps Standard Reader (Preview)", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, { "assignableScopes": [ "/" @@ -13649,33 +13676,6 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, - { - "assignableScopes": [ - "/" - ], - "description": "You have read-only access to all resources in a Standard logic app and workflows, including the workflow runs and their history.", - "permissions": [ - { - "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/operations/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Support/*", - "Microsoft.Web/*/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "Logic Apps Standard Reader (Preview)", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, { "assignableScopes": [ "/" @@ -13752,22 +13752,24 @@ "assignableScopes": [ "/" ], - "description": "Allows for Importing Elastic San Volume", + "description": "Allows for creating and exporting Snapshot of Elastic San Volume", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ElasticSan/elasticSans/volumeGroups/*/read", - "Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/write", + "Microsoft.ElasticSan/elasticSans/*/read", + "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/write", + "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/delete", + "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/beginGetAccess/action", "Microsoft.ElasticSan/locations/*", "Microsoft.Compute/locations/*", "Microsoft.Compute/disks/read", - "Microsoft.Compute/disks/beginGetAccess/action", - "Microsoft.Compute/disks/endGetAccess/action", + "Microsoft.Compute/disks/write", + "Microsoft.Compute/disks/delete", "Microsoft.Compute/snapshots/read", - "Microsoft.Compute/snapshots/beginGetAccess/action", - "Microsoft.Compute/snapshots/endGetAccess/action" + "Microsoft.Compute/snapshots/write", + "Microsoft.Compute/snapshots/delete" ], "condition": null, "conditionVersion": null, @@ -13776,7 +13778,7 @@ "notDataActions": [] } ], - "roleName": "Elastic SAN Volume Importer", + "roleName": "Elastic SAN Snapshot Exporter", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -13784,24 +13786,22 @@ "assignableScopes": [ "/" ], - "description": "Allows for creating and exporting Snapshot of Elastic San Volume", + "description": "Allows for Importing Elastic San Volume", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ElasticSan/elasticSans/*/read", - "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/write", - "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/delete", - "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/beginGetAccess/action", + "Microsoft.ElasticSan/elasticSans/volumeGroups/*/read", + "Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/write", "Microsoft.ElasticSan/locations/*", "Microsoft.Compute/locations/*", "Microsoft.Compute/disks/read", - "Microsoft.Compute/disks/write", - "Microsoft.Compute/disks/delete", + "Microsoft.Compute/disks/beginGetAccess/action", + "Microsoft.Compute/disks/endGetAccess/action", "Microsoft.Compute/snapshots/read", - "Microsoft.Compute/snapshots/write", - "Microsoft.Compute/snapshots/delete" + "Microsoft.Compute/snapshots/beginGetAccess/action", + "Microsoft.Compute/snapshots/endGetAccess/action" ], "condition": null, "conditionVersion": null, @@ -13810,7 +13810,7 @@ "notDataActions": [] } ], - "roleName": "Elastic SAN Snapshot Exporter", + "roleName": "Elastic SAN Volume Importer", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -13952,20 +13952,22 @@ "assignableScopes": [ "/" ], - "description": "Execute requests against DeID realtime endpoint. This role is in preview and subject to change.", + "description": "Create and manage DeID batch jobs. This role is in preview and subject to change.", "permissions": [ { "actions": [], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.HealthDataAIServices/DeidServices/Realtime/action" + "Microsoft.HealthDataAIServices/DeidServices/Batch/write", + "Microsoft.HealthDataAIServices/DeidServices/Batch/delete", + "Microsoft.HealthDataAIServices/DeidServices/Batch/read" ], "notActions": [], "notDataActions": [] } ], - "roleName": "DeID Realtime Data User", + "roleName": "DeID Batch Data Owner", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -13997,22 +13999,20 @@ "assignableScopes": [ "/" ], - "description": "Create and manage DeID batch jobs. This role is in preview and subject to change.", + "description": "Execute requests against DeID realtime endpoint. This role is in preview and subject to change.", "permissions": [ { "actions": [], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.HealthDataAIServices/DeidServices/Batch/write", - "Microsoft.HealthDataAIServices/DeidServices/Batch/delete", - "Microsoft.HealthDataAIServices/DeidServices/Batch/read" + "Microsoft.HealthDataAIServices/DeidServices/Realtime/action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "DeID Batch Data Owner", + "roleName": "DeID Realtime Data User", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14188,107 +14188,6 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, - { - "assignableScopes": [ - "/" - ], - "description": "Grants permissions to view VMs", - "permissions": [ - { - "actions": [ - "Microsoft.AzureStackHCI/VirtualMachines/Read", - "Microsoft.AzureStackHCI/virtualMachineInstances/Read", - "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Read", - "Microsoft.AzureStackHCI/VirtualNetworks/Read", - "Microsoft.AzureStackHCI/LogicalNetworks/Read", - "Microsoft.AzureStackHCI/NetworkInterfaces/Read", - "Microsoft.AzureStackHCI/VirtualHardDisks/Read", - "Microsoft.AzureStackHCI/StorageContainers/Read", - "Microsoft.AzureStackHCI/GalleryImages/Read", - "Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read", - "Microsoft.AzureStackHCI/NetworkSecurityGroups/Read", - "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read", - "Microsoft.HybridCompute/licenses/read", - "Microsoft.HybridCompute/machines/extensions/read", - "Microsoft.HybridCompute/machines/licenseProfiles/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", - "Microsoft.HybridCompute/machines/read", - "Microsoft.HybridCompute/privateLinkScopes/networkSecurityPerimeterConfigurations/read", - "Microsoft.HybridCompute/privateLinkScopes/privateEndpointConnections/read", - "Microsoft.HybridCompute/privateLinkScopes/read", - "Microsoft.Insights/AlertRules/Write", - "Microsoft.Insights/AlertRules/Delete", - "Microsoft.Insights/AlertRules/Read", - "Microsoft.Insights/AlertRules/Activated/Action", - "Microsoft.Insights/AlertRules/Resolved/Action", - "Microsoft.Insights/AlertRules/Throttled/Action", - "Microsoft.Insights/AlertRules/Incidents/Read", - "Microsoft.Resources/deployments/read", - "Microsoft.Resources/deployments/exportTemplate/action", - "Microsoft.Resources/deployments/operations/read", - "Microsoft.Resources/deployments/operationstatuses/read", - "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", - "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", - "Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read", - "Microsoft.ResourceHealth/availabilityStatuses/read", - "Microsoft.Authorization/*/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/subscriptions/operationresults/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "Azure Stack HCI VM Reader", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, - { - "assignableScopes": [ - "/" - ], - "description": "Can perform all actions within an Azure AI resource besides managing the resource itself.", - "permissions": [ - { - "actions": [ - "Microsoft.MachineLearningServices/workspaces/*/read", - "Microsoft.MachineLearningServices/workspaces/*/action", - "Microsoft.MachineLearningServices/workspaces/*/delete", - "Microsoft.MachineLearningServices/workspaces/*/write", - "Microsoft.MachineLearningServices/locations/*/read", - "Microsoft.Authorization/*/read", - "Microsoft.Resources/deployments/*" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.CognitiveServices/accounts/OpenAI/*", - "Microsoft.CognitiveServices/accounts/SpeechServices/*", - "Microsoft.CognitiveServices/accounts/ContentSafety/*" - ], - "notActions": [ - "Microsoft.MachineLearningServices/workspaces/delete", - "Microsoft.MachineLearningServices/workspaces/write", - "Microsoft.MachineLearningServices/workspaces/listKeys/action", - "Microsoft.MachineLearningServices/workspaces/hubs/write", - "Microsoft.MachineLearningServices/workspaces/hubs/delete", - "Microsoft.MachineLearningServices/workspaces/featurestores/write", - "Microsoft.MachineLearningServices/workspaces/featurestores/delete" - ], - "notDataActions": [] - } - ], - "roleName": "Azure AI Developer", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, { "assignableScopes": [ "/" @@ -14375,12 +14274,113 @@ ], "condition": null, "conditionVersion": null, - "dataActions": [], - "notActions": [], + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Stack HCI VM Contributor", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "assignableScopes": [ + "/" + ], + "description": "Grants permissions to view VMs", + "permissions": [ + { + "actions": [ + "Microsoft.AzureStackHCI/VirtualMachines/Read", + "Microsoft.AzureStackHCI/virtualMachineInstances/Read", + "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Read", + "Microsoft.AzureStackHCI/VirtualNetworks/Read", + "Microsoft.AzureStackHCI/LogicalNetworks/Read", + "Microsoft.AzureStackHCI/NetworkInterfaces/Read", + "Microsoft.AzureStackHCI/VirtualHardDisks/Read", + "Microsoft.AzureStackHCI/StorageContainers/Read", + "Microsoft.AzureStackHCI/GalleryImages/Read", + "Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read", + "Microsoft.AzureStackHCI/NetworkSecurityGroups/Read", + "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read", + "Microsoft.HybridCompute/licenses/read", + "Microsoft.HybridCompute/machines/extensions/read", + "Microsoft.HybridCompute/machines/licenseProfiles/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", + "Microsoft.HybridCompute/machines/read", + "Microsoft.HybridCompute/privateLinkScopes/networkSecurityPerimeterConfigurations/read", + "Microsoft.HybridCompute/privateLinkScopes/privateEndpointConnections/read", + "Microsoft.HybridCompute/privateLinkScopes/read", + "Microsoft.Insights/AlertRules/Write", + "Microsoft.Insights/AlertRules/Delete", + "Microsoft.Insights/AlertRules/Read", + "Microsoft.Insights/AlertRules/Activated/Action", + "Microsoft.Insights/AlertRules/Resolved/Action", + "Microsoft.Insights/AlertRules/Throttled/Action", + "Microsoft.Insights/AlertRules/Incidents/Read", + "Microsoft.Resources/deployments/read", + "Microsoft.Resources/deployments/exportTemplate/action", + "Microsoft.Resources/deployments/operations/read", + "Microsoft.Resources/deployments/operationstatuses/read", + "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", + "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", + "Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read", + "Microsoft.ResourceHealth/availabilityStatuses/read", + "Microsoft.Authorization/*/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Resources/subscriptions/operationresults/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Azure Stack HCI VM Reader", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, + { + "assignableScopes": [ + "/" + ], + "description": "Can perform all actions within an Azure AI resource besides managing the resource itself.", + "permissions": [ + { + "actions": [ + "Microsoft.MachineLearningServices/workspaces/*/read", + "Microsoft.MachineLearningServices/workspaces/*/action", + "Microsoft.MachineLearningServices/workspaces/*/delete", + "Microsoft.MachineLearningServices/workspaces/*/write", + "Microsoft.MachineLearningServices/locations/*/read", + "Microsoft.Authorization/*/read", + "Microsoft.Resources/deployments/*" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.CognitiveServices/accounts/OpenAI/*", + "Microsoft.CognitiveServices/accounts/SpeechServices/*", + "Microsoft.CognitiveServices/accounts/ContentSafety/*" + ], + "notActions": [ + "Microsoft.MachineLearningServices/workspaces/delete", + "Microsoft.MachineLearningServices/workspaces/write", + "Microsoft.MachineLearningServices/workspaces/listKeys/action", + "Microsoft.MachineLearningServices/workspaces/hubs/write", + "Microsoft.MachineLearningServices/workspaces/hubs/delete", + "Microsoft.MachineLearningServices/workspaces/featurestores/write", + "Microsoft.MachineLearningServices/workspaces/featurestores/delete" + ], "notDataActions": [] } ], - "roleName": "Azure Stack HCI VM Contributor", + "roleName": "Azure AI Developer", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14419,7 +14419,7 @@ "assignableScopes": [ "/" ], - "description": "Allows receive access to event grid events.", + "description": "Allows send and receive access to event grid events.", "permissions": [ { "actions": [ @@ -14429,18 +14429,22 @@ "Microsoft.EventGrid/locations/eventSubscriptions/read", "Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.EventGrid/topics/read", + "Microsoft.EventGrid/domains/read", + "Microsoft.EventGrid/partnerNamespaces/read", "Microsoft.EventGrid/namespaces/read" ], "condition": null, "conditionVersion": null, "dataActions": [ + "Microsoft.EventGrid/events/send/action", "Microsoft.EventGrid/events/receive/action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "EventGrid Data Receiver", + "roleName": "EventGrid Data Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14448,7 +14452,7 @@ "assignableScopes": [ "/" ], - "description": "Allows send and receive access to event grid events.", + "description": "Allows receive access to event grid events.", "permissions": [ { "actions": [ @@ -14458,22 +14462,18 @@ "Microsoft.EventGrid/locations/eventSubscriptions/read", "Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.EventGrid/topics/read", - "Microsoft.EventGrid/domains/read", - "Microsoft.EventGrid/partnerNamespaces/read", "Microsoft.EventGrid/namespaces/read" ], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.EventGrid/events/send/action", "Microsoft.EventGrid/events/receive/action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "EventGrid Data Contributor", + "roleName": "EventGrid Data Receiver", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14481,19 +14481,13 @@ "assignableScopes": [ "/" ], - "description": "View reviews for a workload and triage recommendations linked to them.", + "description": "Can perform all actions required to create a resource deployment within a resource group.", "permissions": [ { "actions": [ - "Microsoft.Advisor/resiliencyReviews/read", - "Microsoft.Advisor/triageRecommendations/read", - "Microsoft.Advisor/triageRecommendations/approve/action", - "Microsoft.Advisor/triageRecommendations/reject/action", - "Microsoft.Advisor/triageRecommendations/reset/action", "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read" + "Microsoft.Insights/AutoscaleSettings/write" ], "condition": null, "conditionVersion": null, @@ -14502,7 +14496,7 @@ "notDataActions": [] } ], - "roleName": "Advisor Reviews Contributor", + "roleName": "Azure AI Inference Deployment Operator", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14510,12 +14504,11 @@ "assignableScopes": [ "/" ], - "description": "View reviews for a workload and recommendations linked to them.", + "description": "Built-in role that allows a Connected Cluster managed identity to call the checkAccess API", "permissions": [ { "actions": [ - "Microsoft.Advisor/resiliencyReviews/read", - "Microsoft.Advisor/triageRecommendations/read" + "Microsoft.Authorization/*/read" ], "condition": null, "conditionVersion": null, @@ -14524,7 +14517,7 @@ "notDataActions": [] } ], - "roleName": "Advisor Reviews Reader", + "roleName": "Connected Cluster Managed Identity CheckAccess Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14532,13 +14525,12 @@ "assignableScopes": [ "/" ], - "description": "Can perform all actions required to create a resource deployment within a resource group.", + "description": "View reviews for a workload and recommendations linked to them.", "permissions": [ { "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Resources/deployments/*", - "Microsoft.Insights/AutoscaleSettings/write" + "Microsoft.Advisor/resiliencyReviews/read", + "Microsoft.Advisor/triageRecommendations/read" ], "condition": null, "conditionVersion": null, @@ -14547,7 +14539,7 @@ "notDataActions": [] } ], - "roleName": "Azure AI Inference Deployment Operator", + "roleName": "Advisor Reviews Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14555,11 +14547,19 @@ "assignableScopes": [ "/" ], - "description": "Built-in role that allows a Connected Cluster managed identity to call the checkAccess API", + "description": "View reviews for a workload and triage recommendations linked to them.", "permissions": [ { "actions": [ - "Microsoft.Authorization/*/read" + "Microsoft.Advisor/resiliencyReviews/read", + "Microsoft.Advisor/triageRecommendations/read", + "Microsoft.Advisor/triageRecommendations/approve/action", + "Microsoft.Advisor/triageRecommendations/reject/action", + "Microsoft.Advisor/triageRecommendations/reset/action", + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, "conditionVersion": null, @@ -14568,7 +14568,7 @@ "notDataActions": [] } ], - "roleName": "Connected Cluster Managed Identity CheckAccess Reader", + "roleName": "Advisor Reviews Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14720,12 +14720,12 @@ "assignableScopes": [ "/" ], - "description": "List cluster user credential action.", + "description": "List cluster admin credential action.", "permissions": [ { "actions": [ "Microsoft.HybridContainerService/provisionedClusterInstances/read", - "Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action", + "Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action", "Microsoft.Kubernetes/connectedClusters/Read" ], "condition": null, @@ -14735,7 +14735,7 @@ "notDataActions": [] } ], - "roleName": "Azure Kubernetes Service Hybrid Cluster User Role", + "roleName": "Azure Kubernetes Service Hybrid Cluster Admin Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14743,12 +14743,12 @@ "assignableScopes": [ "/" ], - "description": "List cluster admin credential action.", + "description": "List cluster user credential action.", "permissions": [ { "actions": [ "Microsoft.HybridContainerService/provisionedClusterInstances/read", - "Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action", + "Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action", "Microsoft.Kubernetes/connectedClusters/Read" ], "condition": null, @@ -14758,7 +14758,7 @@ "notDataActions": [] } ], - "roleName": "Azure Kubernetes Service Hybrid Cluster Admin Role", + "roleName": "Azure Kubernetes Service Hybrid Cluster User Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14865,30 +14865,22 @@ "assignableScopes": [ "/" ], - "description": "Enclave Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.", + "description": "Community Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.", "permissions": [ { "actions": [ - "Microsoft.Mission/register/action", - "Microsoft.Mission/unregister/action", "Microsoft.Mission/Locations/OperationStatuses/read", - "Microsoft.Mission/Locations/OperationStatuses/write", "Microsoft.Mission/Operations/read", "Microsoft.Mission/catalogs/read", - "Microsoft.Mission/catalogs/write", "Microsoft.Mission/communities/read", "Microsoft.Mission/internalConnections/read", - "Microsoft.Mission/internalConnections/write", + "Microsoft.Mission/externalConnections/read", "Microsoft.Mission/virtualEnclaves/read", - "Microsoft.Mission/virtualEnclaves/write", "Microsoft.Mission/virtualEnclaves/endpoints/read", - "Microsoft.Mission/virtualEnclaves/endpoints/write", "Microsoft.Mission/virtualEnclaves/workloads/read", - "Microsoft.Mission/virtualEnclaves/workloads/write", "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/read", - "Microsoft.Resources/deployments/read", - "Microsoft.Resources/deployments/write", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/*", "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", @@ -14899,9 +14891,7 @@ "Microsoft.Mission/communities/communityEndpoints/read", "Microsoft.Mission/communities/transitHubs/read", "Microsoft.Mission/enclaveConnections/read", - "Microsoft.Mission/enclaveConnections/write", - "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read", - "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write" + "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read" ], "condition": null, "conditionVersion": null, @@ -14910,7 +14900,7 @@ "notDataActions": [] } ], - "roleName": "Enclave Contributor Role", + "roleName": "Community Reader Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14918,22 +14908,30 @@ "assignableScopes": [ "/" ], - "description": "Community Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.", + "description": "Enclave Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.", "permissions": [ { "actions": [ + "Microsoft.Mission/register/action", + "Microsoft.Mission/unregister/action", "Microsoft.Mission/Locations/OperationStatuses/read", + "Microsoft.Mission/Locations/OperationStatuses/write", "Microsoft.Mission/Operations/read", "Microsoft.Mission/catalogs/read", + "Microsoft.Mission/catalogs/write", "Microsoft.Mission/communities/read", "Microsoft.Mission/internalConnections/read", - "Microsoft.Mission/externalConnections/read", + "Microsoft.Mission/internalConnections/write", "Microsoft.Mission/virtualEnclaves/read", + "Microsoft.Mission/virtualEnclaves/write", "Microsoft.Mission/virtualEnclaves/endpoints/read", + "Microsoft.Mission/virtualEnclaves/endpoints/write", "Microsoft.Mission/virtualEnclaves/workloads/read", + "Microsoft.Mission/virtualEnclaves/workloads/write", "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/*", + "Microsoft.Insights/alertRules/read", + "Microsoft.Resources/deployments/read", + "Microsoft.Resources/deployments/write", "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", @@ -14944,7 +14942,9 @@ "Microsoft.Mission/communities/communityEndpoints/read", "Microsoft.Mission/communities/transitHubs/read", "Microsoft.Mission/enclaveConnections/read", - "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read" + "Microsoft.Mission/enclaveConnections/write", + "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read", + "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write" ], "condition": null, "conditionVersion": null, @@ -14953,7 +14953,7 @@ "notDataActions": [] } ], - "roleName": "Community Reader Role", + "roleName": "Enclave Contributor Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14961,21 +14961,22 @@ "assignableScopes": [ "/" ], - "description": "Allows management of Encryption Scopes on a Storage Account", + "description": "(Preview) Provides Azure Operator Nexus services the ability to write to a Key Vault. This role is in preview and subject to change.", "permissions": [ { "actions": [ - "Microsoft.Storage/storageAccounts/encryptionScopes/read", - "Microsoft.Storage/storageAccounts/encryptionScopes/write" + "Microsoft.KeyVault/vaults/read" ], "condition": null, "conditionVersion": null, - "dataActions": [], + "dataActions": [ + "Microsoft.KeyVault/vaults/secrets/setSecret/action" + ], "notActions": [], "notDataActions": [] } ], - "roleName": "Storage Account Encryption Scope Contributor Role", + "roleName": "Operator Nexus Key Vault Writer Service Role (Preview)", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -14983,22 +14984,21 @@ "assignableScopes": [ "/" ], - "description": "(Preview) Provides Azure Operator Nexus services the ability to write to a Key Vault. This role is in preview and subject to change.", + "description": "Allows management of Encryption Scopes on a Storage Account", "permissions": [ { "actions": [ - "Microsoft.KeyVault/vaults/read" + "Microsoft.Storage/storageAccounts/encryptionScopes/read", + "Microsoft.Storage/storageAccounts/encryptionScopes/write" ], "condition": null, "conditionVersion": null, - "dataActions": [ - "Microsoft.KeyVault/vaults/secrets/setSecret/action" - ], + "dataActions": [], "notActions": [], "notDataActions": [] } ], - "roleName": "Operator Nexus Key Vault Writer Service Role (Preview)", + "roleName": "Storage Account Encryption Scope Contributor Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15103,20 +15103,23 @@ "assignableScopes": [ "/" ], - "description": "Read real-time logs for all managed components in Azure Spring Apps", + "description": "Read real-time logs for Spring Cloud Gateway in Azure Spring Apps", "permissions": [ { - "actions": [], + "actions": [ + "Microsoft.AppPlatform/Spring/read", + "Microsoft.AppPlatform/Spring/gateways/read" + ], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.AppPlatform/Spring/managedComponents/logstream/action" + "Microsoft.AppPlatform/Spring/SpringCloudGateway/logstream/action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Spring Apps Managed Components Log Reader Role", + "roleName": "Azure Spring Apps Spring Cloud Gateway Log Reader Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15124,23 +15127,20 @@ "assignableScopes": [ "/" ], - "description": "Read real-time logs for Application Configuration Service in Azure Spring Apps", + "description": "Read real-time logs for all managed components in Azure Spring Apps", "permissions": [ { - "actions": [ - "Microsoft.AppPlatform/Spring/read", - "Microsoft.AppPlatform/Spring/configurationServices/read" - ], + "actions": [], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action" + "Microsoft.AppPlatform/Spring/managedComponents/logstream/action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Spring Apps Application Configuration Service Log Reader Role", + "roleName": "Azure Spring Apps Managed Components Log Reader Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15148,23 +15148,23 @@ "assignableScopes": [ "/" ], - "description": "Read real-time logs for Spring Cloud Gateway in Azure Spring Apps", + "description": "Read real-time logs for Application Configuration Service in Azure Spring Apps", "permissions": [ { "actions": [ "Microsoft.AppPlatform/Spring/read", - "Microsoft.AppPlatform/Spring/gateways/read" + "Microsoft.AppPlatform/Spring/configurationServices/read" ], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.AppPlatform/Spring/SpringCloudGateway/logstream/action" + "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Spring Apps Spring Cloud Gateway Log Reader Role", + "roleName": "Azure Spring Apps Application Configuration Service Log Reader Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15276,23 +15276,24 @@ "assignableScopes": [ "/" ], - "description": "Enables permissions for the operator to manage and update the cloud controller managers deployed on top of OpenShift.", + "description": "Enables permissions to set OpenShift cluster-wide storage defaults. It ensures a default storageclass exists for clusters. It also installs Container Storage Interface (CSI) drivers which enable your cluster to use various storage backends.", "permissions": [ { "actions": [ + "Microsoft.Compute/virtualMachines/write", "Microsoft.Compute/virtualMachines/read", - "Microsoft.Network/loadBalancers/read", - "Microsoft.Network/loadBalancers/write", - "Microsoft.Network/networkInterfaces/read", - "Microsoft.Network/networkSecurityGroups/read", - "Microsoft.Network/networkSecurityGroups/write", - "Microsoft.Network/publicIPAddresses/join/action", - "Microsoft.Network/publicIPAddresses/read", - "Microsoft.Network/publicIPAddresses/write", - "Microsoft.Network/virtualNetworks/subnets/join/action", - "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/loadBalancers/backendAddressPools/join/action", - "Microsoft.Network/networkInterfaces/write" + "Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write", + "Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read", + "Microsoft.Compute/virtualMachineScaleSets/read", + "Microsoft.Compute/snapshots/write", + "Microsoft.Compute/snapshots/read", + "Microsoft.Compute/snapshots/delete", + "Microsoft.Compute/locations/operations/read", + "Microsoft.Compute/locations/DiskOperations/read", + "Microsoft.Compute/disks/write", + "Microsoft.Compute/disks/read", + "Microsoft.Compute/disks/delete", + "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, "conditionVersion": null, @@ -15301,7 +15302,7 @@ "notDataActions": [] } ], - "roleName": "Azure Red Hat OpenShift Cloud Controller Manager Role", + "roleName": "Azure Red Hat OpenShift Storage Operator Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15309,24 +15310,17 @@ "assignableScopes": [ "/" ], - "description": "Enables permissions to set OpenShift cluster-wide storage defaults. It ensures a default storageclass exists for clusters. It also installs Container Storage Interface (CSI) drivers which enable your cluster to use various storage backends.", + "description": "The ARO Operator is responsible for maintaining features, checks, and resources that are specific to an Azure Red Hat OpenShift cluster's continued functionality as a managed service. This includes, but is not limited to, machine management and health, network configuration, and monitoring.", "permissions": [ { "actions": [ - "Microsoft.Compute/virtualMachines/write", - "Microsoft.Compute/virtualMachines/read", - "Microsoft.Compute/virtualMachineScaleSets/virtualMachines/write", - "Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read", - "Microsoft.Compute/virtualMachineScaleSets/read", - "Microsoft.Compute/snapshots/write", - "Microsoft.Compute/snapshots/read", - "Microsoft.Compute/snapshots/delete", - "Microsoft.Compute/locations/operations/read", - "Microsoft.Compute/locations/DiskOperations/read", - "Microsoft.Compute/disks/write", - "Microsoft.Compute/disks/read", - "Microsoft.Compute/disks/delete", - "Microsoft.Resources/subscriptions/resourceGroups/read" + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Network/virtualNetworks/subnets/write", + "Microsoft.Network/natGateways/join/action", + "Microsoft.Network/routeTables/join/action", + "Microsoft.Network/networkSecurityGroups/join/action", + "Microsoft.Storage/storageAccounts/listKeys/action", + "Microsoft.Storage/storageAccounts/read" ], "condition": null, "conditionVersion": null, @@ -15335,7 +15329,7 @@ "notDataActions": [] } ], - "roleName": "Azure Red Hat OpenShift Storage Operator Role", + "roleName": "Azure Red Hat OpenShift Service Operator Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15343,16 +15337,21 @@ "assignableScopes": [ "/" ], - "description": "Enables permissions to install and upgrade the networking components on an OpenShift cluster.", + "description": "Enables permissions to set OpenShift cluster-wide storage defaults. It ensures a default storageclass exists for clusters. It also installs Container Storage Interface (CSI) drivers which enable your cluster to use Azure Files.", "permissions": [ { "actions": [ - "Microsoft.Network/networkInterfaces/read", - "Microsoft.Network/networkInterfaces/write", - "Microsoft.Network/virtualNetworks/read", - "Microsoft.Network/virtualNetworks/subnets/join/action", - "Microsoft.Network/loadBalancers/backendAddressPools/join/action", - "Microsoft.Compute/virtualMachines/read" + "Microsoft.Storage/storageAccounts/delete", + "Microsoft.Storage/storageAccounts/fileServices/read", + "Microsoft.Storage/storageAccounts/fileServices/shares/delete", + "Microsoft.Storage/storageAccounts/fileServices/shares/read", + "Microsoft.Storage/storageAccounts/fileServices/shares/write", + "Microsoft.Storage/storageAccounts/listKeys/action", + "Microsoft.Storage/storageAccounts/read", + "Microsoft.Storage/storageAccounts/write", + "Microsoft.Network/networkSecurityGroups/join/action", + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Network/virtualNetworks/subnets/write" ], "condition": null, "conditionVersion": null, @@ -15361,7 +15360,7 @@ "notDataActions": [] } ], - "roleName": "Azure Red Hat OpenShift Network Operator Role", + "roleName": "Azure Red Hat OpenShift Azure Files Storage Operator Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15404,21 +15403,16 @@ "assignableScopes": [ "/" ], - "description": "Enables permissions to set OpenShift cluster-wide storage defaults. It ensures a default storageclass exists for clusters. It also installs Container Storage Interface (CSI) drivers which enable your cluster to use Azure Files.", + "description": "Enables permissions to install and upgrade the networking components on an OpenShift cluster.", "permissions": [ { "actions": [ - "Microsoft.Storage/storageAccounts/delete", - "Microsoft.Storage/storageAccounts/fileServices/read", - "Microsoft.Storage/storageAccounts/fileServices/shares/delete", - "Microsoft.Storage/storageAccounts/fileServices/shares/read", - "Microsoft.Storage/storageAccounts/fileServices/shares/write", - "Microsoft.Storage/storageAccounts/listKeys/action", - "Microsoft.Storage/storageAccounts/read", - "Microsoft.Storage/storageAccounts/write", - "Microsoft.Network/networkSecurityGroups/join/action", - "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/virtualNetworks/subnets/write" + "Microsoft.Network/networkInterfaces/read", + "Microsoft.Network/networkInterfaces/write", + "Microsoft.Network/virtualNetworks/read", + "Microsoft.Network/virtualNetworks/subnets/join/action", + "Microsoft.Network/loadBalancers/backendAddressPools/join/action", + "Microsoft.Compute/virtualMachines/read" ], "condition": null, "conditionVersion": null, @@ -15427,7 +15421,7 @@ "notDataActions": [] } ], - "roleName": "Azure Red Hat OpenShift Azure Files Storage Operator Role", + "roleName": "Azure Red Hat OpenShift Network Operator Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15435,17 +15429,23 @@ "assignableScopes": [ "/" ], - "description": "The ARO Operator is responsible for maintaining features, checks, and resources that are specific to an Azure Red Hat OpenShift cluster's continued functionality as a managed service. This includes, but is not limited to, machine management and health, network configuration, and monitoring.", + "description": "Enables permissions for the operator to manage and update the cloud controller managers deployed on top of OpenShift.", "permissions": [ { "actions": [ + "Microsoft.Compute/virtualMachines/read", + "Microsoft.Network/loadBalancers/read", + "Microsoft.Network/loadBalancers/write", + "Microsoft.Network/networkInterfaces/read", + "Microsoft.Network/networkSecurityGroups/read", + "Microsoft.Network/networkSecurityGroups/write", + "Microsoft.Network/publicIPAddresses/join/action", + "Microsoft.Network/publicIPAddresses/read", + "Microsoft.Network/publicIPAddresses/write", + "Microsoft.Network/virtualNetworks/subnets/join/action", "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/virtualNetworks/subnets/write", - "Microsoft.Network/natGateways/join/action", - "Microsoft.Network/routeTables/join/action", - "Microsoft.Network/networkSecurityGroups/join/action", - "Microsoft.Storage/storageAccounts/listKeys/action", - "Microsoft.Storage/storageAccounts/read" + "Microsoft.Network/loadBalancers/backendAddressPools/join/action", + "Microsoft.Network/networkInterfaces/write" ], "condition": null, "conditionVersion": null, @@ -15454,7 +15454,7 @@ "notDataActions": [] } ], - "roleName": "Azure Red Hat OpenShift Service Operator Role", + "roleName": "Azure Red Hat OpenShift Cloud Controller Manager Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15800,20 +15800,20 @@ "assignableScopes": [ "/" ], - "description": "Users with editor access can sign in, view and edit all the bot resources, scenarios and configuration setting except for the bot instance keys & secrets and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs). A read-only access to the bot skills and channels.", + "description": "Users with reader access can sign in, have read-only access to the bot resources, scenarios and configuration setting except for the bot instance keys & secrets (including Authentication, Data Connection and Channels keys) and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs).", "permissions": [ { "actions": [], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.HealthBot/healthBots/Editor/Action" + "Microsoft.HealthBot/healthBots/Reader/Action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Health Bot Editor", + "roleName": "Health Bot Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15821,20 +15821,20 @@ "assignableScopes": [ "/" ], - "description": "Users with reader access can sign in, have read-only access to the bot resources, scenarios and configuration setting except for the bot instance keys & secrets (including Authentication, Data Connection and Channels keys) and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs).", + "description": "Users with editor access can sign in, view and edit all the bot resources, scenarios and configuration setting except for the bot instance keys & secrets and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs). A read-only access to the bot skills and channels.", "permissions": [ { "actions": [], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.HealthBot/healthBots/Reader/Action" + "Microsoft.HealthBot/healthBots/Editor/Action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Health Bot Reader", + "roleName": "Health Bot Editor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15842,26 +15842,20 @@ "assignableScopes": [ "/" ], - "description": "Allows access to all Gateway dataplane APIs.", + "description": "Users with admin access can sign in, view and edit all of the bot resources, scenarios and configuration setting including the bot instance keys & secrets.", "permissions": [ { - "actions": [ - "Microsoft.ResourceHealth/availabilityStatuses/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/", - "Microsoft.Resources/deployments/*" - ], + "actions": [], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.ProgrammableConnectivity/Gateways/NetworkAPIAccess" + "Microsoft.HealthBot/healthBots/Admin/Action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Programmable Connectivity Gateway Dataplane User", + "roleName": "Health Bot Admin", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -15869,20 +15863,26 @@ "assignableScopes": [ "/" ], - "description": "Users with admin access can sign in, view and edit all of the bot resources, scenarios and configuration setting including the bot instance keys & secrets.", + "description": "Allows access to all Gateway dataplane APIs.", "permissions": [ { - "actions": [], + "actions": [ + "Microsoft.ResourceHealth/availabilityStatuses/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/", + "Microsoft.Resources/deployments/*" + ], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.HealthBot/healthBots/Admin/Action" + "Microsoft.ProgrammableConnectivity/Gateways/NetworkAPIAccess" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Health Bot Admin", + "roleName": "Azure Programmable Connectivity Gateway Dataplane User", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16163,29 +16163,6 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, - { - "assignableScopes": [ - "/" - ], - "description": "Backup MultiUser-Authorization. Allows user to perform critical operation protected by resourceguard", - "permissions": [ - { - "actions": [ - "Microsoft.DataProtection/*/action", - "Microsoft.DataProtection/*/read", - "Microsoft.Authorization/*/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ], - "roleName": "Backup MUA Operator", - "roleType": "BuiltInRole", - "type": "Microsoft.Authorization/roleDefinitions" - }, { "assignableScopes": [ "/" @@ -16232,6 +16209,29 @@ "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, + { + "assignableScopes": [ + "/" + ], + "description": "Backup MultiUser-Authorization. Allows user to perform critical operation protected by resourceguard", + "permissions": [ + { + "actions": [ + "Microsoft.DataProtection/*/action", + "Microsoft.DataProtection/*/read", + "Microsoft.Authorization/*/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ], + "roleName": "Backup MUA Operator", + "roleType": "BuiltInRole", + "type": "Microsoft.Authorization/roleDefinitions" + }, { "assignableScopes": [ "/" @@ -16266,22 +16266,24 @@ "assignableScopes": [ "/" ], - "description": "Allows for read access to ExpressRoute CrossConnections", + "description": "Allows for read, write access to ExpressRoute CrossConnections", "permissions": [ { "actions": [ - "Microsoft.ClassicNetwork/expressRouteCrossConnections/*/read", - "Microsoft.Network/expressRouteCrossConnections/*/read", + "Microsoft.ClassicNetwork/expressRouteCrossConnections/*", + "Microsoft.Network/expressRouteCrossConnections/*", "Microsoft.Features/providers/features/read" ], "condition": null, "conditionVersion": null, "dataActions": [], - "notActions": [], + "notActions": [ + "Microsoft.Network/expressRouteCrossConnections/delete" + ], "notDataActions": [] } ], - "roleName": "CrossConnectionReader", + "roleName": "CrossConnectionManager", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16289,24 +16291,22 @@ "assignableScopes": [ "/" ], - "description": "Allows for read, write access to ExpressRoute CrossConnections", + "description": "Allows for read access to ExpressRoute CrossConnections", "permissions": [ { "actions": [ - "Microsoft.ClassicNetwork/expressRouteCrossConnections/*", - "Microsoft.Network/expressRouteCrossConnections/*", + "Microsoft.ClassicNetwork/expressRouteCrossConnections/*/read", + "Microsoft.Network/expressRouteCrossConnections/*/read", "Microsoft.Features/providers/features/read" ], "condition": null, "conditionVersion": null, "dataActions": [], - "notActions": [ - "Microsoft.Network/expressRouteCrossConnections/delete" - ], + "notActions": [], "notDataActions": [] } ], - "roleName": "CrossConnectionManager", + "roleName": "CrossConnectionReader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16345,27 +16345,22 @@ "assignableScopes": [ "/" ], - "description": "Allows managing Azure API Center service.", + "description": "Allows managing API compliance in Azure API Center service.", "permissions": [ { "actions": [ - "Microsoft.ApiCenter/services/*", - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.ResourceHealth/availabilityStatuses/read", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read" + "Microsoft.ApiCenter/services/*/read", + "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action", + "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action" ], "condition": null, "conditionVersion": null, "dataActions": [], - "notActions": [ - "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action" - ], + "notActions": [], "notDataActions": [] } ], - "roleName": "Azure API Center Service Contributor", + "roleName": "Azure API Center Compliance Manager", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16400,22 +16395,27 @@ "assignableScopes": [ "/" ], - "description": "Allows managing API compliance in Azure API Center service.", + "description": "Allows managing Azure API Center service.", "permissions": [ { "actions": [ - "Microsoft.ApiCenter/services/*/read", - "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action", - "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action" + "Microsoft.ApiCenter/services/*", + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.ResourceHealth/availabilityStatuses/read", + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, "conditionVersion": null, "dataActions": [], - "notActions": [], + "notActions": [ + "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action" + ], "notDataActions": [] } ], - "roleName": "Azure API Center Compliance Manager", + "roleName": "Azure API Center Service Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16450,28 +16450,19 @@ "assignableScopes": [ "/" ], - "description": "Grants full access to manage all VmCluster resources", + "description": "Grants full access to manage all Oracle Subscriptions resources", "permissions": [ { "actions": [ - "Oracle.Database/cloudVmClusters/*/read", - "Oracle.Database/cloudVmClusters/*/write", - "Oracle.Database/cloudVmClusters/*/delete", - "Oracle.Database/cloudExadataInfrastructures/write", - "Oracle.Database/cloudExadataInfrastructures/*/read", + "Oracle.Database/oracleSubscriptions/*/read", + "Oracle.Database/oracleSubscriptions/*/write", + "Oracle.Database/oracleSubscriptions/*/delete", + "Oracle.Database/oracleSubscriptions/*/action", "Oracle.Database/Locations/*/read", "Oracle.Database/Locations/*/write", "Oracle.Database/Operations/read", - "Oracle.Database/oracleSubscriptions/*/read", "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Network/virtualNetworks/read", - "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/virtualNetworks/subnets/write", - "Microsoft.Network/locations/operations/read", - "Microsoft.Compute/sshPublicKeys/read", - "Microsoft.Compute/sshPublicKeys/write", - "Microsoft.Compute/sshPublicKeys/generateKeyPair/action" + "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, "conditionVersion": null, @@ -16480,7 +16471,7 @@ "notDataActions": [] } ], - "roleName": "Oracle.Database VmCluster Administrator Built-in Role", + "roleName": "Oracle Subscriptions Manager Built-in Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16488,23 +16479,20 @@ "assignableScopes": [ "/" ], - "description": "Grants read access to all Oracle.Database resources", + "description": "Grants full access to manage all Oracle.Database resources", "permissions": [ { "actions": [ - "Oracle.Database/Locations/*/read", - "Oracle.Database/Operations/read", - "Oracle.Database/oracleSubscriptions/*/read", - "Oracle.Database/cloudExadataInfrastructures/*/read", - "Oracle.Database/cloudVmClusters/*/read", - "Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action", - "Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action", + "Oracle.Database/*", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/deployments/*/read", - "Microsoft.Network/virtualNetworks/subnets/read", "Microsoft.Network/virtualNetworks/read", + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Network/virtualNetworks/subnets/write", "Microsoft.Network/locations/operations/read", - "Microsoft.Resources/deployments/*" + "Microsoft.Resources/deployments/*", + "Microsoft.Compute/sshPublicKeys/read", + "Microsoft.Compute/sshPublicKeys/write", + "Microsoft.Compute/sshPublicKeys/generateKeyPair/action" ], "condition": null, "conditionVersion": null, @@ -16513,7 +16501,7 @@ "notDataActions": [] } ], - "roleName": "Oracle.Database Reader Built-in Role", + "roleName": "Oracle.Database Owner Built-in Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16521,20 +16509,23 @@ "assignableScopes": [ "/" ], - "description": "Grants full access to manage all Oracle.Database resources", + "description": "Grants read access to all Oracle.Database resources", "permissions": [ { "actions": [ - "Oracle.Database/*", + "Oracle.Database/Locations/*/read", + "Oracle.Database/Operations/read", + "Oracle.Database/oracleSubscriptions/*/read", + "Oracle.Database/cloudExadataInfrastructures/*/read", + "Oracle.Database/cloudVmClusters/*/read", + "Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action", + "Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Network/virtualNetworks/read", + "Microsoft.Resources/deployments/*/read", "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/virtualNetworks/subnets/write", + "Microsoft.Network/virtualNetworks/read", "Microsoft.Network/locations/operations/read", - "Microsoft.Resources/deployments/*", - "Microsoft.Compute/sshPublicKeys/read", - "Microsoft.Compute/sshPublicKeys/write", - "Microsoft.Compute/sshPublicKeys/generateKeyPair/action" + "Microsoft.Resources/deployments/*" ], "condition": null, "conditionVersion": null, @@ -16543,7 +16534,7 @@ "notDataActions": [] } ], - "roleName": "Oracle.Database Owner Built-in Role", + "roleName": "Oracle.Database Reader Built-in Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16551,19 +16542,28 @@ "assignableScopes": [ "/" ], - "description": "Grants full access to manage all Oracle Subscriptions resources", + "description": "Grants full access to manage all VmCluster resources", "permissions": [ { "actions": [ - "Oracle.Database/oracleSubscriptions/*/read", - "Oracle.Database/oracleSubscriptions/*/write", - "Oracle.Database/oracleSubscriptions/*/delete", - "Oracle.Database/oracleSubscriptions/*/action", + "Oracle.Database/cloudVmClusters/*/read", + "Oracle.Database/cloudVmClusters/*/write", + "Oracle.Database/cloudVmClusters/*/delete", + "Oracle.Database/cloudExadataInfrastructures/write", + "Oracle.Database/cloudExadataInfrastructures/*/read", "Oracle.Database/Locations/*/read", "Oracle.Database/Locations/*/write", "Oracle.Database/Operations/read", + "Oracle.Database/oracleSubscriptions/*/read", "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read" + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Network/virtualNetworks/read", + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Network/virtualNetworks/subnets/write", + "Microsoft.Network/locations/operations/read", + "Microsoft.Compute/sshPublicKeys/read", + "Microsoft.Compute/sshPublicKeys/write", + "Microsoft.Compute/sshPublicKeys/generateKeyPair/action" ], "condition": null, "conditionVersion": null, @@ -16572,7 +16572,7 @@ "notDataActions": [] } ], - "roleName": "Oracle Subscriptions Manager Built-in Role", + "roleName": "Oracle.Database VmCluster Administrator Built-in Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16621,22 +16621,23 @@ "assignableScopes": [ "/" ], - "description": "Allows for full access to Azure Messaging Catalog resources.", + "description": "Read content of config file pattern for Application Configuration Service in Azure Spring Apps", "permissions": [ { "actions": [ - "Microsoft.MessagingCatalog/*" + "Microsoft.AppPlatform/Spring/read", + "Microsoft.AppPlatform/Spring/configurationServices/read" ], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.MessagingCatalog/*" + "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/read" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Messaging Catalog Data Owner", + "roleName": "Azure Spring Apps Application Configuration Service Config File Pattern Reader Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16644,23 +16645,22 @@ "assignableScopes": [ "/" ], - "description": "Read content of config file pattern for Application Configuration Service in Azure Spring Apps", + "description": "Allows for full access to Azure Messaging Catalog resources.", "permissions": [ { "actions": [ - "Microsoft.AppPlatform/Spring/read", - "Microsoft.AppPlatform/Spring/configurationServices/read" + "Microsoft.MessagingCatalog/*" ], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/read" + "Microsoft.MessagingCatalog/*" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Spring Apps Application Configuration Service Config File Pattern Reader Role", + "roleName": "Azure Messaging Catalog Data Owner", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16865,20 +16865,25 @@ "assignableScopes": [ "/" ], - "description": "List instances for job executions in Azure Spring Apps", + "description": "Read real-time logs for jobs in Azure Spring Apps", "permissions": [ { - "actions": [], + "actions": [ + "Microsoft.AppPlatform/Spring/read", + "Microsoft.AppPlatform/Spring/jobs/read", + "Microsoft.AppPlatform/Spring/jobs/executions/read" + ], "condition": null, "conditionVersion": null, "dataActions": [ + "Microsoft.AppPlatform/Spring/jobs/executions/logstream/action", "Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Spring Apps Job Execution Instance List Role", + "roleName": "Azure Spring Apps Job Log Reader Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16886,25 +16891,20 @@ "assignableScopes": [ "/" ], - "description": "Read real-time logs for jobs in Azure Spring Apps", + "description": "List instances for job executions in Azure Spring Apps", "permissions": [ { - "actions": [ - "Microsoft.AppPlatform/Spring/read", - "Microsoft.AppPlatform/Spring/jobs/read", - "Microsoft.AppPlatform/Spring/jobs/executions/read" - ], + "actions": [], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.AppPlatform/Spring/jobs/executions/logstream/action", "Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action" ], "notActions": [], "notDataActions": [] } ], - "roleName": "Azure Spring Apps Job Log Reader Role", + "roleName": "Azure Spring Apps Job Execution Instance List Role", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16912,11 +16912,12 @@ "assignableScopes": [ "/" ], - "description": "Read-only access to Nexus Network Fabric Service", + "description": "Read-write access to Nexus Network Fabric Service", "permissions": [ { "actions": [ "Microsoft.ManagedNetworkFabric/*/read", + "Microsoft.ManagedNetworkFabric/*/write", "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", "Microsoft.Resources/deployments/*", @@ -16929,7 +16930,7 @@ "notDataActions": [] } ], - "roleName": "Nexus Network Fabric Service Reader", + "roleName": "Nexus Network Fabric Service Writer", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16937,12 +16938,11 @@ "assignableScopes": [ "/" ], - "description": "Read-write access to Nexus Network Fabric Service", + "description": "Read-only access to Nexus Network Fabric Service", "permissions": [ { "actions": [ "Microsoft.ManagedNetworkFabric/*/read", - "Microsoft.ManagedNetworkFabric/*/write", "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", "Microsoft.Resources/deployments/*", @@ -16955,7 +16955,7 @@ "notDataActions": [] } ], - "roleName": "Nexus Network Fabric Service Writer", + "roleName": "Nexus Network Fabric Service Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16963,7 +16963,7 @@ "assignableScopes": [ "/" ], - "description": "Allows a user to manage deployment stacks, but cannot create or delete deny assignments within the deployment stack.", + "description": "Allows a user to manage deployment stacks, including those with deny assignments.", "permissions": [ { "actions": [ @@ -16971,8 +16971,7 @@ "Microsoft.Insights/alertRules/*", "Microsoft.Resources/deployments/*", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/deploymentStacks/write", - "Microsoft.Resources/deploymentStacks/read" + "Microsoft.Resources/deploymentStacks/*" ], "condition": null, "conditionVersion": null, @@ -16981,7 +16980,7 @@ "notDataActions": [] } ], - "roleName": "Azure Deployment Stack Contributor", + "roleName": "Azure Deployment Stack Owner", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -16989,7 +16988,7 @@ "assignableScopes": [ "/" ], - "description": "Allows a user to manage deployment stacks, including those with deny assignments.", + "description": "Allows a user to manage deployment stacks, but cannot create or delete deny assignments within the deployment stack.", "permissions": [ { "actions": [ @@ -16997,7 +16996,8 @@ "Microsoft.Insights/alertRules/*", "Microsoft.Resources/deployments/*", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/deploymentStacks/*" + "Microsoft.Resources/deploymentStacks/write", + "Microsoft.Resources/deploymentStacks/read" ], "condition": null, "conditionVersion": null, @@ -17006,7 +17006,7 @@ "notDataActions": [] } ], - "roleName": "Azure Deployment Stack Owner", + "roleName": "Azure Deployment Stack Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17085,7 +17085,7 @@ "assignableScopes": [ "/" ], - "description": "Allows for read and write access to Azure Container Registry repositories, but excluding catalog listing.", + "description": "Allows for read access to Azure Container Registry repositories, but excluding catalog listing.", "permissions": [ { "actions": [], @@ -17093,15 +17093,13 @@ "conditionVersion": null, "dataActions": [ "Microsoft.ContainerRegistry/registries/repositories/metadata/read", - "Microsoft.ContainerRegistry/registries/repositories/content/read", - "Microsoft.ContainerRegistry/registries/repositories/metadata/write", - "Microsoft.ContainerRegistry/registries/repositories/content/write" + "Microsoft.ContainerRegistry/registries/repositories/content/read" ], "notActions": [], "notDataActions": [] } ], - "roleName": "ACR Repository Writer", + "roleName": "ACR Repository Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17109,7 +17107,7 @@ "assignableScopes": [ "/" ], - "description": "Allows for read access to Azure Container Registry repositories, but excluding catalog listing.", + "description": "Allows for read and write access to Azure Container Registry repositories, but excluding catalog listing.", "permissions": [ { "actions": [], @@ -17117,13 +17115,15 @@ "conditionVersion": null, "dataActions": [ "Microsoft.ContainerRegistry/registries/repositories/metadata/read", - "Microsoft.ContainerRegistry/registries/repositories/content/read" + "Microsoft.ContainerRegistry/registries/repositories/content/read", + "Microsoft.ContainerRegistry/registries/repositories/metadata/write", + "Microsoft.ContainerRegistry/registries/repositories/content/write" ], "notActions": [], "notDataActions": [] } ], - "roleName": "ACR Repository Reader", + "roleName": "ACR Repository Writer", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17269,12 +17269,14 @@ "assignableScopes": [ "/" ], - "description": "Allows you to view all Microsoft.ProviderHub resources created through the Resource Provider Platform, but does not allow you to make any changes to the resources.", + "description": "Allows you to create and manage Microsoft.ProviderHub resources through the Resource Provider Platform. Does not allow you to assign roles in Azure RBAC.", "permissions": [ { "actions": [ - "Microsoft.ProviderHub/*/read", + "Microsoft.ProviderHub/*", "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/*", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.ResourceHealth/availabilityStatuses/read" ], @@ -17285,7 +17287,7 @@ "notDataActions": [] } ], - "roleName": "ProviderHub Reader", + "roleName": "ProviderHub Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17293,14 +17295,12 @@ "assignableScopes": [ "/" ], - "description": "Allows you to create and manage Microsoft.ProviderHub resources through the Resource Provider Platform. Does not allow you to assign roles in Azure RBAC.", + "description": "Allows you to view all Microsoft.ProviderHub resources created through the Resource Provider Platform, but does not allow you to make any changes to the resources.", "permissions": [ { "actions": [ - "Microsoft.ProviderHub/*", + "Microsoft.ProviderHub/*/read", "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/*", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.ResourceHealth/availabilityStatuses/read" ], @@ -17311,7 +17311,7 @@ "notDataActions": [] } ], - "roleName": "ProviderHub Contributor", + "roleName": "ProviderHub Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17772,34 +17772,22 @@ "assignableScopes": [ "/" ], - "description": "Read, logstream and exec into Container Apps.", + "description": "Read access to ContainerApps jobs", "permissions": [ { "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.App/containerApps/*/read", - "Microsoft.App/containerApps/*/action", - "Microsoft.App/managedEnvironments/read", - "Microsoft.App/managedEnvironments/*/read", - "Microsoft.App/managedEnvironments/join/action", - "Microsoft.App/managedEnvironments/checknameavailability/action", - "Microsoft.App/connectedEnvironments/read", - "Microsoft.App/connectedEnvironments/*/read", - "Microsoft.App/connectedEnvironments/join/action", - "Microsoft.App/connectedEnvironments/checknameavailability/action" + "microsoft.app/jobs/read", + "Microsoft.App/jobs/*/read", + "Microsoft.App/managedenvironments/read" ], "condition": null, "conditionVersion": null, - "dataActions": [ - "Microsoft.App/containerApps/logstream/action", - "Microsoft.App/containerApps/exec/action" - ], + "dataActions": [], "notActions": [], "notDataActions": [] } ], - "roleName": "Container Apps Operator", + "roleName": "Container Apps Jobs Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17807,17 +17795,24 @@ "assignableScopes": [ "/" ], - "description": "Full management of Container Apps ManagedEnvironments, including creation, deletion, and updates.", + "description": "Full management of Container Apps, including creation, deletion, and updates.", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", + "Microsoft.App/containerApps/*/read", + "Microsoft.App/containerApps/*/write", + "Microsoft.App/containerApps/*/delete", + "Microsoft.App/containerApps/*/action", + "Microsoft.App/managedEnvironments/read", "Microsoft.App/managedEnvironments/*/read", - "Microsoft.App/managedEnvironments/*/write", - "Microsoft.App/managedEnvironments/*/delete", - "Microsoft.App/managedEnvironments/*/action", - "Microsoft.Resources/deployments/*" + "Microsoft.App/managedEnvironments/join/action", + "Microsoft.App/managedEnvironments/checknameavailability/action", + "Microsoft.App/connectedEnvironments/read", + "Microsoft.App/connectedEnvironments/*/read", + "Microsoft.App/connectedEnvironments/join/action", + "Microsoft.App/connectedEnvironments/checknameavailability/action" ], "condition": null, "conditionVersion": null, @@ -17826,7 +17821,7 @@ "notDataActions": [] } ], - "roleName": "Container Apps ManagedEnvironments Contributor", + "roleName": "Container Apps Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17834,15 +17829,13 @@ "assignableScopes": [ "/" ], - "description": "Full management of Container Apps, including creation, deletion, and updates.", + "description": "Read, logstream and exec into Container Apps.", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", "Microsoft.App/containerApps/*/read", - "Microsoft.App/containerApps/*/write", - "Microsoft.App/containerApps/*/delete", "Microsoft.App/containerApps/*/action", "Microsoft.App/managedEnvironments/read", "Microsoft.App/managedEnvironments/*/read", @@ -17855,12 +17848,15 @@ ], "condition": null, "conditionVersion": null, - "dataActions": [], + "dataActions": [ + "Microsoft.App/containerApps/logstream/action", + "Microsoft.App/containerApps/exec/action" + ], "notActions": [], "notDataActions": [] } ], - "roleName": "Container Apps Contributor", + "roleName": "Container Apps Operator", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17868,13 +17864,13 @@ "assignableScopes": [ "/" ], - "description": "Read access to ContainerApps managedenvironments.", + "description": "Read access to ContainerApps sessionpools.", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "Microsoft.App/managedEnvironments/*/read" + "Microsoft.App/sessionPools/*/read" ], "condition": null, "conditionVersion": null, @@ -17883,7 +17879,7 @@ "notDataActions": [] } ], - "roleName": "Container Apps ManagedEnvironments Reader", + "roleName": "Container Apps SessionPools Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17891,13 +17887,25 @@ "assignableScopes": [ "/" ], - "description": "Read access to ContainerApps jobs", + "description": "Full management of Container Apps SessionPools, including creation, deletion, and updates.", "permissions": [ { "actions": [ - "microsoft.app/jobs/read", - "Microsoft.App/jobs/*/read", - "Microsoft.App/managedenvironments/read" + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.App/sessionPools/*/read", + "Microsoft.App/sessionPools/*/write", + "Microsoft.App/sessionPools/*/delete", + "Microsoft.App/sessionPools/*/action", + "microsoft.App/managedEnvironments/read", + "Microsoft.App/managedEnvironments/*/read", + "Microsoft.App/managedEnvironments/join/action", + "Microsoft.App/managedEnvironments/checknameavailability/action", + "microsoft.App/connectedEnvironments/read", + "Microsoft.App/connectedEnvironments/*/read", + "Microsoft.App/connectedEnvironments/join/action", + "Microsoft.App/connectedEnvironments/checknameavailability/action", + "Microsoft.Resources/deployments/*" ], "condition": null, "conditionVersion": null, @@ -17906,7 +17914,7 @@ "notDataActions": [] } ], - "roleName": "Container Apps Jobs Reader", + "roleName": "Container Apps SessionPools Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17914,13 +17922,17 @@ "assignableScopes": [ "/" ], - "description": "Read access to ContainerApps sessionpools.", + "description": "Full management of Container Apps ManagedEnvironments, including creation, deletion, and updates.", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "Microsoft.App/sessionPools/*/read" + "Microsoft.App/managedEnvironments/*/read", + "Microsoft.App/managedEnvironments/*/write", + "Microsoft.App/managedEnvironments/*/delete", + "Microsoft.App/managedEnvironments/*/action", + "Microsoft.Resources/deployments/*" ], "condition": null, "conditionVersion": null, @@ -17929,7 +17941,7 @@ "notDataActions": [] } ], - "roleName": "Container Apps SessionPools Reader", + "roleName": "Container Apps ManagedEnvironments Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17937,26 +17949,13 @@ "assignableScopes": [ "/" ], - "description": "Full management of Container Apps jobs, including creation, deletion, and updates.", + "description": "Read access to ContainerApps managedenvironments.", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "microsoft.app/jobs/read", - "Microsoft.App/jobs/*/read", - "Microsoft.App/jobs/*/action", - "Microsoft.App/jobs/write", - "Microsoft.App/jobs/delete", - "Microsoft.app/managedenvironments/read", - "Microsoft.App/managedenvironments/*/read", - "Microsoft.App/managedenvironments/join/action", - "Microsoft.App/managedenvironments/checknameavailability/action", - "Microsoft.app/connectedEnvironments/read", - "Microsoft.App/connectedEnvironments/*/read", - "Microsoft.App/connectedEnvironments/join/action", - "Microsoft.App/connectedEnvironments/checknameavailability/action", - "Microsoft.Resources/deployments/*" + "Microsoft.App/managedEnvironments/*/read" ], "condition": null, "conditionVersion": null, @@ -17965,7 +17964,7 @@ "notDataActions": [] } ], - "roleName": "Container Apps Jobs Contributor", + "roleName": "Container Apps ManagedEnvironments Reader", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, @@ -17973,21 +17972,22 @@ "assignableScopes": [ "/" ], - "description": "Full management of Container Apps SessionPools, including creation, deletion, and updates.", + "description": "Full management of Container Apps jobs, including creation, deletion, and updates.", "permissions": [ { "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "Microsoft.App/sessionPools/*/read", - "Microsoft.App/sessionPools/*/write", - "Microsoft.App/sessionPools/*/delete", - "Microsoft.App/sessionPools/*/action", - "microsoft.App/managedEnvironments/read", - "Microsoft.App/managedEnvironments/*/read", - "Microsoft.App/managedEnvironments/join/action", - "Microsoft.App/managedEnvironments/checknameavailability/action", - "microsoft.App/connectedEnvironments/read", + "microsoft.app/jobs/read", + "Microsoft.App/jobs/*/read", + "Microsoft.App/jobs/*/action", + "Microsoft.App/jobs/write", + "Microsoft.App/jobs/delete", + "Microsoft.app/managedenvironments/read", + "Microsoft.App/managedenvironments/*/read", + "Microsoft.App/managedenvironments/join/action", + "Microsoft.App/managedenvironments/checknameavailability/action", + "Microsoft.app/connectedEnvironments/read", "Microsoft.App/connectedEnvironments/*/read", "Microsoft.App/connectedEnvironments/join/action", "Microsoft.App/connectedEnvironments/checknameavailability/action", @@ -18000,7 +18000,7 @@ "notDataActions": [] } ], - "roleName": "Container Apps SessionPools Contributor", + "roleName": "Container Apps Jobs Contributor", "roleType": "BuiltInRole", "type": "Microsoft.Authorization/roleDefinitions" }, diff --git a/azure/built-in-roles.json b/azure/built-in-roles.json index 7201cc8f9..f877942f1 100644 --- a/azure/built-in-roles.json +++ b/azure/built-in-roles.json @@ -13712,6 +13712,153 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Gets a network interface definition. ", "displayName": "Get Network Interface", @@ -36201,6 +36348,34 @@ "name": "Microsoft.CognitiveServices/accounts/ComputerVision/videoanalysis/indexes/read", "providerDisplayName": "Microsoft Cognitive Services", "providerName": "Microsoft.CognitiveServices" + }, + { + "description": "Create consent.", + "displayName": "Create consent.", + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/Consents/write", + "providerDisplayName": "Microsoft Cognitive Services", + "providerName": "Microsoft.CognitiveServices" + }, + { + "description": "Read consent.", + "displayName": "Read consent.", + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/Consents/read", + "providerDisplayName": "Microsoft Cognitive Services", + "providerName": "Microsoft.CognitiveServices" + }, + { + "description": "Delete consent.", + "displayName": "Delete consent.", + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/Consents/delete", + "providerDisplayName": "Microsoft Cognitive Services", + "providerName": "Microsoft.CognitiveServices" + }, + { + "description": "Read default consent template.", + "displayName": "Read default consent template.", + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/DefaultConsentTemplates/read", + "providerDisplayName": "Microsoft Cognitive Services", + "providerName": "Microsoft.CognitiveServices" } ], "rawPermissions": [ @@ -39967,6 +40142,20 @@ "name": "Microsoft.CognitiveServices/accounts/ComputerVision/videoanalysis/indexes/read", "providerDisplayName": "Microsoft Cognitive Services", "providerName": "Microsoft.CognitiveServices" + }, + { + "description": "Read consent.", + "displayName": "Read consent.", + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/Consents/read", + "providerDisplayName": "Microsoft Cognitive Services", + "providerName": "Microsoft.CognitiveServices" + }, + { + "description": "Read default consent template.", + "displayName": "Read default consent template.", + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/DefaultConsentTemplates/read", + "providerDisplayName": "Microsoft Cognitive Services", + "providerName": "Microsoft.CognitiveServices" } ], "rawPermissions": [ @@ -81579,6 +81768,13 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Join Application Gateway Web Application Firewall Policy. Not alertable", + "displayName": "Join Application Gateway Web Application Firewall Policy", + "name": "Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Attaches Web application firewall policy to application gateway for containers", "displayName": "Attaches Web application firewall policy to application gateway for containers", @@ -84428,6 +84624,195 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Create Or Update Routing Configuration", + "displayName": "Create Or Update Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Delete Routing Configuration", + "displayName": "Delete Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/delete", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Create Or Update Routing Rule Collection", + "displayName": "Create Or Update Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Delete Routing Rule Collection", + "displayName": "Delete Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/delete", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Create Or Update Routing Rule", + "displayName": "Create Or Update Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Delete Routing Rule", + "displayName": "Delete Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/delete", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Registers the subscription for the NotifciationHubs resource provider and enables the creation of Namespaces and NotificationHubs", "displayName": "Registers the NotificationHubs Provider", @@ -151550,62 +151935,6 @@ "name": "Microsoft.AzureImageTestingForLinux/jobs/delete", "providerDisplayName": "Microsoft.AzureImageTestingForLinux", "providerName": "Microsoft.AzureImageTestingForLinux" - }, - { - "description": "Register the subscription for Microsoft.MobilePacketCore", - "displayName": "Register the Microsoft.MobilePacketCore", - "name": "Microsoft.MobilePacketCore/register/action", - "providerDisplayName": "Microsoft.MobilePacketCore", - "providerName": "Microsoft.MobilePacketCore" - }, - { - "description": "Unregister the subscription for Microsoft.MobilePacketCore", - "displayName": "Unregister the Microsoft.MobilePacketCore", - "name": "Microsoft.MobilePacketCore/unregister/action", - "providerDisplayName": "Microsoft.MobilePacketCore", - "providerName": "Microsoft.MobilePacketCore" - }, - { - "description": "action safeDeploymentContinue", - "displayName": "MobilePacketCores_SafeDeploymentContinue", - "name": "Microsoft.MobilePacketCore/mobilePacketCores/safeDeploymentContinue/action", - "providerDisplayName": "Microsoft.MobilePacketCore", - "providerName": "Microsoft.MobilePacketCore" - }, - { - "description": "action whatIfActivate", - "displayName": "MobilePacketCores_WhatIfActivate", - "name": "Microsoft.MobilePacketCore/mobilePacketCores/whatIfActivate/action", - "providerDisplayName": "Microsoft.MobilePacketCore", - "providerName": "Microsoft.MobilePacketCore" - }, - { - "description": "action whatIfSnapshot", - "displayName": "MobilePacketCores_WhatIfSnapshot", - "name": "Microsoft.MobilePacketCore/mobilePacketCores/whatIfSnapshot/action", - "providerDisplayName": "Microsoft.MobilePacketCore", - "providerName": "Microsoft.MobilePacketCore" - }, - { - "description": "action getResource", - "displayName": "ConfigSnapshots_GetResource", - "name": "Microsoft.MobilePacketCore/mobilePacketCores/configSnapshots/getResource/action", - "providerDisplayName": "Microsoft.MobilePacketCore", - "providerName": "Microsoft.MobilePacketCore" - }, - { - "description": "action getSummaryOfChanges", - "displayName": "ConfigSnapshots_GetSummaryOfChanges", - "name": "Microsoft.MobilePacketCore/mobilePacketCores/configSnapshots/getSummaryOfChanges/action", - "providerDisplayName": "Microsoft.MobilePacketCore", - "providerName": "Microsoft.MobilePacketCore" - }, - { - "description": "action getManifest", - "displayName": "ConfigSnapshots_GetManifest", - "name": "Microsoft.MobilePacketCore/mobilePacketCores/configSnapshots/getManifest/action", - "providerDisplayName": "Microsoft.MobilePacketCore", - "providerName": "Microsoft.MobilePacketCore" } ], "permittedDataActions": [], @@ -187572,6 +187901,153 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Get the list of Namespace Resource Description", "displayName": "Get Namespace Resource", @@ -236640,6 +237116,153 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Get the list of Namespace Resource Description", "displayName": "Get Namespace Resource", @@ -293934,6 +294557,153 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Get the list of Namespace Resource Description", "displayName": "Get Namespace Resource", @@ -342978,6 +343748,153 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Get the list of Namespace Resource Description", "displayName": "Get Namespace Resource", @@ -393412,6 +394329,153 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Get the list of Namespace Resource Description", "displayName": "Get Namespace Resource", @@ -428141,6 +429205,13 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Join Application Gateway Web Application Firewall Policy. Not alertable", + "displayName": "Join Application Gateway Web Application Firewall Policy", + "name": "Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Attaches Web application firewall policy to application gateway for containers", "displayName": "Attaches Web application firewall policy to application gateway for containers", @@ -430990,6 +432061,195 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Create Or Update Routing Configuration", + "displayName": "Create Or Update Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Delete Routing Configuration", + "displayName": "Delete Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/delete", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Create Or Update Routing Rule Collection", + "displayName": "Create Or Update Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Delete Routing Rule Collection", + "displayName": "Delete Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/delete", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Create Or Update Routing Rule", + "displayName": "Create Or Update Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Delete Routing Rule", + "displayName": "Delete Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/delete", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Gets the availability statuses for all resources in the specified scope", "displayName": "Get Availability Statuses", @@ -472267,6 +473527,13 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Join Application Gateway Web Application Firewall Policy. Not alertable", + "displayName": "Join Application Gateway Web Application Firewall Policy", + "name": "Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Attaches Web application firewall policy to application gateway for containers", "displayName": "Attaches Web application firewall policy to application gateway for containers", @@ -475116,6 +476383,195 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Create Or Update Routing Configuration", + "displayName": "Create Or Update Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Delete Routing Configuration", + "displayName": "Delete Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/delete", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Create Or Update Routing Rule Collection", + "displayName": "Create Or Update Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Delete Routing Rule Collection", + "displayName": "Delete Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/delete", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Create Or Update Routing Rule", + "displayName": "Create Or Update Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Delete Routing Rule", + "displayName": "Delete Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/delete", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Registers the subscription for the NotifciationHubs resource provider and enables the creation of Namespaces and NotificationHubs", "displayName": "Registers the NotificationHubs Provider", @@ -542273,62 +543729,6 @@ "name": "Microsoft.AzureImageTestingForLinux/jobs/delete", "providerDisplayName": "Microsoft.AzureImageTestingForLinux", "providerName": "Microsoft.AzureImageTestingForLinux" - }, - { - "description": "Register the subscription for Microsoft.MobilePacketCore", - "displayName": "Register the Microsoft.MobilePacketCore", - "name": "Microsoft.MobilePacketCore/register/action", - "providerDisplayName": "Microsoft.MobilePacketCore", - "providerName": "Microsoft.MobilePacketCore" - }, - { - "description": "Unregister the subscription for Microsoft.MobilePacketCore", - "displayName": "Unregister the Microsoft.MobilePacketCore", - "name": "Microsoft.MobilePacketCore/unregister/action", - "providerDisplayName": "Microsoft.MobilePacketCore", - "providerName": "Microsoft.MobilePacketCore" - }, - { - "description": "action safeDeploymentContinue", - "displayName": "MobilePacketCores_SafeDeploymentContinue", - "name": "Microsoft.MobilePacketCore/mobilePacketCores/safeDeploymentContinue/action", - "providerDisplayName": "Microsoft.MobilePacketCore", - "providerName": "Microsoft.MobilePacketCore" - }, - { - "description": "action whatIfActivate", - "displayName": "MobilePacketCores_WhatIfActivate", - "name": "Microsoft.MobilePacketCore/mobilePacketCores/whatIfActivate/action", - "providerDisplayName": "Microsoft.MobilePacketCore", - "providerName": "Microsoft.MobilePacketCore" - }, - { - "description": "action whatIfSnapshot", - "displayName": "MobilePacketCores_WhatIfSnapshot", - "name": "Microsoft.MobilePacketCore/mobilePacketCores/whatIfSnapshot/action", - "providerDisplayName": "Microsoft.MobilePacketCore", - "providerName": "Microsoft.MobilePacketCore" - }, - { - "description": "action getResource", - "displayName": "ConfigSnapshots_GetResource", - "name": "Microsoft.MobilePacketCore/mobilePacketCores/configSnapshots/getResource/action", - "providerDisplayName": "Microsoft.MobilePacketCore", - "providerName": "Microsoft.MobilePacketCore" - }, - { - "description": "action getSummaryOfChanges", - "displayName": "ConfigSnapshots_GetSummaryOfChanges", - "name": "Microsoft.MobilePacketCore/mobilePacketCores/configSnapshots/getSummaryOfChanges/action", - "providerDisplayName": "Microsoft.MobilePacketCore", - "providerName": "Microsoft.MobilePacketCore" - }, - { - "description": "action getManifest", - "displayName": "ConfigSnapshots_GetManifest", - "name": "Microsoft.MobilePacketCore/mobilePacketCores/configSnapshots/getManifest/action", - "providerDisplayName": "Microsoft.MobilePacketCore", - "providerName": "Microsoft.MobilePacketCore" } ], "permittedDataActions": [], @@ -560852,6 +562252,153 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Get the list of Namespace Resource Description", "displayName": "Get Namespace Resource", @@ -610582,6 +612129,153 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Get the list of Namespace Resource Description", "displayName": "Get Namespace Resource", @@ -656282,6 +657976,20 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Get the virtual network definition", "displayName": "Get Virtual Network", @@ -656688,6 +658396,20 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -684920,6 +686642,153 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Get the list of Namespace Resource Description", "displayName": "Get Namespace Resource", @@ -785252,6 +787121,153 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Get the list of Namespace Resource Description", "displayName": "Get Namespace Resource", @@ -858765,6 +860781,34 @@ "providerDisplayName": "Microsoft Cognitive Services", "providerName": "Microsoft.CognitiveServices" }, + { + "description": "Create consent.", + "displayName": "Create consent.", + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/Consents/write", + "providerDisplayName": "Microsoft Cognitive Services", + "providerName": "Microsoft.CognitiveServices" + }, + { + "description": "Read consent.", + "displayName": "Read consent.", + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/Consents/read", + "providerDisplayName": "Microsoft Cognitive Services", + "providerName": "Microsoft.CognitiveServices" + }, + { + "description": "Delete consent.", + "displayName": "Delete consent.", + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/Consents/delete", + "providerDisplayName": "Microsoft Cognitive Services", + "providerName": "Microsoft.CognitiveServices" + }, + { + "description": "Read default consent template.", + "displayName": "Read default consent template.", + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/DefaultConsentTemplates/read", + "providerDisplayName": "Microsoft Cognitive Services", + "providerName": "Microsoft.CognitiveServices" + }, { "description": "Gets one or more custom avatar projects.", "displayName": "Read Projects", @@ -914501,6 +916545,153 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Get the list of Namespace Resource Description", "displayName": "Get Namespace Resource", @@ -953859,6 +956050,34 @@ "providerDisplayName": "Microsoft Cognitive Services", "providerName": "Microsoft.CognitiveServices" }, + { + "description": "Create consent.", + "displayName": "Create consent.", + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/Consents/write", + "providerDisplayName": "Microsoft Cognitive Services", + "providerName": "Microsoft.CognitiveServices" + }, + { + "description": "Read consent.", + "displayName": "Read consent.", + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/Consents/read", + "providerDisplayName": "Microsoft Cognitive Services", + "providerName": "Microsoft.CognitiveServices" + }, + { + "description": "Delete consent.", + "displayName": "Delete consent.", + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/Consents/delete", + "providerDisplayName": "Microsoft Cognitive Services", + "providerName": "Microsoft.CognitiveServices" + }, + { + "description": "Read default consent template.", + "displayName": "Read default consent template.", + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/DefaultConsentTemplates/read", + "providerDisplayName": "Microsoft Cognitive Services", + "providerName": "Microsoft.CognitiveServices" + }, { "description": "Gets one or more custom avatar projects.", "displayName": "Read Projects", @@ -958580,109 +960799,11 @@ ] }, { - "description": "Arc ScVmm VM Contributor has permissions to perform all VM actions.", + "description": "Azure Arc ScVmm Private Cloud User has permissions to use the ScVmm resources to deploy VMs.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Arc ScVmm VM Contributor", + "name": "Azure Arc ScVmm Private Cloud User", "permittedActions": [ - { - "description": "Deletes virtualmachines", - "displayName": "Deletes virtualmachines resource", - "name": "Microsoft.SCVMM/virtualmachines/Delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Retrieves information about a virtual machine instance.", - "displayName": "VirtualMachineInstances_Get", - "name": "Microsoft.SCVMM/virtualMachineInstances/read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "The operation to create or update a virtual machine instance. Please note some properties can be set only during virtual machine instance creation.", - "displayName": "VirtualMachineInstances_CreateOrUpdate", - "name": "Microsoft.SCVMM/virtualMachineInstances/write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "The operation to delete a virtual machine instance.", - "displayName": "VirtualMachineInstances_Delete", - "name": "Microsoft.SCVMM/virtualMachineInstances/delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "The operation to power off (stop) a virtual machine instance.", - "displayName": "VirtualMachineInstances_Stop", - "name": "Microsoft.SCVMM/virtualMachineInstances/stop/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "The operation to start a virtual machine instance.", - "displayName": "VirtualMachineInstances_Start", - "name": "Microsoft.SCVMM/virtualMachineInstances/start/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "The operation to restart a virtual machine instance.", - "displayName": "VirtualMachineInstances_Restart", - "name": "Microsoft.SCVMM/virtualMachineInstances/restart/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Creates a checkpoint in virtual machine instance.", - "displayName": "VirtualMachineInstances_CreateCheckpoint", - "name": "Microsoft.SCVMM/virtualMachineInstances/createCheckpoint/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Deletes a checkpoint in virtual machine instance.", - "displayName": "VirtualMachineInstances_DeleteCheckpoint", - "name": "Microsoft.SCVMM/virtualMachineInstances/deleteCheckpoint/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Restores to a checkpoint in virtual machine instance.", - "displayName": "VirtualMachineInstances_RestoreCheckpoint", - "name": "Microsoft.SCVMM/virtualMachineInstances/restoreCheckpoint/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Implements HybridIdentityMetadata GET method.", - "displayName": "VirtualMachineInstanceHybridIdentityMetadata_Get", - "name": "Microsoft.SCVMM/virtualMachineInstances/hybridIdentityMetadata/read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Implements GuestAgent GET method.", - "displayName": "VMInstanceGuestAgents_Get", - "name": "Microsoft.SCVMM/virtualMachineInstances/guestAgents/read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Create Or Update GuestAgent.", - "displayName": "VMInstanceGuestAgents_Create", - "name": "Microsoft.SCVMM/virtualMachineInstances/guestAgents/write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Implements GuestAgent DELETE method.", - "displayName": "VMInstanceGuestAgents_Delete", - "name": "Microsoft.SCVMM/virtualMachineInstances/guestAgents/delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, { "description": "Create or update a classic metric alert", "displayName": "Create or update classic metric alert", @@ -959041,229 +961162,73 @@ "providerName": "Microsoft.Resources" }, { - "description": "Gets an Custom Location resource", - "displayName": "Get Custom Location", - "name": "Microsoft.ExtendedLocation/customLocations/read", - "providerDisplayName": "Microsoft.ExtendedLocation", - "providerName": "Microsoft.ExtendedLocation" - }, - { - "description": "Deploy permissions to a Custom Location resource", - "displayName": "Deploy permissions to Custom Location", - "name": "Microsoft.ExtendedLocation/customLocations/deploy/action", - "providerDisplayName": "Microsoft.ExtendedLocation", - "providerName": "Microsoft.ExtendedLocation" - }, - { - "description": "Read any Azure Arc machines", - "displayName": "Read Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Writes an Azure Arc machines", - "displayName": "Write Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Deletes an Azure Arc machines", - "displayName": "Delete Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Upgrades Extensions on Azure Arc machines", - "displayName": "Upgrade Extensions on Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/UpgradeExtensions/action", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Assesses any Azure Arc machines to get missing software patches", - "displayName": "Assess Azure Arc machines to get missing software patches", - "name": "Microsoft.HybridCompute/machines/assessPatches/action", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Installs patches on any Azure Arc machines", - "displayName": "Install patches on Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/installPatches/action", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc extensions", - "displayName": "Read Azure Arc extensions", - "name": "Microsoft.HybridCompute/machines/extensions/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Installs or Updates an Azure Arc extensions", - "displayName": "Install or Update an Azure Arc extensions", - "name": "Microsoft.HybridCompute/machines/extensions/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Deletes an Azure Arc extensions", - "displayName": "Delete Azure Arc extensions", - "name": "Microsoft.HybridCompute/machines/extensions/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Read all Operations for Azure Arc for Servers", - "displayName": "Read all Operations", - "name": "Microsoft.HybridCompute/operations/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", - "displayName": "Read Operation Results", - "name": "Microsoft.HybridCompute/locations/operationresults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", - "displayName": "Read Operation Results", - "name": "Microsoft.HybridCompute/locations/operationstatus/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc patchAssessmentResults", - "displayName": "Read Azure Arc patchAssessmentResults", - "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc patchAssessmentResults/softwarePatches", - "displayName": "Read Azure Arc patchAssessmentResults/softwarePatches", - "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc patchInstallationResults", - "displayName": "Read Azure Arc patchInstallationResults", - "name": "Microsoft.HybridCompute/machines/patchInstallationResults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc patchInstallationResults/softwarePatches", - "displayName": "Read Azure Arc patchInstallationResults/softwarePatches", - "name": "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads the status of an update center operation on machines", - "displayName": "Read Update Center Operation Results", - "name": "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Read any Azure Arc machines's Hybrid Identity Metadata", - "displayName": "Read Azure Arc machines's Hybrid Identity Metadata", - "name": "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Read all Azure Connected Machine Agent versions available", - "displayName": "Read all Azure Connected Machine Agent versions available", - "name": "Microsoft.HybridCompute/osType/agentVersions/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Read the latest Azure Connected Machine Agent version", - "displayName": "Read the latest Azure Connected Machine Agent version", - "name": "Microsoft.HybridCompute/osType/agentVersions/latest/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc runcommands", - "displayName": "Read Azure Arc runcommands", - "name": "Microsoft.HybridCompute/machines/runcommands/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Join virtual network.", + "displayName": "Join virtual network.", + "name": "Microsoft.SCVMM/virtualnetworks/join/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" }, { - "description": "Installs or Updates an Azure Arc runcommands", - "displayName": "Install or Update an Azure Arc runcommands", - "name": "Microsoft.HybridCompute/machines/runcommands/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Read virtualnetworks", + "displayName": "Gets/List virtualnetworks resources", + "name": "Microsoft.SCVMM/virtualnetworks/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" }, { - "description": "Deletes an Azure Arc runcommands", - "displayName": "Delete Azure Arc runcommands", - "name": "Microsoft.HybridCompute/machines/runcommands/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Clones virtualmachinetemplates", + "displayName": "Clones virtualmachinetemplates resource", + "name": "Microsoft.SCVMM/virtualmachinetemplates/clone/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" }, { - "description": "Reads any Azure Arc licenseProfiles", - "displayName": "Read Azure Arc licenseProfiles", - "name": "Microsoft.HybridCompute/machines/licenseProfiles/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Read virtualmachinetemplates", + "displayName": "Gets/List virtualmachinetemplates resources", + "name": "Microsoft.SCVMM/virtualmachinetemplates/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" }, { - "description": "Installs or Updates an Azure Arc licenseProfiles", - "displayName": "Install or Update an Azure Arc licenseProfiles", - "name": "Microsoft.HybridCompute/machines/licenseProfiles/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Deploy on resource pool.", + "displayName": "Deploy on resource pool.", + "name": "Microsoft.SCVMM/clouds/deploy/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" }, { - "description": "Deletes an Azure Arc licenseProfiles", - "displayName": "Delete Azure Arc licenseProfiles", - "name": "Microsoft.HybridCompute/machines/licenseProfiles/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Read clouds", + "displayName": "Gets/List clouds resources", + "name": "Microsoft.SCVMM/clouds/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" }, { - "description": "Reads any Azure Arc licenses", - "displayName": "Read Azure Arc licenses", - "name": "Microsoft.HybridCompute/licenses/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Gets an Custom Location resource", + "displayName": "Get Custom Location", + "name": "Microsoft.ExtendedLocation/customLocations/read", + "providerDisplayName": "Microsoft.ExtendedLocation", + "providerName": "Microsoft.ExtendedLocation" }, { - "description": "Installs or Updates an Azure Arc licenses", - "displayName": "Install or Update an Azure Arc licenses", - "name": "Microsoft.HybridCompute/licenses/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Deploy permissions to a Custom Location resource", + "displayName": "Deploy permissions to Custom Location", + "name": "Microsoft.ExtendedLocation/customLocations/deploy/action", + "providerDisplayName": "Microsoft.ExtendedLocation", + "providerName": "Microsoft.ExtendedLocation" }, { - "description": "Deletes an Azure Arc licenses", - "displayName": "Delete Azure Arc licenses", - "name": "Microsoft.HybridCompute/licenses/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" + "description": "Gets EnabledResourceTypes for a Custom Location resource", + "displayName": "Get EnabledResourceTypes for Custom Location", + "name": "Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read", + "providerDisplayName": "Microsoft.ExtendedLocation", + "providerName": "Microsoft.ExtendedLocation" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "microsoft.scvmm/virtualmachines/*", - "microsoft.scvmm/virtualMachineInstances/*", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -959289,37 +961254,15 @@ "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/operationresults/read", + "microsoft.scvmm/virtualnetworks/join/action", + "microsoft.scvmm/virtualnetworks/Read", + "microsoft.scvmm/virtualmachinetemplates/clone/action", + "microsoft.scvmm/virtualmachinetemplates/Read", + "microsoft.scvmm/clouds/deploy/action", + "microsoft.scvmm/clouds/Read", "Microsoft.ExtendedLocation/customLocations/Read", "Microsoft.ExtendedLocation/customLocations/deploy/action", - "Microsoft.HybridCompute/machines/read", - "Microsoft.HybridCompute/machines/write", - "Microsoft.HybridCompute/machines/delete", - "Microsoft.HybridCompute/machines/UpgradeExtensions/action", - "Microsoft.HybridCompute/machines/assessPatches/action", - "Microsoft.HybridCompute/machines/installPatches/action", - "Microsoft.HybridCompute/machines/extensions/read", - "Microsoft.HybridCompute/machines/extensions/write", - "Microsoft.HybridCompute/machines/extensions/delete", - "Microsoft.HybridCompute/operations/read", - "Microsoft.HybridCompute/locations/operationresults/read", - "Microsoft.HybridCompute/locations/operationstatus/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", - "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", - "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", - "Microsoft.HybridCompute/osType/agentVersions/read", - "Microsoft.HybridCompute/osType/agentVersions/latest/read", - "Microsoft.HybridCompute/machines/runcommands/read", - "Microsoft.HybridCompute/machines/runcommands/write", - "Microsoft.HybridCompute/machines/runcommands/delete", - "Microsoft.HybridCompute/machines/licenseProfiles/read", - "Microsoft.HybridCompute/machines/licenseProfiles/write", - "Microsoft.HybridCompute/machines/licenseProfiles/delete", - "Microsoft.HybridCompute/licenses/read", - "Microsoft.HybridCompute/licenses/write", - "Microsoft.HybridCompute/licenses/delete" + "Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read" ], "condition": null, "conditionVersion": null, @@ -959330,74 +961273,11 @@ ] }, { - "description": "Arc ScVmm VM Administrator has permissions to perform all ScVmm actions.", + "description": "Arc ScVmm VM Contributor has permissions to perform all VM actions.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Arc ScVmm Administrator role", + "name": "Azure Arc ScVmm VM Contributor", "permittedActions": [ - { - "description": "unregister RP.", - "displayName": "unregister RP.", - "name": "Microsoft.SCVMM/unregister/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "register RP.", - "displayName": "register RP.", - "name": "Microsoft.SCVMM/register/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Read vmmservers", - "displayName": "Gets/List vmmservers resources", - "name": "Microsoft.SCVMM/vmmservers/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Writes vmmservers", - "displayName": "Create/update vmmservers resources", - "name": "Microsoft.SCVMM/vmmservers/Write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Deletes vmmservers", - "displayName": "Deletes vmmservers resource", - "name": "Microsoft.SCVMM/vmmservers/Delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Read clouds", - "displayName": "Gets/List clouds resources", - "name": "Microsoft.SCVMM/clouds/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Writes clouds", - "displayName": "Create/update clouds resources", - "name": "Microsoft.SCVMM/clouds/Write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Deletes clouds", - "displayName": "Deletes clouds resource", - "name": "Microsoft.SCVMM/clouds/Delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Deploy on resource pool.", - "displayName": "Deploy on resource pool.", - "name": "Microsoft.SCVMM/clouds/deploy/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, { "description": "Deletes virtualmachines", "displayName": "Deletes virtualmachines resource", @@ -959405,139 +961285,6 @@ "providerDisplayName": "Microsoft.SCVMM", "providerName": "Microsoft.SCVMM" }, - { - "description": "Read virtualmachinetemplates", - "displayName": "Gets/List virtualmachinetemplates resources", - "name": "Microsoft.SCVMM/virtualmachinetemplates/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Writes virtualmachinetemplates", - "displayName": "Create/update virtualmachinetemplates resources", - "name": "Microsoft.SCVMM/virtualmachinetemplates/Write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Deletes virtualmachinetemplates", - "displayName": "Deletes virtualmachinetemplates resource", - "name": "Microsoft.SCVMM/virtualmachinetemplates/Delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Clones virtualmachinetemplates", - "displayName": "Clones virtualmachinetemplates resource", - "name": "Microsoft.SCVMM/virtualmachinetemplates/clone/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Read virtualnetworks", - "displayName": "Gets/List virtualnetworks resources", - "name": "Microsoft.SCVMM/virtualnetworks/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Writes virtualnetworks", - "displayName": "Create/update virtualnetworks resources", - "name": "Microsoft.SCVMM/virtualnetworks/Write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Deletes virtualnetworks", - "displayName": "Deletes virtualnetworks resource", - "name": "Microsoft.SCVMM/virtualnetworks/Delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Join virtual network.", - "displayName": "Join virtual network.", - "name": "Microsoft.SCVMM/virtualnetworks/join/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Read availabilitySets", - "displayName": "Gets/List availabilitySets resources", - "name": "Microsoft.SCVMM/availabilitySets/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Writes availabilitySets", - "displayName": "Create/update availabilitySets resources", - "name": "Microsoft.SCVMM/availabilitySets/Write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Deletes availabilitySets", - "displayName": "Deletes availabilitySets resource", - "name": "Microsoft.SCVMM/availabilitySets/Delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Deletes vmmserver inventoryitems", - "displayName": "Deletes vmmservers inventoryitems resource", - "name": "Microsoft.SCVMM/vmmservers/inventoryitems/Delete", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Read vmmserver inventoryitems", - "displayName": "Gets/List vmmservers inventoryitems resources", - "name": "Microsoft.SCVMM/vmmservers/inventoryitems/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Writes vmmservers inventoryitems", - "displayName": "Create/update vmmservers inventoryitems resources", - "name": "Microsoft.SCVMM/vmmservers/inventoryitems/Write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Onboards vmmservers inventoryitems", - "displayName": "Onboards vmmservers inventoryitems resources", - "name": "Microsoft.SCVMM/vmmservers/inventoryitems/onboard/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Read operationstatus.", - "displayName": "Read operationstatus.", - "name": "Microsoft.SCVMM/locations/operationstatuses/read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Write operationstatus.", - "displayName": "Write operationstatus.", - "name": "Microsoft.SCVMM/locations/operationstatuses/write", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Read operations.", - "displayName": "Read operations.", - "name": "Microsoft.SCVMM/operations/read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, - { - "description": "Get skus.", - "displayName": "Get skus.", - "name": "Microsoft.SCVMM/skus/read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" - }, { "description": "Retrieves information about a virtual machine instance.", "displayName": "VirtualMachineInstances_Get", @@ -960208,7 +961955,8 @@ "rawPermissions": [ { "actions": [ - "Microsoft.ScVmm/*", + "microsoft.scvmm/virtualmachines/*", + "microsoft.scvmm/virtualMachineInstances/*", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -960717,11 +962465,305 @@ ] }, { - "description": "Azure Arc ScVmm Private Cloud User has permissions to use the ScVmm resources to deploy VMs.", + "description": "Arc ScVmm VM Administrator has permissions to perform all ScVmm actions.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Arc ScVmm Private Cloud User", + "name": "Azure Arc ScVmm Administrator role", "permittedActions": [ + { + "description": "unregister RP.", + "displayName": "unregister RP.", + "name": "Microsoft.SCVMM/unregister/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "register RP.", + "displayName": "register RP.", + "name": "Microsoft.SCVMM/register/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read vmmservers", + "displayName": "Gets/List vmmservers resources", + "name": "Microsoft.SCVMM/vmmservers/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Writes vmmservers", + "displayName": "Create/update vmmservers resources", + "name": "Microsoft.SCVMM/vmmservers/Write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deletes vmmservers", + "displayName": "Deletes vmmservers resource", + "name": "Microsoft.SCVMM/vmmservers/Delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read clouds", + "displayName": "Gets/List clouds resources", + "name": "Microsoft.SCVMM/clouds/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Writes clouds", + "displayName": "Create/update clouds resources", + "name": "Microsoft.SCVMM/clouds/Write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deletes clouds", + "displayName": "Deletes clouds resource", + "name": "Microsoft.SCVMM/clouds/Delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deploy on resource pool.", + "displayName": "Deploy on resource pool.", + "name": "Microsoft.SCVMM/clouds/deploy/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deletes virtualmachines", + "displayName": "Deletes virtualmachines resource", + "name": "Microsoft.SCVMM/virtualmachines/Delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read virtualmachinetemplates", + "displayName": "Gets/List virtualmachinetemplates resources", + "name": "Microsoft.SCVMM/virtualmachinetemplates/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Writes virtualmachinetemplates", + "displayName": "Create/update virtualmachinetemplates resources", + "name": "Microsoft.SCVMM/virtualmachinetemplates/Write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deletes virtualmachinetemplates", + "displayName": "Deletes virtualmachinetemplates resource", + "name": "Microsoft.SCVMM/virtualmachinetemplates/Delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Clones virtualmachinetemplates", + "displayName": "Clones virtualmachinetemplates resource", + "name": "Microsoft.SCVMM/virtualmachinetemplates/clone/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read virtualnetworks", + "displayName": "Gets/List virtualnetworks resources", + "name": "Microsoft.SCVMM/virtualnetworks/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Writes virtualnetworks", + "displayName": "Create/update virtualnetworks resources", + "name": "Microsoft.SCVMM/virtualnetworks/Write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deletes virtualnetworks", + "displayName": "Deletes virtualnetworks resource", + "name": "Microsoft.SCVMM/virtualnetworks/Delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Join virtual network.", + "displayName": "Join virtual network.", + "name": "Microsoft.SCVMM/virtualnetworks/join/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read availabilitySets", + "displayName": "Gets/List availabilitySets resources", + "name": "Microsoft.SCVMM/availabilitySets/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Writes availabilitySets", + "displayName": "Create/update availabilitySets resources", + "name": "Microsoft.SCVMM/availabilitySets/Write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deletes availabilitySets", + "displayName": "Deletes availabilitySets resource", + "name": "Microsoft.SCVMM/availabilitySets/Delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deletes vmmserver inventoryitems", + "displayName": "Deletes vmmservers inventoryitems resource", + "name": "Microsoft.SCVMM/vmmservers/inventoryitems/Delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read vmmserver inventoryitems", + "displayName": "Gets/List vmmservers inventoryitems resources", + "name": "Microsoft.SCVMM/vmmservers/inventoryitems/Read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Writes vmmservers inventoryitems", + "displayName": "Create/update vmmservers inventoryitems resources", + "name": "Microsoft.SCVMM/vmmservers/inventoryitems/Write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Onboards vmmservers inventoryitems", + "displayName": "Onboards vmmservers inventoryitems resources", + "name": "Microsoft.SCVMM/vmmservers/inventoryitems/onboard/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read operationstatus.", + "displayName": "Read operationstatus.", + "name": "Microsoft.SCVMM/locations/operationstatuses/read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Write operationstatus.", + "displayName": "Write operationstatus.", + "name": "Microsoft.SCVMM/locations/operationstatuses/write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Read operations.", + "displayName": "Read operations.", + "name": "Microsoft.SCVMM/operations/read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Get skus.", + "displayName": "Get skus.", + "name": "Microsoft.SCVMM/skus/read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Retrieves information about a virtual machine instance.", + "displayName": "VirtualMachineInstances_Get", + "name": "Microsoft.SCVMM/virtualMachineInstances/read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "The operation to create or update a virtual machine instance. Please note some properties can be set only during virtual machine instance creation.", + "displayName": "VirtualMachineInstances_CreateOrUpdate", + "name": "Microsoft.SCVMM/virtualMachineInstances/write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "The operation to delete a virtual machine instance.", + "displayName": "VirtualMachineInstances_Delete", + "name": "Microsoft.SCVMM/virtualMachineInstances/delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "The operation to power off (stop) a virtual machine instance.", + "displayName": "VirtualMachineInstances_Stop", + "name": "Microsoft.SCVMM/virtualMachineInstances/stop/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "The operation to start a virtual machine instance.", + "displayName": "VirtualMachineInstances_Start", + "name": "Microsoft.SCVMM/virtualMachineInstances/start/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "The operation to restart a virtual machine instance.", + "displayName": "VirtualMachineInstances_Restart", + "name": "Microsoft.SCVMM/virtualMachineInstances/restart/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Creates a checkpoint in virtual machine instance.", + "displayName": "VirtualMachineInstances_CreateCheckpoint", + "name": "Microsoft.SCVMM/virtualMachineInstances/createCheckpoint/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Deletes a checkpoint in virtual machine instance.", + "displayName": "VirtualMachineInstances_DeleteCheckpoint", + "name": "Microsoft.SCVMM/virtualMachineInstances/deleteCheckpoint/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Restores to a checkpoint in virtual machine instance.", + "displayName": "VirtualMachineInstances_RestoreCheckpoint", + "name": "Microsoft.SCVMM/virtualMachineInstances/restoreCheckpoint/action", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Implements HybridIdentityMetadata GET method.", + "displayName": "VirtualMachineInstanceHybridIdentityMetadata_Get", + "name": "Microsoft.SCVMM/virtualMachineInstances/hybridIdentityMetadata/read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Implements GuestAgent GET method.", + "displayName": "VMInstanceGuestAgents_Get", + "name": "Microsoft.SCVMM/virtualMachineInstances/guestAgents/read", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Create Or Update GuestAgent.", + "displayName": "VMInstanceGuestAgents_Create", + "name": "Microsoft.SCVMM/virtualMachineInstances/guestAgents/write", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, + { + "description": "Implements GuestAgent DELETE method.", + "displayName": "VMInstanceGuestAgents_Delete", + "name": "Microsoft.SCVMM/virtualMachineInstances/guestAgents/delete", + "providerDisplayName": "Microsoft.SCVMM", + "providerName": "Microsoft.SCVMM" + }, { "description": "Create or update a classic metric alert", "displayName": "Create or update classic metric alert", @@ -961080,73 +963122,228 @@ "providerName": "Microsoft.Resources" }, { - "description": "Join virtual network.", - "displayName": "Join virtual network.", - "name": "Microsoft.SCVMM/virtualnetworks/join/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" + "description": "Gets an Custom Location resource", + "displayName": "Get Custom Location", + "name": "Microsoft.ExtendedLocation/customLocations/read", + "providerDisplayName": "Microsoft.ExtendedLocation", + "providerName": "Microsoft.ExtendedLocation" }, { - "description": "Read virtualnetworks", - "displayName": "Gets/List virtualnetworks resources", - "name": "Microsoft.SCVMM/virtualnetworks/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" + "description": "Deploy permissions to a Custom Location resource", + "displayName": "Deploy permissions to Custom Location", + "name": "Microsoft.ExtendedLocation/customLocations/deploy/action", + "providerDisplayName": "Microsoft.ExtendedLocation", + "providerName": "Microsoft.ExtendedLocation" }, { - "description": "Clones virtualmachinetemplates", - "displayName": "Clones virtualmachinetemplates resource", - "name": "Microsoft.SCVMM/virtualmachinetemplates/clone/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" + "description": "Read any Azure Arc machines", + "displayName": "Read Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Read virtualmachinetemplates", - "displayName": "Gets/List virtualmachinetemplates resources", - "name": "Microsoft.SCVMM/virtualmachinetemplates/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" + "description": "Writes an Azure Arc machines", + "displayName": "Write Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Deploy on resource pool.", - "displayName": "Deploy on resource pool.", - "name": "Microsoft.SCVMM/clouds/deploy/action", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" + "description": "Deletes an Azure Arc machines", + "displayName": "Delete Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Read clouds", - "displayName": "Gets/List clouds resources", - "name": "Microsoft.SCVMM/clouds/Read", - "providerDisplayName": "Microsoft.SCVMM", - "providerName": "Microsoft.SCVMM" + "description": "Upgrades Extensions on Azure Arc machines", + "displayName": "Upgrade Extensions on Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/UpgradeExtensions/action", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Gets an Custom Location resource", - "displayName": "Get Custom Location", - "name": "Microsoft.ExtendedLocation/customLocations/read", - "providerDisplayName": "Microsoft.ExtendedLocation", - "providerName": "Microsoft.ExtendedLocation" + "description": "Assesses any Azure Arc machines to get missing software patches", + "displayName": "Assess Azure Arc machines to get missing software patches", + "name": "Microsoft.HybridCompute/machines/assessPatches/action", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Deploy permissions to a Custom Location resource", - "displayName": "Deploy permissions to Custom Location", - "name": "Microsoft.ExtendedLocation/customLocations/deploy/action", - "providerDisplayName": "Microsoft.ExtendedLocation", - "providerName": "Microsoft.ExtendedLocation" + "description": "Installs patches on any Azure Arc machines", + "displayName": "Install patches on Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/installPatches/action", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" }, { - "description": "Gets EnabledResourceTypes for a Custom Location resource", - "displayName": "Get EnabledResourceTypes for Custom Location", - "name": "Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read", - "providerDisplayName": "Microsoft.ExtendedLocation", - "providerName": "Microsoft.ExtendedLocation" + "description": "Reads any Azure Arc extensions", + "displayName": "Read Azure Arc extensions", + "name": "Microsoft.HybridCompute/machines/extensions/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs or Updates an Azure Arc extensions", + "displayName": "Install or Update an Azure Arc extensions", + "name": "Microsoft.HybridCompute/machines/extensions/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc extensions", + "displayName": "Delete Azure Arc extensions", + "name": "Microsoft.HybridCompute/machines/extensions/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Read all Operations for Azure Arc for Servers", + "displayName": "Read all Operations", + "name": "Microsoft.HybridCompute/operations/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", + "displayName": "Read Operation Results", + "name": "Microsoft.HybridCompute/locations/operationresults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", + "displayName": "Read Operation Results", + "name": "Microsoft.HybridCompute/locations/operationstatus/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc patchAssessmentResults", + "displayName": "Read Azure Arc patchAssessmentResults", + "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc patchAssessmentResults/softwarePatches", + "displayName": "Read Azure Arc patchAssessmentResults/softwarePatches", + "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc patchInstallationResults", + "displayName": "Read Azure Arc patchInstallationResults", + "name": "Microsoft.HybridCompute/machines/patchInstallationResults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc patchInstallationResults/softwarePatches", + "displayName": "Read Azure Arc patchInstallationResults/softwarePatches", + "name": "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads the status of an update center operation on machines", + "displayName": "Read Update Center Operation Results", + "name": "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Read any Azure Arc machines's Hybrid Identity Metadata", + "displayName": "Read Azure Arc machines's Hybrid Identity Metadata", + "name": "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Read all Azure Connected Machine Agent versions available", + "displayName": "Read all Azure Connected Machine Agent versions available", + "name": "Microsoft.HybridCompute/osType/agentVersions/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Read the latest Azure Connected Machine Agent version", + "displayName": "Read the latest Azure Connected Machine Agent version", + "name": "Microsoft.HybridCompute/osType/agentVersions/latest/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc runcommands", + "displayName": "Read Azure Arc runcommands", + "name": "Microsoft.HybridCompute/machines/runcommands/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs or Updates an Azure Arc runcommands", + "displayName": "Install or Update an Azure Arc runcommands", + "name": "Microsoft.HybridCompute/machines/runcommands/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc runcommands", + "displayName": "Delete Azure Arc runcommands", + "name": "Microsoft.HybridCompute/machines/runcommands/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc licenseProfiles", + "displayName": "Read Azure Arc licenseProfiles", + "name": "Microsoft.HybridCompute/machines/licenseProfiles/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs or Updates an Azure Arc licenseProfiles", + "displayName": "Install or Update an Azure Arc licenseProfiles", + "name": "Microsoft.HybridCompute/machines/licenseProfiles/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc licenseProfiles", + "displayName": "Delete Azure Arc licenseProfiles", + "name": "Microsoft.HybridCompute/machines/licenseProfiles/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc licenses", + "displayName": "Read Azure Arc licenses", + "name": "Microsoft.HybridCompute/licenses/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs or Updates an Azure Arc licenses", + "displayName": "Install or Update an Azure Arc licenses", + "name": "Microsoft.HybridCompute/licenses/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc licenses", + "displayName": "Delete Azure Arc licenses", + "name": "Microsoft.HybridCompute/licenses/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ + "Microsoft.ScVmm/*", "Microsoft.Insights/AlertRules/Write", "Microsoft.Insights/AlertRules/Delete", "Microsoft.Insights/AlertRules/Read", @@ -961172,15 +963369,37 @@ "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/operationresults/read", - "microsoft.scvmm/virtualnetworks/join/action", - "microsoft.scvmm/virtualnetworks/Read", - "microsoft.scvmm/virtualmachinetemplates/clone/action", - "microsoft.scvmm/virtualmachinetemplates/Read", - "microsoft.scvmm/clouds/deploy/action", - "microsoft.scvmm/clouds/Read", "Microsoft.ExtendedLocation/customLocations/Read", "Microsoft.ExtendedLocation/customLocations/deploy/action", - "Microsoft.ExtendedLocation/customLocations/enabledresourcetypes/read" + "Microsoft.HybridCompute/machines/read", + "Microsoft.HybridCompute/machines/write", + "Microsoft.HybridCompute/machines/delete", + "Microsoft.HybridCompute/machines/UpgradeExtensions/action", + "Microsoft.HybridCompute/machines/assessPatches/action", + "Microsoft.HybridCompute/machines/installPatches/action", + "Microsoft.HybridCompute/machines/extensions/read", + "Microsoft.HybridCompute/machines/extensions/write", + "Microsoft.HybridCompute/machines/extensions/delete", + "Microsoft.HybridCompute/operations/read", + "Microsoft.HybridCompute/locations/operationresults/read", + "Microsoft.HybridCompute/locations/operationstatus/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", + "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", + "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", + "Microsoft.HybridCompute/osType/agentVersions/read", + "Microsoft.HybridCompute/osType/agentVersions/latest/read", + "Microsoft.HybridCompute/machines/runcommands/read", + "Microsoft.HybridCompute/machines/runcommands/write", + "Microsoft.HybridCompute/machines/runcommands/delete", + "Microsoft.HybridCompute/machines/licenseProfiles/read", + "Microsoft.HybridCompute/machines/licenseProfiles/write", + "Microsoft.HybridCompute/machines/licenseProfiles/delete", + "Microsoft.HybridCompute/licenses/read", + "Microsoft.HybridCompute/licenses/write", + "Microsoft.HybridCompute/licenses/delete" ], "condition": null, "conditionVersion": null, @@ -961191,10 +963410,10 @@ ] }, { - "description": "Can read, create, modify and delete HDInsight on AKS cluster pools and create clusters", + "description": "Grants a user/group the ability to create, delete and manage clusters within a given cluster pool. Cluster Admin can also run workloads, monitor, and manage all user activity on these clusters.", "hasExternal": false, "hasUnknown": false, - "name": "HDInsight on AKS Cluster Pool Admin", + "name": "HDInsight on AKS Cluster Admin", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -961400,44 +963619,86 @@ "providerName": "Microsoft.HDInsight" }, { - "description": "Delete a HDInsight on AKS Cluster Pool", - "displayName": "Delete Cluster Pool", - "name": "Microsoft.HDInsight/clusterPools/delete", + "description": "Delete a HDInsight on AKS cluster", + "displayName": "Delete HDInsight on AKS Cluster", + "name": "Microsoft.HDInsight/clusterPools/clusters/delete", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Get details about HDInsight on AKS Cluster Pool", - "displayName": "Read Cluster Pool Details", - "name": "Microsoft.HDInsight/clusterPools/read", + "description": "Resize a HDInsight on AKS Cluster", + "displayName": "Resize HDInsight on AKS Cluster", + "name": "Microsoft.HDInsight/clusterPools/clusters/resize/action", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Create or Update HDInsight on AKS Cluster Pool", - "displayName": "Create or Update Cluster Pool", - "name": "Microsoft.HDInsight/clusterPools/write", + "description": "Get details about HDInsight on AKS Cluster Instance View", + "displayName": "Read Instance View Details", + "name": "Microsoft.HDInsight/clusterPools/clusters/instanceviews/read", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Get Avaliable Upgrades for HDInsight on AKS Cluster Pool", - "displayName": "Get Avaliable Upgrades for HDInsight on AKS Cluster Pool", - "name": "Microsoft.HDInsight/clusterPools/availableupgrades/read", + "description": "List HDInsight on AKS Cluster Jobs", + "displayName": "List HDInsight on AKS Cluster Jobs", + "name": "Microsoft.HDInsight/clusterPools/clusters/jobs/read", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Upgrade HDInsight on AKS Cluster Pool", - "displayName": "Upgrade HDInsight on AKS Cluster Pool", - "name": "Microsoft.HDInsight/clusterPools/upgrade/action", + "description": "Run HDInsight on AKS Cluster Job", + "displayName": "Run HDInsight on AKS Cluster Job", + "name": "Microsoft.HDInsight/clusterPools/clusters/runjob/action", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Read HDInsight on AKS Cluster Pool Upgrade Histories", - "displayName": "Read HDInsight on AKS Cluster Pool Upgrade Histories", - "name": "Microsoft.HDInsight/clusterPools/upgradehistories/read", + "description": "Get details about HDInsight on AKS Cluster Service Configurations", + "displayName": "Read Service Configurations Details", + "name": "Microsoft.HDInsight/clusterPools/clusters/serviceconfigs/read", + "providerDisplayName": "Microsoft.HDInsight", + "providerName": "Microsoft.HDInsight" + }, + { + "description": "Get Avaliable Upgrades for HDInsight on AKS Cluster", + "displayName": "Get Avaliable Upgrades for HDInsight on AKS Cluster", + "name": "Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read", + "providerDisplayName": "Microsoft.HDInsight", + "providerName": "Microsoft.HDInsight" + }, + { + "description": "Upgrade HDInsight on AKS Cluster", + "displayName": "Upgrade HDInsight on AKS Cluster", + "name": "Microsoft.HDInsight/clusterPools/clusters/upgrade/action", + "providerDisplayName": "Microsoft.HDInsight", + "providerName": "Microsoft.HDInsight" + }, + { + "description": "Rollback HDInsight on AKS Cluster Upgrade", + "displayName": "Rollback HDInsight on AKS Cluster Upgrade", + "name": "Microsoft.HDInsight/clusterPools/clusters/rollback/action", + "providerDisplayName": "Microsoft.HDInsight", + "providerName": "Microsoft.HDInsight" + }, + { + "description": "Read HDInsight on AKS Cluster Upgrade Histories", + "displayName": "Read HDInsight on AKS Cluster Upgrade Histories", + "name": "Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read", + "providerDisplayName": "Microsoft.HDInsight", + "providerName": "Microsoft.HDInsight" + }, + { + "description": "Read HDInsight on AKS Cluster Libaries", + "displayName": "Read HDInsight on AKS Cluster Libraries", + "name": "Microsoft.HDInsight/clusterPools/clusters/libraries/read", + "providerDisplayName": "Microsoft.HDInsight", + "providerName": "Microsoft.HDInsight" + }, + { + "description": "Manage HDInsight on AKS Cluster Libaries", + "displayName": "Manage HDInsight on AKS Cluster Libraries", + "name": "Microsoft.HDInsight/clusterPools/clusters/managelibraries/action", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, @@ -961455,13 +963716,6 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, { "description": "Gets or lists deployment operations.", "displayName": "Get Deployment Operation", @@ -961483,6 +963737,13 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, { "description": "Creates or updates an deployment.", "displayName": "Create Deployment", @@ -961497,13 +963758,6 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, { "description": "Gets or lists deployment operations.", "displayName": "Get Deployment Operation", @@ -961603,20 +963857,25 @@ "Microsoft.Authorization/*/read", "Microsoft.HDInsight/clusterPools/clusters/read", "Microsoft.HDInsight/clusterPools/clusters/write", - "Microsoft.HDInsight/clusterPools/delete", - "Microsoft.HDInsight/clusterPools/read", - "Microsoft.HDInsight/clusterPools/write", - "Microsoft.HDInsight/clusterpools/availableupgrades/read", - "Microsoft.HDInsight/clusterpools/upgrade/action", - "Microsoft.HDInsight/clusterPools/upgradehistories/read", + "Microsoft.HDInsight/clusterPools/clusters/delete", + "Microsoft.HDInsight/clusterPools/clusters/resize/action", + "Microsoft.HDInsight/clusterpools/clusters/instanceviews/read", + "Microsoft.HDInsight/clusterPools/clusters/jobs/read", + "Microsoft.HDInsight/clusterPools/clusters/runjob/action", + "Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read", + "Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read", + "Microsoft.HDInsight/clusterPools/clusters/upgrade/action", + "Microsoft.HDInsight/clusterPools/clusters/rollback/action", + "Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read", + "Microsoft.HDInsight/clusterPools/clusters/libraries/read", + "Microsoft.HDInsight/clusterPools/clusters/managelibraries/action", "Microsoft.ResourceHealth/availabilityStatuses/read", "Microsoft.Resources/deployments/operations/read", - "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/deployments/*/read", "Microsoft.Resources/deployments/read", + "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/deployments/write", "Microsoft.Resources/deployments/exportTemplate/action", - "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", "Microsoft.Resources/subscriptions/resourceGroups/read", @@ -961640,10 +963899,10 @@ ] }, { - "description": "Grants a user/group the ability to create, delete and manage clusters within a given cluster pool. Cluster Admin can also run workloads, monitor, and manage all user activity on these clusters.", + "description": "Can read, create, modify and delete HDInsight on AKS cluster pools and create clusters", "hasExternal": false, "hasUnknown": false, - "name": "HDInsight on AKS Cluster Admin", + "name": "HDInsight on AKS Cluster Pool Admin", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -961849,86 +964108,44 @@ "providerName": "Microsoft.HDInsight" }, { - "description": "Delete a HDInsight on AKS cluster", - "displayName": "Delete HDInsight on AKS Cluster", - "name": "Microsoft.HDInsight/clusterPools/clusters/delete", - "providerDisplayName": "Microsoft.HDInsight", - "providerName": "Microsoft.HDInsight" - }, - { - "description": "Resize a HDInsight on AKS Cluster", - "displayName": "Resize HDInsight on AKS Cluster", - "name": "Microsoft.HDInsight/clusterPools/clusters/resize/action", - "providerDisplayName": "Microsoft.HDInsight", - "providerName": "Microsoft.HDInsight" - }, - { - "description": "Get details about HDInsight on AKS Cluster Instance View", - "displayName": "Read Instance View Details", - "name": "Microsoft.HDInsight/clusterPools/clusters/instanceviews/read", - "providerDisplayName": "Microsoft.HDInsight", - "providerName": "Microsoft.HDInsight" - }, - { - "description": "List HDInsight on AKS Cluster Jobs", - "displayName": "List HDInsight on AKS Cluster Jobs", - "name": "Microsoft.HDInsight/clusterPools/clusters/jobs/read", - "providerDisplayName": "Microsoft.HDInsight", - "providerName": "Microsoft.HDInsight" - }, - { - "description": "Run HDInsight on AKS Cluster Job", - "displayName": "Run HDInsight on AKS Cluster Job", - "name": "Microsoft.HDInsight/clusterPools/clusters/runjob/action", - "providerDisplayName": "Microsoft.HDInsight", - "providerName": "Microsoft.HDInsight" - }, - { - "description": "Get details about HDInsight on AKS Cluster Service Configurations", - "displayName": "Read Service Configurations Details", - "name": "Microsoft.HDInsight/clusterPools/clusters/serviceconfigs/read", - "providerDisplayName": "Microsoft.HDInsight", - "providerName": "Microsoft.HDInsight" - }, - { - "description": "Get Avaliable Upgrades for HDInsight on AKS Cluster", - "displayName": "Get Avaliable Upgrades for HDInsight on AKS Cluster", - "name": "Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read", + "description": "Delete a HDInsight on AKS Cluster Pool", + "displayName": "Delete Cluster Pool", + "name": "Microsoft.HDInsight/clusterPools/delete", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Upgrade HDInsight on AKS Cluster", - "displayName": "Upgrade HDInsight on AKS Cluster", - "name": "Microsoft.HDInsight/clusterPools/clusters/upgrade/action", + "description": "Get details about HDInsight on AKS Cluster Pool", + "displayName": "Read Cluster Pool Details", + "name": "Microsoft.HDInsight/clusterPools/read", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Rollback HDInsight on AKS Cluster Upgrade", - "displayName": "Rollback HDInsight on AKS Cluster Upgrade", - "name": "Microsoft.HDInsight/clusterPools/clusters/rollback/action", + "description": "Create or Update HDInsight on AKS Cluster Pool", + "displayName": "Create or Update Cluster Pool", + "name": "Microsoft.HDInsight/clusterPools/write", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Read HDInsight on AKS Cluster Upgrade Histories", - "displayName": "Read HDInsight on AKS Cluster Upgrade Histories", - "name": "Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read", + "description": "Get Avaliable Upgrades for HDInsight on AKS Cluster Pool", + "displayName": "Get Avaliable Upgrades for HDInsight on AKS Cluster Pool", + "name": "Microsoft.HDInsight/clusterPools/availableupgrades/read", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Read HDInsight on AKS Cluster Libaries", - "displayName": "Read HDInsight on AKS Cluster Libraries", - "name": "Microsoft.HDInsight/clusterPools/clusters/libraries/read", + "description": "Upgrade HDInsight on AKS Cluster Pool", + "displayName": "Upgrade HDInsight on AKS Cluster Pool", + "name": "Microsoft.HDInsight/clusterPools/upgrade/action", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, { - "description": "Manage HDInsight on AKS Cluster Libaries", - "displayName": "Manage HDInsight on AKS Cluster Libraries", - "name": "Microsoft.HDInsight/clusterPools/clusters/managelibraries/action", + "description": "Read HDInsight on AKS Cluster Pool Upgrade Histories", + "displayName": "Read HDInsight on AKS Cluster Pool Upgrade Histories", + "name": "Microsoft.HDInsight/clusterPools/upgradehistories/read", "providerDisplayName": "Microsoft.HDInsight", "providerName": "Microsoft.HDInsight" }, @@ -961946,6 +964163,13 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, { "description": "Gets or lists deployment operations.", "displayName": "Get Deployment Operation", @@ -961967,13 +964191,6 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, { "description": "Creates or updates an deployment.", "displayName": "Create Deployment", @@ -961988,6 +964205,13 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, { "description": "Gets or lists deployment operations.", "displayName": "Get Deployment Operation", @@ -962087,25 +964311,20 @@ "Microsoft.Authorization/*/read", "Microsoft.HDInsight/clusterPools/clusters/read", "Microsoft.HDInsight/clusterPools/clusters/write", - "Microsoft.HDInsight/clusterPools/clusters/delete", - "Microsoft.HDInsight/clusterPools/clusters/resize/action", - "Microsoft.HDInsight/clusterpools/clusters/instanceviews/read", - "Microsoft.HDInsight/clusterPools/clusters/jobs/read", - "Microsoft.HDInsight/clusterPools/clusters/runjob/action", - "Microsoft.HDInsight/clusterpools/clusters/serviceconfigs/read", - "Microsoft.HDInsight/clusterPools/clusters/availableupgrades/read", - "Microsoft.HDInsight/clusterPools/clusters/upgrade/action", - "Microsoft.HDInsight/clusterPools/clusters/rollback/action", - "Microsoft.HDInsight/clusterPools/clusters/upgradehistories/read", - "Microsoft.HDInsight/clusterPools/clusters/libraries/read", - "Microsoft.HDInsight/clusterPools/clusters/managelibraries/action", + "Microsoft.HDInsight/clusterPools/delete", + "Microsoft.HDInsight/clusterPools/read", + "Microsoft.HDInsight/clusterPools/write", + "Microsoft.HDInsight/clusterpools/availableupgrades/read", + "Microsoft.HDInsight/clusterpools/upgrade/action", + "Microsoft.HDInsight/clusterPools/upgradehistories/read", "Microsoft.ResourceHealth/availabilityStatuses/read", "Microsoft.Resources/deployments/operations/read", + "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/deployments/*/read", "Microsoft.Resources/deployments/read", - "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/deployments/write", "Microsoft.Resources/deployments/exportTemplate/action", + "Microsoft.Resources/deployments/validate/action", "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", "Microsoft.Resources/subscriptions/resourceGroups/read", @@ -963125,6 +965344,418 @@ } ] }, + { + "description": "Provide permission to the Azure Virtual Desktop Resource Provider to start virtual machines.", + "hasExternal": false, + "hasUnknown": false, + "name": "Desktop Virtualization Power On Contributor", + "permittedActions": [ + { + "description": "Starts the virtual machine", + "displayName": "Start Virtual Machine", + "name": "Microsoft.Compute/virtualMachines/start/action", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Get the properties of a virtual machine", + "displayName": "Get Virtual Machine", + "name": "Microsoft.Compute/virtualMachines/read", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Gets the detailed runtime status of the virtual machine and its resources", + "displayName": "Get Virtual Machine Instance View", + "name": "Microsoft.Compute/virtualMachines/instanceView/read", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Reads the administrators for the subscription.", + "displayName": "Get administrator", + "name": "Microsoft.Authorization/classicAdministrators/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role assignment.", + "displayName": "Get role assignment", + "name": "Microsoft.Authorization/roleAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Lists all the permissions the caller has at a given scope.", + "displayName": "List permissions", + "name": "Microsoft.Authorization/permissions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets locks at the specified scope.", + "displayName": "Get management locks", + "name": "Microsoft.Authorization/locks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role definition.", + "displayName": "Get role definition", + "name": "Microsoft.Authorization/roleDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get operations for all resource providers which can be used in role definitions.", + "displayName": "Get operations for resource providers", + "name": "Microsoft.Authorization/providerOperations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy set definition.", + "displayName": "Get policy set definition", + "name": "Microsoft.Authorization/policySetDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy definition.", + "displayName": "Get policy definition", + "name": "Microsoft.Authorization/policyDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy assignment.", + "displayName": "Get policy assignment", + "name": "Microsoft.Authorization/policyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the list of operations", + "displayName": "Get operations", + "name": "Microsoft.Authorization/operations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the administrator opreation statuses of the subscription.", + "displayName": "Get administrator operation statuses", + "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a deny assignment.", + "displayName": "Get deny assignment", + "name": "Microsoft.Authorization/denyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about resource management private link.", + "displayName": "Get Resource Management Private Link", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection proxy.", + "displayName": "Get Private Endpoint Connection Proxy", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private link association.", + "displayName": "Get Private Link Association", + "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy exemption.", + "displayName": "Get policy exemption", + "name": "Microsoft.Authorization/policyExemptions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule requests at given scope.", + "displayName": "Get Role assignment schedule request", + "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule requests at given scope.", + "displayName": "Get Role eligibility schedule request", + "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedules at given scope.", + "displayName": "Get Role assignment schedule", + "name": "Microsoft.Authorization/roleAssignmentSchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedules at given scope.", + "displayName": "Get Role eligibility schedule", + "name": "Microsoft.Authorization/roleEligibilitySchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule instances at given scope.", + "displayName": "Get Role assignment schedule instance", + "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule instances at given scope.", + "displayName": "Get Role eligibility schedule instance", + "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get Role management policies", + "displayName": "Get Role management policy", + "name": "Microsoft.Authorization/roleManagementPolicies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get role management policy assignments", + "displayName": "Get Role management policy assignment", + "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Read the information about diagnostics settings", + "displayName": "Get information about diagnostics settings", + "name": "Microsoft.Authorization/diagnosticSettings/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get the information about diagnostic settings categories", + "displayName": "Read the information about diagnostic settings categories", + "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Create or update a classic metric alert", + "displayName": "Create or update classic metric alert", + "name": "Microsoft.Insights/AlertRules/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Delete a classic metric alert", + "displayName": "Delete classic metric alert", + "name": "Microsoft.Insights/AlertRules/Delete", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert", + "displayName": "Read classic metric alert", + "name": "Microsoft.Insights/AlertRules/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert activated", + "displayName": "Classic metric alert activated", + "name": "Microsoft.Insights/AlertRules/Activated/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert resolved", + "displayName": "Classic metric alert resolved", + "name": "Microsoft.Insights/AlertRules/Resolved/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert rule throttled", + "displayName": "Classic metric alert rule throttled", + "name": "Microsoft.Insights/AlertRules/Throttled/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert incident", + "displayName": "Read classic metric alert incidents", + "name": "Microsoft.Insights/AlertRules/Incidents/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Read any Azure Arc machines", + "displayName": "Read Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Read all Operations for Azure Arc for Servers", + "displayName": "Read all Operations", + "name": "Microsoft.HybridCompute/operations/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", + "displayName": "Read Operation Results", + "name": "Microsoft.HybridCompute/locations/operationresults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", + "displayName": "Read Operation Results", + "name": "Microsoft.HybridCompute/locations/operationstatus/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Gets/Lists virtual machine instance resource", + "displayName": "Gets/Lists virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Starts virtual machine instance resource", + "displayName": "Starts virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Start/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets operations", + "displayName": "Gets/List operations resources", + "name": "Microsoft.AzureStackHCI/Operations/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Compute/virtualMachines/start/action", + "Microsoft.Compute/virtualMachines/read", + "Microsoft.Compute/virtualMachines/instanceView/read", + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.HybridCompute/machines/read", + "Microsoft.HybridCompute/operations/read", + "Microsoft.HybridCompute/locations/operationresults/read", + "Microsoft.HybridCompute/locations/operationstatus/read", + "Microsoft.AzureStackHCI/virtualMachineInstances/read", + "Microsoft.AzureStackHCI/virtualMachineInstances/start/action", + "Microsoft.AzureStackHCI/operations/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "This role is in preview and subject to change. Provide permission to the Azure Virtual Desktop Resource Provider to create, delete, update, start, and stop virtual machines.", "hasExternal": false, @@ -964471,39 +967102,11 @@ ] }, { - "description": "Provide permission to the Azure Virtual Desktop Resource Provider to start virtual machines.", + "description": "Lets you grant Access Review System app permissions to discover and revoke access as needed by the access review process.", "hasExternal": false, "hasUnknown": false, - "name": "Desktop Virtualization Power On Contributor", + "name": "Access Review Operator Service Role", "permittedActions": [ - { - "description": "Starts the virtual machine", - "displayName": "Start Virtual Machine", - "name": "Microsoft.Compute/virtualMachines/start/action", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Get the properties of a virtual machine", - "displayName": "Get Virtual Machine", - "name": "Microsoft.Compute/virtualMachines/read", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Gets the detailed runtime status of the virtual machine and its resources", - "displayName": "Get Virtual Machine Instance View", - "name": "Microsoft.Compute/virtualMachines/instanceView/read", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, { "description": "Get information about a role assignment.", "displayName": "Get role assignment", @@ -964512,367 +967115,27 @@ "providerName": "Microsoft.Authorization" }, { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "description": "Delete a role assignment at the specified scope.", + "displayName": "Delete role assignment", + "name": "Microsoft.Authorization/roleAssignments/delete", "providerDisplayName": "Microsoft Authorization", "providerName": "Microsoft.Authorization" }, { - "description": "Create or update a classic metric alert", - "displayName": "Create or update classic metric alert", - "name": "Microsoft.Insights/AlertRules/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Delete a classic metric alert", - "displayName": "Delete classic metric alert", - "name": "Microsoft.Insights/AlertRules/Delete", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert", - "displayName": "Read classic metric alert", - "name": "Microsoft.Insights/AlertRules/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert activated", - "displayName": "Classic metric alert activated", - "name": "Microsoft.Insights/AlertRules/Activated/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert resolved", - "displayName": "Classic metric alert resolved", - "name": "Microsoft.Insights/AlertRules/Resolved/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert rule throttled", - "displayName": "Classic metric alert rule throttled", - "name": "Microsoft.Insights/AlertRules/Throttled/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert incident", - "displayName": "Read classic metric alert incidents", - "name": "Microsoft.Insights/AlertRules/Incidents/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Read any Azure Arc machines", - "displayName": "Read Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Read all Operations for Azure Arc for Servers", - "displayName": "Read all Operations", - "name": "Microsoft.HybridCompute/operations/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", - "displayName": "Read Operation Results", - "name": "Microsoft.HybridCompute/locations/operationresults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", - "displayName": "Read Operation Results", - "name": "Microsoft.HybridCompute/locations/operationstatus/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Gets/Lists virtual machine instance resource", - "displayName": "Gets/Lists virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Starts virtual machine instance resource", - "displayName": "Starts virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Start/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets operations", - "displayName": "Gets/List operations resources", - "name": "Microsoft.AzureStackHCI/Operations/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" + "description": "List all entities (Management Groups, Subscriptions, etc.) for the authenticated user.", + "displayName": "List Entities", + "name": "Microsoft.Management/getEntities/action", + "providerDisplayName": "Microsoft Management", + "providerName": "Microsoft.Management" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.Compute/virtualMachines/start/action", - "Microsoft.Compute/virtualMachines/read", - "Microsoft.Compute/virtualMachines/instanceView/read", - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.HybridCompute/machines/read", - "Microsoft.HybridCompute/operations/read", - "Microsoft.HybridCompute/locations/operationresults/read", - "Microsoft.HybridCompute/locations/operationstatus/read", - "Microsoft.AzureStackHCI/virtualMachineInstances/read", - "Microsoft.AzureStackHCI/virtualMachineInstances/start/action", - "Microsoft.AzureStackHCI/operations/read" + "Microsoft.Authorization/roleAssignments/read", + "Microsoft.Authorization/roleAssignments/delete", + "Microsoft.Management/getEntities/action" ], "condition": null, "conditionVersion": null, @@ -964997,50 +967260,6 @@ } ] }, - { - "description": "Lets you grant Access Review System app permissions to discover and revoke access as needed by the access review process.", - "hasExternal": false, - "hasUnknown": false, - "name": "Access Review Operator Service Role", - "permittedActions": [ - { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Delete a role assignment at the specified scope.", - "displayName": "Delete role assignment", - "name": "Microsoft.Authorization/roleAssignments/delete", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "List all entities (Management Groups, Subscriptions, etc.) for the authenticated user.", - "displayName": "List Entities", - "name": "Microsoft.Management/getEntities/action", - "providerDisplayName": "Microsoft Management", - "providerName": "Microsoft.Management" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Authorization/roleAssignments/read", - "Microsoft.Authorization/roleAssignments/delete", - "Microsoft.Management/getEntities/action" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Manage identity or business verification requests. This role is in preview and subject to change.", "hasExternal": false, @@ -965240,10 +967459,10 @@ ] }, { - "description": "Grants read/write access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace.\u00a0 Applying this role at cluster scope will give access across all namespaces.", + "description": "Grants read-only access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Kubernetes Fleet Manager RBAC Writer", + "name": "Azure Kubernetes Fleet Manager RBAC Reader", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -965485,20 +967704,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes daemonsets", - "displayName": "Creates/Updates daemonsets resource", - "name": "Microsoft.ContainerService/fleets/apps/daemonsets/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes daemonsets", - "displayName": "Deletes/DeletesCollection daemonsets resource", - "name": "Microsoft.ContainerService/fleets/apps/daemonsets/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads deployments", "displayName": "Gets/List deployments resource", @@ -965506,20 +967711,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes deployments", - "displayName": "Creates/Updates deployments resource", - "name": "Microsoft.ContainerService/fleets/apps/deployments/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes deployments", - "displayName": "Deletes/DeletesCollection deployments resource", - "name": "Microsoft.ContainerService/fleets/apps/deployments/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads statefulsets", "displayName": "Gets/List statefulsets resource", @@ -965527,20 +967718,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes statefulsets", - "displayName": "Creates/Updates statefulsets resource", - "name": "Microsoft.ContainerService/fleets/apps/statefulsets/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes statefulsets", - "displayName": "Deletes/DeletesCollection statefulsets resource", - "name": "Microsoft.ContainerService/fleets/apps/statefulsets/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads horizontalpodautoscalers", "displayName": "Gets/List horizontalpodautoscalers resource", @@ -965548,20 +967725,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes horizontalpodautoscalers", - "displayName": "Creates/Updates horizontalpodautoscalers resource", - "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes horizontalpodautoscalers", - "displayName": "Deletes/DeletesCollection horizontalpodautoscalers resource", - "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads cronjobs", "displayName": "Gets/List cronjobs resource", @@ -965569,20 +967732,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes cronjobs", - "displayName": "Creates/Updates cronjobs resource", - "name": "Microsoft.ContainerService/fleets/batch/cronjobs/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes cronjobs", - "displayName": "Deletes/DeletesCollection cronjobs resource", - "name": "Microsoft.ContainerService/fleets/batch/cronjobs/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads jobs", "displayName": "Gets/List jobs resource", @@ -965590,20 +967739,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes jobs", - "displayName": "Creates/Updates jobs resource", - "name": "Microsoft.ContainerService/fleets/batch/jobs/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes jobs", - "displayName": "Deletes/DeletesCollection jobs resource", - "name": "Microsoft.ContainerService/fleets/batch/jobs/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads configmaps", "displayName": "Gets/List configmaps resource", @@ -965611,20 +967746,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes configmaps", - "displayName": "Creates/Updates configmaps resource", - "name": "Microsoft.ContainerService/fleets/configmaps/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes configmaps", - "displayName": "Deletes/DeletesCollection configmaps resource", - "name": "Microsoft.ContainerService/fleets/configmaps/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads endpoints", "displayName": "Gets/List endpoints resource", @@ -965632,20 +967753,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes endpoints", - "displayName": "Creates/Updates endpoints resource", - "name": "Microsoft.ContainerService/fleets/endpoints/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes endpoints", - "displayName": "Deletes/DeletesCollection endpoints resource", - "name": "Microsoft.ContainerService/fleets/endpoints/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads events", "displayName": "Gets/List events resource", @@ -965667,20 +967774,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes daemonsets", - "displayName": "Creates/Updates daemonsets resource", - "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes daemonsets", - "displayName": "Deletes/DeletesCollection daemonsets resource", - "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads deployments", "displayName": "Gets/List deployments resource", @@ -965688,20 +967781,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes deployments", - "displayName": "Creates/Updates deployments resource", - "name": "Microsoft.ContainerService/fleets/extensions/deployments/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes deployments", - "displayName": "Deletes/DeletesCollection deployments resource", - "name": "Microsoft.ContainerService/fleets/extensions/deployments/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads ingresses", "displayName": "Gets/List ingresses resource", @@ -965709,20 +967788,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes ingresses", - "displayName": "Creates/Updates ingresses resource", - "name": "Microsoft.ContainerService/fleets/extensions/ingresses/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes ingresses", - "displayName": "Deletes/DeletesCollection ingresses resource", - "name": "Microsoft.ContainerService/fleets/extensions/ingresses/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads networkpolicies", "displayName": "Gets/List networkpolicies resource", @@ -965730,20 +967795,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes networkpolicies", - "displayName": "Creates/Updates networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes networkpolicies", - "displayName": "Deletes/DeletesCollection networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads limitranges", "displayName": "Gets/List limitranges resource", @@ -965765,20 +967816,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes ingresses", - "displayName": "Creates/Updates ingresses resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes ingresses", - "displayName": "Deletes/DeletesCollection ingresses resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads networkpolicies", "displayName": "Gets/List networkpolicies resource", @@ -965786,20 +967823,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes networkpolicies", - "displayName": "Creates/Updates networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes networkpolicies", - "displayName": "Deletes/DeletesCollection networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads persistentvolumeclaims", "displayName": "Gets/List persistentvolumeclaims resource", @@ -965807,20 +967830,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes persistentvolumeclaims", - "displayName": "Creates/Updates persistentvolumeclaims resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes persistentvolumeclaims", - "displayName": "Deletes/DeletesCollection persistentvolumeclaims resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads poddisruptionbudgets", "displayName": "Gets/List poddisruptionbudgets resource", @@ -965828,20 +967837,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes poddisruptionbudgets", - "displayName": "Creates/Updates poddisruptionbudgets resource", - "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes poddisruptionbudgets", - "displayName": "Deletes/DeletesCollection poddisruptionbudgets resource", - "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads replicationcontrollers", "displayName": "Gets/List replicationcontrollers resource", @@ -965849,20 +967844,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes replicationcontrollers", - "displayName": "Creates/Updates replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes replicationcontrollers", - "displayName": "Deletes/DeletesCollection replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads replicationcontrollers", "displayName": "Gets/List replicationcontrollers resource", @@ -965870,20 +967851,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes replicationcontrollers", - "displayName": "Creates/Updates replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes replicationcontrollers", - "displayName": "Deletes/DeletesCollection replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads resourcequotas", "displayName": "Gets/List resourcequotas resource", @@ -965891,27 +967858,6 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Reads secrets", - "displayName": "Gets/List secrets resource", - "name": "Microsoft.ContainerService/fleets/secrets/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes secrets", - "displayName": "Creates/Updates secrets resource", - "name": "Microsoft.ContainerService/fleets/secrets/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes secrets", - "displayName": "Deletes/DeletesCollection secrets resource", - "name": "Microsoft.ContainerService/fleets/secrets/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads serviceaccounts", "displayName": "Gets/List serviceaccounts resource", @@ -965919,47 +967865,12 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, - { - "description": "Writes serviceaccounts", - "displayName": "Creates/Updates serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes serviceaccounts", - "displayName": "Deletes/DeletesCollection serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Impersonate serviceaccounts", - "displayName": "Impersonate serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/impersonate/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, { "description": "Reads services", "displayName": "Gets/List services resource", "name": "Microsoft.ContainerService/fleets/services/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes services", - "displayName": "Creates/Updates services resource", - "name": "Microsoft.ContainerService/fleets/services/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes services", - "displayName": "Deletes/DeletesCollection services resource", - "name": "Microsoft.ContainerService/fleets/services/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" } ], "rawPermissions": [ @@ -965976,32 +967887,31 @@ "conditionVersion": null, "dataActions": [ "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", - "Microsoft.ContainerService/fleets/apps/daemonsets/*", - "Microsoft.ContainerService/fleets/apps/deployments/*", - "Microsoft.ContainerService/fleets/apps/statefulsets/*", - "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*", - "Microsoft.ContainerService/fleets/batch/cronjobs/*", - "Microsoft.ContainerService/fleets/batch/jobs/*", - "Microsoft.ContainerService/fleets/configmaps/*", - "Microsoft.ContainerService/fleets/endpoints/*", + "Microsoft.ContainerService/fleets/apps/daemonsets/read", + "Microsoft.ContainerService/fleets/apps/deployments/read", + "Microsoft.ContainerService/fleets/apps/statefulsets/read", + "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read", + "Microsoft.ContainerService/fleets/batch/cronjobs/read", + "Microsoft.ContainerService/fleets/batch/jobs/read", + "Microsoft.ContainerService/fleets/configmaps/read", + "Microsoft.ContainerService/fleets/endpoints/read", "Microsoft.ContainerService/fleets/events.k8s.io/events/read", "Microsoft.ContainerService/fleets/events/read", - "Microsoft.ContainerService/fleets/extensions/daemonsets/*", - "Microsoft.ContainerService/fleets/extensions/deployments/*", - "Microsoft.ContainerService/fleets/extensions/ingresses/*", - "Microsoft.ContainerService/fleets/extensions/networkpolicies/*", + "Microsoft.ContainerService/fleets/extensions/daemonsets/read", + "Microsoft.ContainerService/fleets/extensions/deployments/read", + "Microsoft.ContainerService/fleets/extensions/ingresses/read", + "Microsoft.ContainerService/fleets/extensions/networkpolicies/read", "Microsoft.ContainerService/fleets/limitranges/read", "Microsoft.ContainerService/fleets/namespaces/read", - "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*", - "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*", - "Microsoft.ContainerService/fleets/persistentvolumeclaims/*", - "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*", - "Microsoft.ContainerService/fleets/replicationcontrollers/*", - "Microsoft.ContainerService/fleets/replicationcontrollers/*", + "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read", + "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read", + "Microsoft.ContainerService/fleets/persistentvolumeclaims/read", + "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read", + "Microsoft.ContainerService/fleets/replicationcontrollers/read", + "Microsoft.ContainerService/fleets/replicationcontrollers/read", "Microsoft.ContainerService/fleets/resourcequotas/read", - "Microsoft.ContainerService/fleets/secrets/*", - "Microsoft.ContainerService/fleets/serviceaccounts/*", - "Microsoft.ContainerService/fleets/services/*" + "Microsoft.ContainerService/fleets/serviceaccounts/read", + "Microsoft.ContainerService/fleets/services/read" ], "notActions": [], "notDataActions": [] @@ -966009,10 +967919,10 @@ ] }, { - "description": "Grants read/write access to Kubernetes resources within a namespace in the fleet-managed hub cluster - provides write permissions on most objects within a a namespace, with the exception of ResourceQuota object and the namespace object itself. Applying this role at cluster scope will give access across all namespaces.", + "description": "Grants read/write access to all Kubernetes resources in the fleet-managed hub cluster.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Kubernetes Fleet Manager RBAC Admin", + "name": "Azure Kubernetes Fleet Manager RBAC Cluster Admin", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -966240,6 +968150,111 @@ } ], "permittedDataActions": [ + { + "description": "Reads initializerconfigurations", + "displayName": "Gets/List initializerconfigurations resource", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/initializerconfigurations/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes initializerconfigurations", + "displayName": "Creates/Updates initializerconfigurations resource", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/initializerconfigurations/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes/DeletesCollection initializerconfigurations resource", + "displayName": "Initializerconfigurations", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/initializerconfigurations/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads mutatingwebhookconfigurations", + "displayName": "Gets/List mutatingwebhookconfigurations resource", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/mutatingwebhookconfigurations/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes mutatingwebhookconfigurations", + "displayName": "Creates/Updates mutatingwebhookconfigurations resource", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/mutatingwebhookconfigurations/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes mutatingwebhookconfigurations", + "displayName": "Deletes/DeletesCollection mutatingwebhookconfigurations resource", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/mutatingwebhookconfigurations/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads validatingwebhookconfigurations", + "displayName": "Gets/List validatingwebhookconfigurations resource", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/validatingwebhookconfigurations/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes validatingwebhookconfigurations", + "displayName": "Creates/Updates validatingwebhookconfigurations resource", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/validatingwebhookconfigurations/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes validatingwebhookconfigurations", + "displayName": "Deletes/DeletesCollection validatingwebhookconfigurations resource", + "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/validatingwebhookconfigurations/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads customresourcedefinitions", + "displayName": "Gets/List customresourcedefinitions resource", + "name": "Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes customresourcedefinitions", + "displayName": "Creates/Updates customresourcedefinitions resource", + "name": "Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes customresourcedefinitions", + "displayName": "Deletes/DeletesCollection customresourcedefinitions resource", + "name": "Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Reads apiservices", + "displayName": "Gets/List apiservices resource", + "name": "Microsoft.ContainerService/fleets/apiregistration.k8s.io/apiservices/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes apiservices", + "displayName": "Creates/Updates apiservices resource", + "name": "Microsoft.ContainerService/fleets/apiregistration.k8s.io/apiservices/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes apiservices", + "displayName": "Deletes/DeletesCollection apiservices resource", + "name": "Microsoft.ContainerService/fleets/apiregistration.k8s.io/apiservices/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, { "description": "Reads controllerrevisions", "displayName": "Gets/List controllerrevisions resource", @@ -966247,6 +968262,20 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, + { + "description": "Writes controllerrevisions", + "displayName": "Creates/Updates controllerrevisions resource", + "name": "Microsoft.ContainerService/fleets/apps/controllerrevisions/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Deletes controllerrevisions", + "displayName": "Deletes/DeletesCollection controllerrevisions resource", + "name": "Microsoft.ContainerService/fleets/apps/controllerrevisions/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, { "description": "Reads daemonsets", "displayName": "Gets/List daemonsets resource", @@ -966310,6 +968339,13 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, + { + "description": "Writes tokenreviews", + "displayName": "Creates/Updates tokenreviews resource", + "name": "Microsoft.ContainerService/fleets/authentication.k8s.io/tokenreviews/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, { "description": "Writes localsubjectaccessreviews", "displayName": "Creates/Updates localsubjectaccessreviews resource", @@ -966317,6 +968353,27 @@ "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, + { + "description": "Writes selfsubjectaccessreviews", + "displayName": "Creates/Updates selfsubjectaccessreviews resource", + "name": "Microsoft.ContainerService/fleets/authorization.k8s.io/selfsubjectaccessreviews/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes selfsubjectrulesreviews", + "displayName": "Creates/Updates selfsubjectrulesreviews resource", + "name": "Microsoft.ContainerService/fleets/authorization.k8s.io/selfsubjectrulesreviews/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Writes subjectaccessreviews", + "displayName": "Creates/Updates subjectaccessreviews resource", + "name": "Microsoft.ContainerService/fleets/authorization.k8s.io/subjectaccessreviews/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, { "description": "Reads horizontalpodautoscalers", "displayName": "Gets/List horizontalpodautoscalers resource", @@ -966381,198 +968438,198 @@ "providerName": "Microsoft.ContainerService" }, { - "description": "Reads configmaps", - "displayName": "Gets/List configmaps resource", - "name": "Microsoft.ContainerService/fleets/configmaps/read", + "description": "Reads certificatesigningrequests", + "displayName": "Gets/List certificatesigningrequests resource", + "name": "Microsoft.ContainerService/fleets/certificates.k8s.io/certificatesigningrequests/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes configmaps", - "displayName": "Creates/Updates configmaps resource", - "name": "Microsoft.ContainerService/fleets/configmaps/write", + "description": "Writes certificatesigningrequests", + "displayName": "Creates/Updates certificatesigningrequests resource", + "name": "Microsoft.ContainerService/fleets/certificates.k8s.io/certificatesigningrequests/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes configmaps", - "displayName": "Deletes/DeletesCollection configmaps resource", - "name": "Microsoft.ContainerService/fleets/configmaps/delete", + "description": "Deletes certificatesigningrequests", + "displayName": "Deletes/DeletesCollection certificatesigningrequests resource", + "name": "Microsoft.ContainerService/fleets/certificates.k8s.io/certificatesigningrequests/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads endpoints", - "displayName": "Gets/List endpoints resource", - "name": "Microsoft.ContainerService/fleets/endpoints/read", + "description": "Reads leases", + "displayName": "Gets/List leases resource", + "name": "Microsoft.ContainerService/fleets/coordination.k8s.io/leases/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes endpoints", - "displayName": "Creates/Updates endpoints resource", - "name": "Microsoft.ContainerService/fleets/endpoints/write", + "description": "Writes leases", + "displayName": "Creates/Updates leases resource", + "name": "Microsoft.ContainerService/fleets/coordination.k8s.io/leases/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes endpoints", - "displayName": "Deletes/DeletesCollection endpoints resource", - "name": "Microsoft.ContainerService/fleets/endpoints/delete", + "description": "Deletes leases", + "displayName": "Deletes/DeletesCollection leases resource", + "name": "Microsoft.ContainerService/fleets/coordination.k8s.io/leases/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads events", - "displayName": "Gets/List events resource", - "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/read", + "description": "Writes bindings", + "displayName": "Creates/Updates bindings resource", + "name": "Microsoft.ContainerService/fleets/bindings/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads events", - "displayName": "Gets/List events resource", - "name": "Microsoft.ContainerService/fleets/events/read", + "description": "Reads componentstatuses", + "displayName": "Gets/List componentstatuses resource", + "name": "Microsoft.ContainerService/fleets/componentstatuses/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads daemonsets", - "displayName": "Gets/List daemonsets resource", - "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/read", + "description": "Writes componentstatuses", + "displayName": "Creates/Updates componentstatuses resource", + "name": "Microsoft.ContainerService/fleets/componentstatuses/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes daemonsets", - "displayName": "Creates/Updates daemonsets resource", - "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/write", + "description": "Deletes componentstatuses", + "displayName": "Deletes/DeletesCollection componentstatuses resource", + "name": "Microsoft.ContainerService/fleets/componentstatuses/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes daemonsets", - "displayName": "Deletes/DeletesCollection daemonsets resource", - "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/delete", + "description": "Reads configmaps", + "displayName": "Gets/List configmaps resource", + "name": "Microsoft.ContainerService/fleets/configmaps/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads deployments", - "displayName": "Gets/List deployments resource", - "name": "Microsoft.ContainerService/fleets/extensions/deployments/read", + "description": "Writes configmaps", + "displayName": "Creates/Updates configmaps resource", + "name": "Microsoft.ContainerService/fleets/configmaps/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes deployments", - "displayName": "Creates/Updates deployments resource", - "name": "Microsoft.ContainerService/fleets/extensions/deployments/write", + "description": "Deletes configmaps", + "displayName": "Deletes/DeletesCollection configmaps resource", + "name": "Microsoft.ContainerService/fleets/configmaps/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes deployments", - "displayName": "Deletes/DeletesCollection deployments resource", - "name": "Microsoft.ContainerService/fleets/extensions/deployments/delete", + "description": "Reads endpoints", + "displayName": "Gets/List endpoints resource", + "name": "Microsoft.ContainerService/fleets/endpoints/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ingresses", - "displayName": "Gets/List ingresses resource", - "name": "Microsoft.ContainerService/fleets/extensions/ingresses/read", + "description": "Writes endpoints", + "displayName": "Creates/Updates endpoints resource", + "name": "Microsoft.ContainerService/fleets/endpoints/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes ingresses", - "displayName": "Creates/Updates ingresses resource", - "name": "Microsoft.ContainerService/fleets/extensions/ingresses/write", + "description": "Deletes endpoints", + "displayName": "Deletes/DeletesCollection endpoints resource", + "name": "Microsoft.ContainerService/fleets/endpoints/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes ingresses", - "displayName": "Deletes/DeletesCollection ingresses resource", - "name": "Microsoft.ContainerService/fleets/extensions/ingresses/delete", + "description": "Reads events", + "displayName": "Gets/List events resource", + "name": "Microsoft.ContainerService/fleets/events/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads networkpolicies", - "displayName": "Gets/List networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/read", + "description": "Writes events", + "displayName": "Creates/Updates events resource", + "name": "Microsoft.ContainerService/fleets/events/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes networkpolicies", - "displayName": "Creates/Updates networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/write", + "description": "Deletes events", + "displayName": "Deletes/DeletesCollection events resource", + "name": "Microsoft.ContainerService/fleets/events/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes networkpolicies", - "displayName": "Deletes/DeletesCollection networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/delete", + "description": "Reads limitranges", + "displayName": "Gets/List limitranges resource", + "name": "Microsoft.ContainerService/fleets/limitranges/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads limitranges", - "displayName": "Gets/List limitranges resource", - "name": "Microsoft.ContainerService/fleets/limitranges/read", + "description": "Writes limitranges", + "displayName": "Creates/Updates limitranges resource", + "name": "Microsoft.ContainerService/fleets/limitranges/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads namespaces", - "displayName": "Gets/List namespaces resource", - "name": "Microsoft.ContainerService/fleets/namespaces/read", + "description": "Deletes limitranges", + "displayName": "Deletes/DeletesCollection limitranges resource", + "name": "Microsoft.ContainerService/fleets/limitranges/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ingresses", - "displayName": "Gets/List ingresses resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read", + "description": "Reads namespaces", + "displayName": "Gets/List namespaces resource", + "name": "Microsoft.ContainerService/fleets/namespaces/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes ingresses", - "displayName": "Creates/Updates ingresses resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write", + "description": "Writes namespaces", + "displayName": "Creates/Updates namespaces resource", + "name": "Microsoft.ContainerService/fleets/namespaces/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes ingresses", - "displayName": "Deletes/DeletesCollection ingresses resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/delete", + "description": "Deletes namespaces", + "displayName": "Deletes/DeletesCollection namespaces resource", + "name": "Microsoft.ContainerService/fleets/namespaces/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads networkpolicies", - "displayName": "Gets/List networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read", + "description": "Reads nodes", + "displayName": "Gets/List nodes resource", + "name": "Microsoft.ContainerService/fleets/nodes/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes networkpolicies", - "displayName": "Creates/Updates networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write", + "description": "Writes nodes", + "displayName": "Creates/Updates nodes resource", + "name": "Microsoft.ContainerService/fleets/nodes/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes networkpolicies", - "displayName": "Deletes/DeletesCollection networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/delete", + "description": "Deletes nodes", + "displayName": "Deletes/DeletesCollection nodes resource", + "name": "Microsoft.ContainerService/fleets/nodes/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, @@ -966598,79 +968655,44 @@ "providerName": "Microsoft.ContainerService" }, { - "description": "Reads poddisruptionbudgets", - "displayName": "Gets/List poddisruptionbudgets resource", - "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes poddisruptionbudgets", - "displayName": "Creates/Updates poddisruptionbudgets resource", - "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes poddisruptionbudgets", - "displayName": "Deletes/DeletesCollection poddisruptionbudgets resource", - "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads rolebindings", - "displayName": "Gets/List rolebindings resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes rolebindings", - "displayName": "Creates/Updates rolebindings resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes rolebindings", - "displayName": "Deletes/DeletesCollection rolebindings resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/delete", + "description": "Reads persistentvolumes", + "displayName": "Gets/List persistentvolumes resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumes/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads roles", - "displayName": "Gets/List roles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/read", + "description": "Writes persistentvolumes", + "displayName": "Creates/Updates persistentvolumes resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumes/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes roles", - "displayName": "Creates/Updates roles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/write", + "description": "Deletes persistentvolumes", + "displayName": "Deletes/DeletesCollection persistentvolumes resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumes/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes roles", - "displayName": "Deletes/DeletesCollection roles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/delete", + "description": "Reads podtemplates", + "displayName": "Gets/List podtemplates resource", + "name": "Microsoft.ContainerService/fleets/podtemplates/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Binds roles", - "displayName": "Bind roles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/bind/action", + "description": "Writes podtemplates", + "displayName": "Creates/Updates podtemplates resource", + "name": "Microsoft.ContainerService/fleets/podtemplates/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Escalates roles", - "displayName": "Escalate roles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/escalate/action", + "description": "Deletes podtemplates", + "displayName": "Deletes/DeletesCollection podtemplates resource", + "name": "Microsoft.ContainerService/fleets/podtemplates/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, @@ -966696,30 +968718,23 @@ "providerName": "Microsoft.ContainerService" }, { - "description": "Reads replicationcontrollers", - "displayName": "Gets/List replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes replicationcontrollers", - "displayName": "Creates/Updates replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", + "description": "Reads resourcequotas", + "displayName": "Gets/List resourcequotas resource", + "name": "Microsoft.ContainerService/fleets/resourcequotas/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes replicationcontrollers", - "displayName": "Deletes/DeletesCollection replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", + "description": "Writes resourcequotas", + "displayName": "Creates/Updates resourcequotas resource", + "name": "Microsoft.ContainerService/fleets/resourcequotas/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads resourcequotas", - "displayName": "Gets/List resourcequotas resource", - "name": "Microsoft.ContainerService/fleets/resourcequotas/read", + "description": "Deletes resourcequotas", + "displayName": "Deletes/DeletesCollection resourcequotas resource", + "name": "Microsoft.ContainerService/fleets/resourcequotas/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, @@ -966792,2672 +968807,3017 @@ "name": "Microsoft.ContainerService/fleets/services/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" - } - ], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ContainerService/fleets/read", - "Microsoft.ContainerService/fleets/listCredentials/action" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", - "Microsoft.ContainerService/fleets/apps/daemonsets/*", - "Microsoft.ContainerService/fleets/apps/deployments/*", - "Microsoft.ContainerService/fleets/apps/statefulsets/*", - "Microsoft.ContainerService/fleets/authorization.k8s.io/localsubjectaccessreviews/write", - "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*", - "Microsoft.ContainerService/fleets/batch/cronjobs/*", - "Microsoft.ContainerService/fleets/batch/jobs/*", - "Microsoft.ContainerService/fleets/configmaps/*", - "Microsoft.ContainerService/fleets/endpoints/*", - "Microsoft.ContainerService/fleets/events.k8s.io/events/read", - "Microsoft.ContainerService/fleets/events/read", - "Microsoft.ContainerService/fleets/extensions/daemonsets/*", - "Microsoft.ContainerService/fleets/extensions/deployments/*", - "Microsoft.ContainerService/fleets/extensions/ingresses/*", - "Microsoft.ContainerService/fleets/extensions/networkpolicies/*", - "Microsoft.ContainerService/fleets/limitranges/read", - "Microsoft.ContainerService/fleets/namespaces/read", - "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*", - "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*", - "Microsoft.ContainerService/fleets/persistentvolumeclaims/*", - "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*", - "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/*", - "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/*", - "Microsoft.ContainerService/fleets/replicationcontrollers/*", - "Microsoft.ContainerService/fleets/replicationcontrollers/*", - "Microsoft.ContainerService/fleets/resourcequotas/read", - "Microsoft.ContainerService/fleets/secrets/*", - "Microsoft.ContainerService/fleets/serviceaccounts/*", - "Microsoft.ContainerService/fleets/services/*" - ], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Grants read/write access to Azure resources provided by Azure Kubernetes Fleet Manager, including fleets, fleet members, fleet update strategies, fleet update runs, etc.", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Kubernetes Fleet Manager Contributor Role", - "permittedActions": [ + }, { - "description": "Get fleet", - "displayName": "Get fleet", - "name": "Microsoft.ContainerService/fleets/read", + "description": "Reads events", + "displayName": "Gets/List events resource", + "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Create or Update a fleet", - "displayName": "Create or Update a fleet", - "name": "Microsoft.ContainerService/fleets/write", + "description": "Writes events", + "displayName": "Creates/Updates events resource", + "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete a fleet", - "displayName": "Delete a fleet", - "name": "Microsoft.ContainerService/fleets/delete", + "description": "Deletes events", + "displayName": "Deletes/DeletesCollection events resource", + "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "List fleet credentials", - "displayName": "List fleet credentials", - "name": "Microsoft.ContainerService/fleets/listCredentials/action", + "description": "Reads daemonsets", + "displayName": "Gets/List daemonsets resource", + "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Get a fleet member", - "displayName": "Get a fleet member", - "name": "Microsoft.ContainerService/fleets/members/read", + "description": "Writes daemonsets", + "displayName": "Creates/Updates daemonsets resource", + "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Create or Update a fleet member", - "displayName": "Create or Update a fleet member", - "name": "Microsoft.ContainerService/fleets/members/write", + "description": "Deletes daemonsets", + "displayName": "Deletes/DeletesCollection daemonsets resource", + "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete a fleet member", - "displayName": "Delete a fleet member", - "name": "Microsoft.ContainerService/fleets/members/delete", + "description": "Reads deployments", + "displayName": "Gets/List deployments resource", + "name": "Microsoft.ContainerService/fleets/extensions/deployments/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Get a fleet update run", - "displayName": "Get a fleet update run", - "name": "Microsoft.ContainerService/fleets/updateRuns/read", + "description": "Writes deployments", + "displayName": "Creates/Updates deployments resource", + "name": "Microsoft.ContainerService/fleets/extensions/deployments/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Create or Update a fleet update run", - "displayName": "Create or Update a fleet update run", - "name": "Microsoft.ContainerService/fleets/updateRuns/write", + "description": "Deletes deployments", + "displayName": "Deletes/DeletesCollection deployments resource", + "name": "Microsoft.ContainerService/fleets/extensions/deployments/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete a fleet update run", - "displayName": "Delete a fleet update run", - "name": "Microsoft.ContainerService/fleets/updateRuns/delete", + "description": "Reads ingresses", + "displayName": "Gets/List ingresses resource", + "name": "Microsoft.ContainerService/fleets/extensions/ingresses/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Starts a fleet update run", - "displayName": "Starts a fleet update run", - "name": "Microsoft.ContainerService/fleets/updateRuns/start/action", + "description": "Writes ingresses", + "displayName": "Creates/Updates ingresses resource", + "name": "Microsoft.ContainerService/fleets/extensions/ingresses/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Stops a fleet update run", - "displayName": "Stops a fleet update run", - "name": "Microsoft.ContainerService/fleets/updateRuns/stop/action", + "description": "Deletes ingresses", + "displayName": "Deletes/DeletesCollection ingresses resource", + "name": "Microsoft.ContainerService/fleets/extensions/ingresses/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Get a fleet update strategy", - "displayName": "Get a fleet update strategy", - "name": "Microsoft.ContainerService/fleets/updateStrategies/read", + "description": "Reads networkpolicies", + "displayName": "Gets/List networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Create or Update a fleet update strategy", - "displayName": "Create or Update a fleet update strategy", - "name": "Microsoft.ContainerService/fleets/updateStrategies/write", + "description": "Writes networkpolicies", + "displayName": "Creates/Updates networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete a fleet update strategy", - "displayName": "Delete a fleet update strategy", - "name": "Microsoft.ContainerService/fleets/updateStrategies/delete", + "description": "Deletes networkpolicies", + "displayName": "Deletes/DeletesCollection networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Get a fleet auto upgrade profile", - "displayName": "Get a fleet auto upgrade profile", - "name": "Microsoft.ContainerService/fleets/autoUpgradeProfiles/read", + "description": "Reads podsecuritypolicies", + "displayName": "Gets/List podsecuritypolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/podsecuritypolicies/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Create or Update a fleet auto upgrade profile", - "displayName": "Create or Update a fleet auto upgrade profile", - "name": "Microsoft.ContainerService/fleets/autoUpgradeProfiles/write", + "description": "Writes podsecuritypolicies", + "displayName": "Creates/Updates podsecuritypolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/podsecuritypolicies/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete a fleet auto upgrade profile", - "displayName": "Delete a fleet auto upgrade profile", - "name": "Microsoft.ContainerService/fleets/autoUpgradeProfiles/delete", + "description": "Deletes podsecuritypolicies", + "displayName": "Deletes/DeletesCollection podsecuritypolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/podsecuritypolicies/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Reads pods", + "displayName": "Gets/List pods resource", + "name": "Microsoft.ContainerService/fleets/metrics.k8s.io/pods/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Reads nodes", + "displayName": "Gets/List nodes resource", + "name": "Microsoft.ContainerService/fleets/metrics.k8s.io/nodes/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Reads networkpolicies", + "displayName": "Gets/List networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Writes networkpolicies", + "displayName": "Creates/Updates networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Deletes networkpolicies", + "displayName": "Deletes/DeletesCollection networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Reads ingresses", + "displayName": "Gets/List ingresses resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Writes ingresses", + "displayName": "Creates/Updates ingresses resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Deletes ingresses", + "displayName": "Deletes/DeletesCollection ingresses resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.ContainerService/fleets/*", - "Microsoft.Resources/deployments/*" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Grants read-only access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. It does not allow viewing roles or role bindings. This role does not allow viewing Secrets, since reading the contents of Secrets enables access to ServiceAccount credentials in the namespace, which would allow API access as any ServiceAccount in the namespace (a form of privilege escalation). Applying this role at cluster scope will give access across all namespaces.", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Kubernetes Fleet Manager RBAC Reader", - "permittedActions": [ - { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads runtimeclasses", + "displayName": "Gets/List runtimeclasses resource", + "name": "Microsoft.ContainerService/fleets/node.k8s.io/runtimeclasses/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Writes runtimeclasses", + "displayName": "Creates/Updates runtimeclasses resource", + "name": "Microsoft.ContainerService/fleets/node.k8s.io/runtimeclasses/write", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Deletes runtimeclasses", + "displayName": "Deletes/DeletesCollection runtimeclasses resource", + "name": "Microsoft.ContainerService/fleets/node.k8s.io/runtimeclasses/delete", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads api", + "displayName": "Gets/List api resource", + "name": "Microsoft.ContainerService/fleets/api/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads api/v1", + "displayName": "Gets/List api/v1 resource", + "name": "Microsoft.ContainerService/fleets/api/v1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads apis", + "displayName": "Gets/List apis resource", + "name": "Microsoft.ContainerService/fleets/apis/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads admissionregistration.k8s.io", + "displayName": "Gets/List admissionregistration.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/admissionregistration.k8s.io/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads admissionregistration.k8s.io/v1", + "displayName": "Gets/List admissionregistration.k8s.io/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/admissionregistration.k8s.io/v1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads admissionregistration.k8s.io/v1beta1", + "displayName": "Gets/List admissionregistration.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/admissionregistration.k8s.io/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads apiextensions.k8s.io", + "displayName": "Gets/List apiextensions.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/apiextensions.k8s.io/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads apiextensions.k8s.io/v1", + "displayName": "Gets/List apiextensions.k8s.io/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/apiextensions.k8s.io/v1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads apiextensions.k8s.io/v1beta1", + "displayName": "Gets/List apiextensions.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/apiextensions.k8s.io/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads apiregistration.k8s.io", + "displayName": "Gets/List apiregistration.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/apiregistration.k8s.io/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads apiregistration.k8s.io/v1", + "displayName": "Gets/List apiregistration.k8s.io/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/apiregistration.k8s.io/v1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads apiregistration.k8s.io/v1beta1", + "displayName": "Gets/List apiregistration.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/apiregistration.k8s.io/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads apps", + "displayName": "Gets/List apps resource", + "name": "Microsoft.ContainerService/fleets/apis/apps/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads apps/v1", + "displayName": "Gets/List apps/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/apps/v1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads apps/v1beta1", + "displayName": "Gets/List apps/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/apps/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads apps/v1beta2", + "displayName": "Gets/List apps/v1beta2 resource", + "name": "Microsoft.ContainerService/fleets/apis/apps/v1beta2/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads authentication.k8s.io", + "displayName": "Gets/List authentication.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/authentication.k8s.io/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads authentication.k8s.io/v1", + "displayName": "Gets/List authentication.k8s.io/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/authentication.k8s.io/v1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads authentication.k8s.io/v1beta1", + "displayName": "Gets/List authentication.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/authentication.k8s.io/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads authorization.k8s.io", + "displayName": "Gets/List authorization.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/authorization.k8s.io/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads authorization.k8s.io/v1", + "displayName": "Gets/List authorization.k8s.io/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/authorization.k8s.io/v1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads authorization.k8s.io/v1beta1", + "displayName": "Gets/List authorization.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/authorization.k8s.io/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads autoscaling", + "displayName": "Gets/List autoscaling resource", + "name": "Microsoft.ContainerService/fleets/apis/autoscaling/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads autoscaling/v1", + "displayName": "Gets/List autoscaling/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/autoscaling/v1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get the subscription operation results.", - "displayName": "Get Subscription Operation Results", - "name": "Microsoft.Resources/subscriptions/operationresults/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Reads autoscaling/v2beta1", + "displayName": "Gets/List autoscaling/v2beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/autoscaling/v2beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the list of subscriptions.", - "displayName": "Get Subscriptions", - "name": "Microsoft.Resources/subscriptions/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Reads autoscaling/v2beta2", + "displayName": "Gets/List autoscaling/v2beta2 resource", + "name": "Microsoft.ContainerService/fleets/apis/autoscaling/v2beta2/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Reads batch", + "displayName": "Gets/List batch resource", + "name": "Microsoft.ContainerService/fleets/apis/batch/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get fleet", - "displayName": "Get fleet", - "name": "Microsoft.ContainerService/fleets/read", + "description": "Reads batch/v1", + "displayName": "Gets/List batch/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/batch/v1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "List fleet credentials", - "displayName": "List fleet credentials", - "name": "Microsoft.ContainerService/fleets/listCredentials/action", + "description": "Reads batch/v1beta1", + "displayName": "Gets/List batch/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/batch/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" - } - ], - "permittedDataActions": [ + }, { - "description": "Reads controllerrevisions", - "displayName": "Gets/List controllerrevisions resource", - "name": "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", + "description": "Reads certificates.k8s.io", + "displayName": "Gets/List certificates.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/certificates.k8s.io/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads daemonsets", - "displayName": "Gets/List daemonsets resource", - "name": "Microsoft.ContainerService/fleets/apps/daemonsets/read", + "description": "Reads certificates.k8s.io/v1beta1", + "displayName": "Gets/List certificates.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/certificates.k8s.io/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads deployments", - "displayName": "Gets/List deployments resource", - "name": "Microsoft.ContainerService/fleets/apps/deployments/read", + "description": "Reads coordination.k8s.io", + "displayName": "Gets/List coordination.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/coordination.k8s.io/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads statefulsets", - "displayName": "Gets/List statefulsets resource", - "name": "Microsoft.ContainerService/fleets/apps/statefulsets/read", + "description": "Reads coordination/v1", + "displayName": "Gets/List coordination/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/coordination.k8s.io/v1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads horizontalpodautoscalers", - "displayName": "Gets/List horizontalpodautoscalers resource", - "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read", + "description": "Reads coordination.k8s.io/v1beta1", + "displayName": "Gets/List coordination.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/coordination.k8s.io/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads cronjobs", - "displayName": "Gets/List cronjobs resource", - "name": "Microsoft.ContainerService/fleets/batch/cronjobs/read", + "description": "Reads events.k8s.io", + "displayName": "Gets/List events.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/events.k8s.io/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads jobs", - "displayName": "Gets/List jobs resource", - "name": "Microsoft.ContainerService/fleets/batch/jobs/read", + "description": "Reads events.k8s.io/v1beta1", + "displayName": "Gets/List events.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/events.k8s.io/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads configmaps", - "displayName": "Gets/List configmaps resource", - "name": "Microsoft.ContainerService/fleets/configmaps/read", + "description": "Reads extensions", + "displayName": "Gets/List extensions resource", + "name": "Microsoft.ContainerService/fleets/apis/extensions/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads endpoints", - "displayName": "Gets/List endpoints resource", - "name": "Microsoft.ContainerService/fleets/endpoints/read", + "description": "Reads extensions/v1beta1", + "displayName": "Gets/List extensions/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/extensions/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads events", - "displayName": "Gets/List events resource", - "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/read", + "description": "Reads metrics.k8s.io", + "displayName": "Gets/List metrics.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/metrics.k8s.io/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads events", - "displayName": "Gets/List events resource", - "name": "Microsoft.ContainerService/fleets/events/read", + "description": "Reads metrics.k8s.io/v1beta1", + "displayName": "Gets/List metrics.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/metrics.k8s.io/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads daemonsets", - "displayName": "Gets/List daemonsets resource", - "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/read", + "description": "Reads networking.k8s.io", + "displayName": "Gets/List networking.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/networking.k8s.io/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads deployments", - "displayName": "Gets/List deployments resource", - "name": "Microsoft.ContainerService/fleets/extensions/deployments/read", + "description": "Reads networking/v1", + "displayName": "Gets/List networking/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/networking.k8s.io/v1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ingresses", - "displayName": "Gets/List ingresses resource", - "name": "Microsoft.ContainerService/fleets/extensions/ingresses/read", + "description": "Reads networking.k8s.io/v1beta1", + "displayName": "Gets/List networking.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/networking.k8s.io/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads networkpolicies", - "displayName": "Gets/List networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/read", + "description": "Reads node.k8s.io", + "displayName": "Gets/List node.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/node.k8s.io/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads limitranges", - "displayName": "Gets/List limitranges resource", - "name": "Microsoft.ContainerService/fleets/limitranges/read", + "description": "Reads node.k8s.io/v1beta1", + "displayName": "Gets/List node.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/node.k8s.io/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads namespaces", - "displayName": "Gets/List namespaces resource", - "name": "Microsoft.ContainerService/fleets/namespaces/read", + "description": "Reads policy", + "displayName": "Gets/List policy resource", + "name": "Microsoft.ContainerService/fleets/apis/policy/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ingresses", - "displayName": "Gets/List ingresses resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read", + "description": "Reads policy/v1beta1", + "displayName": "Gets/List policy/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/policy/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads networkpolicies", - "displayName": "Gets/List networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read", + "description": "Reads rbac.authorization.k8s.io", + "displayName": "Gets/List rbac.authorization.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/rbac.authorization.k8s.io/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads persistentvolumeclaims", - "displayName": "Gets/List persistentvolumeclaims resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/read", + "description": "Reads rbac.authorization/v1", + "displayName": "Gets/List rbac.authorization/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/rbac.authorization.k8s.io/v1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads poddisruptionbudgets", - "displayName": "Gets/List poddisruptionbudgets resource", - "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read", + "description": "Reads rbac.authorization.k8s.io/v1beta1", + "displayName": "Gets/List rbac.authorization.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/rbac.authorization.k8s.io/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads replicationcontrollers", - "displayName": "Gets/List replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", + "description": "Reads scheduling.k8s.io", + "displayName": "Gets/List scheduling.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/scheduling.k8s.io/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads replicationcontrollers", - "displayName": "Gets/List replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", + "description": "Reads scheduling/v1", + "displayName": "Gets/List scheduling/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/scheduling.k8s.io/v1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads resourcequotas", - "displayName": "Gets/List resourcequotas resource", - "name": "Microsoft.ContainerService/fleets/resourcequotas/read", + "description": "Reads scheduling.k8s.io/v1beta1", + "displayName": "Gets/List scheduling.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/scheduling.k8s.io/v1beta1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads serviceaccounts", - "displayName": "Gets/List serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/read", + "description": "Reads storage.k8s.io", + "displayName": "Gets/List storage.k8s.io resource", + "name": "Microsoft.ContainerService/fleets/apis/storage.k8s.io/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads services", - "displayName": "Gets/List services resource", - "name": "Microsoft.ContainerService/fleets/services/read", + "description": "Reads storage/v1", + "displayName": "Gets/List storage/v1 resource", + "name": "Microsoft.ContainerService/fleets/apis/storage.k8s.io/v1/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" - } - ], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ContainerService/fleets/read", - "Microsoft.ContainerService/fleets/listCredentials/action" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", - "Microsoft.ContainerService/fleets/apps/daemonsets/read", - "Microsoft.ContainerService/fleets/apps/deployments/read", - "Microsoft.ContainerService/fleets/apps/statefulsets/read", - "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read", - "Microsoft.ContainerService/fleets/batch/cronjobs/read", - "Microsoft.ContainerService/fleets/batch/jobs/read", - "Microsoft.ContainerService/fleets/configmaps/read", - "Microsoft.ContainerService/fleets/endpoints/read", - "Microsoft.ContainerService/fleets/events.k8s.io/events/read", - "Microsoft.ContainerService/fleets/events/read", - "Microsoft.ContainerService/fleets/extensions/daemonsets/read", - "Microsoft.ContainerService/fleets/extensions/deployments/read", - "Microsoft.ContainerService/fleets/extensions/ingresses/read", - "Microsoft.ContainerService/fleets/extensions/networkpolicies/read", - "Microsoft.ContainerService/fleets/limitranges/read", - "Microsoft.ContainerService/fleets/namespaces/read", - "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read", - "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read", - "Microsoft.ContainerService/fleets/persistentvolumeclaims/read", - "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read", - "Microsoft.ContainerService/fleets/replicationcontrollers/read", - "Microsoft.ContainerService/fleets/replicationcontrollers/read", - "Microsoft.ContainerService/fleets/resourcequotas/read", - "Microsoft.ContainerService/fleets/serviceaccounts/read", - "Microsoft.ContainerService/fleets/services/read" - ], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Grants read/write access to all Kubernetes resources in the fleet-managed hub cluster.", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Kubernetes Fleet Manager RBAC Cluster Admin", - "permittedActions": [ + }, { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads storage.k8s.io/v1beta1", + "displayName": "Gets/List storage.k8s.io/v1beta1 resource", + "name": "Microsoft.ContainerService/fleets/apis/storage.k8s.io/v1beta1/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads healthz", + "displayName": "Gets/List healthz resource", + "name": "Microsoft.ContainerService/fleets/healthz/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads autoregister-completion", + "displayName": "Gets/List autoregister-completion resource", + "name": "Microsoft.ContainerService/fleets/healthz/autoregister-completion/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads etcd", + "displayName": "Gets/List etcd resource", + "name": "Microsoft.ContainerService/fleets/healthz/etcd/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads log", + "displayName": "Gets/List log resource", + "name": "Microsoft.ContainerService/fleets/healthz/log/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads ping", + "displayName": "Gets/List ping resource", + "name": "Microsoft.ContainerService/fleets/healthz/ping/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads apiservice-openapi-controller", + "displayName": "Gets/List apiservice-openapi-controller resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/apiservice-openapi-controller/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads apiservice-registration-controller", + "displayName": "Gets/List apiservice-registration-controller resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/apiservice-registration-controller/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads apiservice-status-available-controller", + "displayName": "Gets/List apiservice-status-available-controller resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/apiservice-status-available-controller/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads bootstrap-controller", + "displayName": "Gets/List bootstrap-controller resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/bootstrap-controller/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads ca-registration", + "displayName": "Gets/List ca-registration resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/ca-registration/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads crd-informer-synced", + "displayName": "Gets/List crd-informer-synced resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/crd-informer-synced/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads generic-apiserver-start-informers", + "displayName": "Gets/List generic-apiserver-start-informers resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/generic-apiserver-start-informers/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads kube-apiserver-autoregistration", + "displayName": "Gets/List kube-apiserver-autoregistration resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/kube-apiserver-autoregistration/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads bootstrap-roles", + "displayName": "Gets/List bootstrap-roles resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/rbac/bootstrap-roles/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads bootstrap-system-priority-classes", + "displayName": "Gets/List bootstrap-system-priority-classes resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/scheduling/bootstrap-system-priority-classes/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads start-apiextensions-controllers", + "displayName": "Gets/List start-apiextensions-controllers resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/start-apiextensions-controllers/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads start-apiextensions-informers", + "displayName": "Gets/List start-apiextensions-informers resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/start-apiextensions-informers/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads start-kube-aggregator-informers", + "displayName": "Gets/List start-kube-aggregator-informers resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/start-kube-aggregator-informers/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads start-kube-apiserver-admission-initializer", + "displayName": "Gets/List start-kube-apiserver-admission-initializer resource", + "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/start-kube-apiserver-admission-initializer/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads livez", + "displayName": "Gets/List livez resource", + "name": "Microsoft.ContainerService/fleets/livez/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads autoregister-completion", + "displayName": "Gets/List autoregister-completion resource", + "name": "Microsoft.ContainerService/fleets/livez/autoregister-completion/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads etcd", + "displayName": "Gets/List etcd resource", + "name": "Microsoft.ContainerService/fleets/livez/etcd/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reads log", + "displayName": "Gets/List log resource", + "name": "Microsoft.ContainerService/fleets/livez/log/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get the subscription operation results.", - "displayName": "Get Subscription Operation Results", - "name": "Microsoft.Resources/subscriptions/operationresults/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Reads ping", + "displayName": "Gets/List ping resource", + "name": "Microsoft.ContainerService/fleets/livez/ping/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets the list of subscriptions.", - "displayName": "Get Subscriptions", - "name": "Microsoft.Resources/subscriptions/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Reads apiservice-openapi-controller", + "displayName": "Gets/List apiservice-openapi-controller resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/apiservice-openapi-controller/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Reads apiservice-registration-controller", + "displayName": "Gets/List apiservice-registration-controller resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/apiservice-registration-controller/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" }, { - "description": "Get fleet", - "displayName": "Get fleet", - "name": "Microsoft.ContainerService/fleets/read", + "description": "Reads apiservice-status-available-controller", + "displayName": "Gets/List apiservice-status-available-controller resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/apiservice-status-available-controller/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "List fleet credentials", - "displayName": "List fleet credentials", - "name": "Microsoft.ContainerService/fleets/listCredentials/action", + "description": "Reads bootstrap-controller", + "displayName": "Gets/List bootstrap-controller resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/bootstrap-controller/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" - } - ], - "permittedDataActions": [ + }, { - "description": "Reads initializerconfigurations", - "displayName": "Gets/List initializerconfigurations resource", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/initializerconfigurations/read", + "description": "Reads ca-registration", + "displayName": "Gets/List ca-registration resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/ca-registration/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes initializerconfigurations", - "displayName": "Creates/Updates initializerconfigurations resource", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/initializerconfigurations/write", + "description": "Reads crd-informer-synced", + "displayName": "Gets/List crd-informer-synced resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/crd-informer-synced/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes/DeletesCollection initializerconfigurations resource", - "displayName": "Initializerconfigurations", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/initializerconfigurations/delete", + "description": "Reads generic-apiserver-start-informers", + "displayName": "Gets/List generic-apiserver-start-informers resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/generic-apiserver-start-informers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads mutatingwebhookconfigurations", - "displayName": "Gets/List mutatingwebhookconfigurations resource", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/mutatingwebhookconfigurations/read", + "description": "Reads kube-apiserver-autoregistration", + "displayName": "Gets/List kube-apiserver-autoregistration resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/kube-apiserver-autoregistration/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes mutatingwebhookconfigurations", - "displayName": "Creates/Updates mutatingwebhookconfigurations resource", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/mutatingwebhookconfigurations/write", + "description": "Reads bootstrap-roles", + "displayName": "Gets/List bootstrap-roles resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/rbac/bootstrap-roles/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes mutatingwebhookconfigurations", - "displayName": "Deletes/DeletesCollection mutatingwebhookconfigurations resource", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/mutatingwebhookconfigurations/delete", + "description": "Reads bootstrap-system-priority-classes", + "displayName": "Gets/List bootstrap-system-priority-classes resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/scheduling/bootstrap-system-priority-classes/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads validatingwebhookconfigurations", - "displayName": "Gets/List validatingwebhookconfigurations resource", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/validatingwebhookconfigurations/read", + "description": "Reads start-apiextensions-controllers", + "displayName": "Gets/List start-apiextensions-controllers resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/start-apiextensions-controllers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes validatingwebhookconfigurations", - "displayName": "Creates/Updates validatingwebhookconfigurations resource", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/validatingwebhookconfigurations/write", + "description": "Reads start-apiextensions-informers", + "displayName": "Gets/List start-apiextensions-informers resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/start-apiextensions-informers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes validatingwebhookconfigurations", - "displayName": "Deletes/DeletesCollection validatingwebhookconfigurations resource", - "name": "Microsoft.ContainerService/fleets/admissionregistration.k8s.io/validatingwebhookconfigurations/delete", + "description": "Reads start-kube-aggregator-informers", + "displayName": "Gets/List start-kube-aggregator-informers resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/start-kube-aggregator-informers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads customresourcedefinitions", - "displayName": "Gets/List customresourcedefinitions resource", - "name": "Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/read", + "description": "Reads start-kube-apiserver-admission-initializer", + "displayName": "Gets/List start-kube-apiserver-admission-initializer resource", + "name": "Microsoft.ContainerService/fleets/livez/poststarthook/start-kube-apiserver-admission-initializer/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes customresourcedefinitions", - "displayName": "Creates/Updates customresourcedefinitions resource", - "name": "Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/write", + "description": "Reads logs", + "displayName": "Gets/List logs resource", + "name": "Microsoft.ContainerService/fleets/logs/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes customresourcedefinitions", - "displayName": "Deletes/DeletesCollection customresourcedefinitions resource", - "name": "Microsoft.ContainerService/fleets/apiextensions.k8s.io/customresourcedefinitions/delete", + "description": "Reads metrics", + "displayName": "Gets/List metrics resource", + "name": "Microsoft.ContainerService/fleets/metrics/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiservices", - "displayName": "Gets/List apiservices resource", - "name": "Microsoft.ContainerService/fleets/apiregistration.k8s.io/apiservices/read", + "description": "Reads v2", + "displayName": "Gets/List v2 resource", + "name": "Microsoft.ContainerService/fleets/openapi/v2/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes apiservices", - "displayName": "Creates/Updates apiservices resource", - "name": "Microsoft.ContainerService/fleets/apiregistration.k8s.io/apiservices/write", + "description": "Reads readyz", + "displayName": "Gets/List readyz resource", + "name": "Microsoft.ContainerService/fleets/readyz/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes apiservices", - "displayName": "Deletes/DeletesCollection apiservices resource", - "name": "Microsoft.ContainerService/fleets/apiregistration.k8s.io/apiservices/delete", + "description": "Reads autoregister-completion", + "displayName": "Gets/List autoregister-completion resource", + "name": "Microsoft.ContainerService/fleets/readyz/autoregister-completion/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads controllerrevisions", - "displayName": "Gets/List controllerrevisions resource", - "name": "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", + "description": "Reads etcd", + "displayName": "Gets/List etcd resource", + "name": "Microsoft.ContainerService/fleets/readyz/etcd/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes controllerrevisions", - "displayName": "Creates/Updates controllerrevisions resource", - "name": "Microsoft.ContainerService/fleets/apps/controllerrevisions/write", + "description": "Reads log", + "displayName": "Gets/List log resource", + "name": "Microsoft.ContainerService/fleets/readyz/log/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes controllerrevisions", - "displayName": "Deletes/DeletesCollection controllerrevisions resource", - "name": "Microsoft.ContainerService/fleets/apps/controllerrevisions/delete", + "description": "Reads ping", + "displayName": "Gets/List ping resource", + "name": "Microsoft.ContainerService/fleets/readyz/ping/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads daemonsets", - "displayName": "Gets/List daemonsets resource", - "name": "Microsoft.ContainerService/fleets/apps/daemonsets/read", + "description": "Reads apiservice-openapi-controller", + "displayName": "Gets/List apiservice-openapi-controller resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/apiservice-openapi-controller/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes daemonsets", - "displayName": "Creates/Updates daemonsets resource", - "name": "Microsoft.ContainerService/fleets/apps/daemonsets/write", + "description": "Reads apiservice-registration-controller", + "displayName": "Gets/List apiservice-registration-controller resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/apiservice-registration-controller/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes daemonsets", - "displayName": "Deletes/DeletesCollection daemonsets resource", - "name": "Microsoft.ContainerService/fleets/apps/daemonsets/delete", + "description": "Reads apiservice-status-available-controller", + "displayName": "Gets/List apiservice-status-available-controller resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/apiservice-status-available-controller/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads deployments", - "displayName": "Gets/List deployments resource", - "name": "Microsoft.ContainerService/fleets/apps/deployments/read", + "description": "Reads bootstrap-controller", + "displayName": "Gets/List bootstrap-controller resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/bootstrap-controller/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes deployments", - "displayName": "Creates/Updates deployments resource", - "name": "Microsoft.ContainerService/fleets/apps/deployments/write", + "description": "Reads ca-registration", + "displayName": "Gets/List ca-registration resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/ca-registration/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes deployments", - "displayName": "Deletes/DeletesCollection deployments resource", - "name": "Microsoft.ContainerService/fleets/apps/deployments/delete", + "description": "Reads crd-informer-synced", + "displayName": "Gets/List crd-informer-synced resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/crd-informer-synced/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads statefulsets", - "displayName": "Gets/List statefulsets resource", - "name": "Microsoft.ContainerService/fleets/apps/statefulsets/read", + "description": "Reads generic-apiserver-start-informers", + "displayName": "Gets/List generic-apiserver-start-informers resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/generic-apiserver-start-informers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes statefulsets", - "displayName": "Creates/Updates statefulsets resource", - "name": "Microsoft.ContainerService/fleets/apps/statefulsets/write", + "description": "Reads kube-apiserver-autoregistration", + "displayName": "Gets/List kube-apiserver-autoregistration resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/kube-apiserver-autoregistration/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes statefulsets", - "displayName": "Deletes/DeletesCollection statefulsets resource", - "name": "Microsoft.ContainerService/fleets/apps/statefulsets/delete", + "description": "Reads bootstrap-roles", + "displayName": "Gets/List bootstrap-roles resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/rbac/bootstrap-roles/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes tokenreviews", - "displayName": "Creates/Updates tokenreviews resource", - "name": "Microsoft.ContainerService/fleets/authentication.k8s.io/tokenreviews/write", + "description": "Reads bootstrap-system-priority-classes", + "displayName": "Gets/List bootstrap-system-priority-classes resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/scheduling/bootstrap-system-priority-classes/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes localsubjectaccessreviews", - "displayName": "Creates/Updates localsubjectaccessreviews resource", - "name": "Microsoft.ContainerService/fleets/authorization.k8s.io/localsubjectaccessreviews/write", + "description": "Reads start-apiextensions-controllers", + "displayName": "Gets/List start-apiextensions-controllers resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/start-apiextensions-controllers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes selfsubjectaccessreviews", - "displayName": "Creates/Updates selfsubjectaccessreviews resource", - "name": "Microsoft.ContainerService/fleets/authorization.k8s.io/selfsubjectaccessreviews/write", + "description": "Reads start-apiextensions-informers", + "displayName": "Gets/List start-apiextensions-informers resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/start-apiextensions-informers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes selfsubjectrulesreviews", - "displayName": "Creates/Updates selfsubjectrulesreviews resource", - "name": "Microsoft.ContainerService/fleets/authorization.k8s.io/selfsubjectrulesreviews/write", + "description": "Reads start-kube-aggregator-informers", + "displayName": "Gets/List start-kube-aggregator-informers resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/start-kube-aggregator-informers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes subjectaccessreviews", - "displayName": "Creates/Updates subjectaccessreviews resource", - "name": "Microsoft.ContainerService/fleets/authorization.k8s.io/subjectaccessreviews/write", + "description": "Reads start-kube-apiserver-admission-initializer", + "displayName": "Gets/List start-kube-apiserver-admission-initializer resource", + "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/start-kube-apiserver-admission-initializer/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads horizontalpodautoscalers", - "displayName": "Gets/List horizontalpodautoscalers resource", - "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read", + "description": "Reads shutdown", + "displayName": "Gets/List shutdown resource", + "name": "Microsoft.ContainerService/fleets/readyz/shutdown/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes horizontalpodautoscalers", - "displayName": "Creates/Updates horizontalpodautoscalers resource", - "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write", + "description": "Reads resetMetrics", + "displayName": "Gets/List resetMetrics resource", + "name": "Microsoft.ContainerService/fleets/resetMetrics/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes horizontalpodautoscalers", - "displayName": "Deletes/DeletesCollection horizontalpodautoscalers resource", - "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/delete", + "description": "Reads swagger-ui", + "displayName": "Gets/List swagger-ui resource", + "name": "Microsoft.ContainerService/fleets/swagger-ui/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads cronjobs", - "displayName": "Gets/List cronjobs resource", - "name": "Microsoft.ContainerService/fleets/batch/cronjobs/read", + "description": "Reads swagger-api", + "displayName": "Gets/List swagger-api resource", + "name": "Microsoft.ContainerService/fleets/swagger-api/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes cronjobs", - "displayName": "Creates/Updates cronjobs resource", - "name": "Microsoft.ContainerService/fleets/batch/cronjobs/write", + "description": "Reads ui", + "displayName": "Gets/List ui resource", + "name": "Microsoft.ContainerService/fleets/ui/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes cronjobs", - "displayName": "Deletes/DeletesCollection cronjobs resource", - "name": "Microsoft.ContainerService/fleets/batch/cronjobs/delete", + "description": "Reads version", + "displayName": "Gets/List version resource", + "name": "Microsoft.ContainerService/fleets/version/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads jobs", - "displayName": "Gets/List jobs resource", - "name": "Microsoft.ContainerService/fleets/batch/jobs/read", + "description": "Reads poddisruptionbudgets", + "displayName": "Gets/List poddisruptionbudgets resource", + "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes jobs", - "displayName": "Creates/Updates jobs resource", - "name": "Microsoft.ContainerService/fleets/batch/jobs/write", + "description": "Writes poddisruptionbudgets", + "displayName": "Creates/Updates poddisruptionbudgets resource", + "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes jobs", - "displayName": "Deletes/DeletesCollection jobs resource", - "name": "Microsoft.ContainerService/fleets/batch/jobs/delete", + "description": "Deletes poddisruptionbudgets", + "displayName": "Deletes/DeletesCollection poddisruptionbudgets resource", + "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads certificatesigningrequests", - "displayName": "Gets/List certificatesigningrequests resource", - "name": "Microsoft.ContainerService/fleets/certificates.k8s.io/certificatesigningrequests/read", + "description": "Reads podsecuritypolicies", + "displayName": "Gets/List podsecuritypolicies resource", + "name": "Microsoft.ContainerService/fleets/policy/podsecuritypolicies/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes certificatesigningrequests", - "displayName": "Creates/Updates certificatesigningrequests resource", - "name": "Microsoft.ContainerService/fleets/certificates.k8s.io/certificatesigningrequests/write", + "description": "Writes podsecuritypolicies", + "displayName": "Creates/Updates podsecuritypolicies resource", + "name": "Microsoft.ContainerService/fleets/policy/podsecuritypolicies/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes certificatesigningrequests", - "displayName": "Deletes/DeletesCollection certificatesigningrequests resource", - "name": "Microsoft.ContainerService/fleets/certificates.k8s.io/certificatesigningrequests/delete", + "description": "Deletes podsecuritypolicies", + "displayName": "Deletes/DeletesCollection podsecuritypolicies resource", + "name": "Microsoft.ContainerService/fleets/policy/podsecuritypolicies/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads leases", - "displayName": "Gets/List leases resource", - "name": "Microsoft.ContainerService/fleets/coordination.k8s.io/leases/read", + "description": "Use action on podsecuritypolicies", + "displayName": "Use podsecuritypolicies resource", + "name": "Microsoft.ContainerService/fleets/policy/podsecuritypolicies/use/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes leases", - "displayName": "Creates/Updates leases resource", - "name": "Microsoft.ContainerService/fleets/coordination.k8s.io/leases/write", + "description": "Reads clusterrolebindings", + "displayName": "Gets/List clusterrolebindings resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterrolebindings/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes leases", - "displayName": "Deletes/DeletesCollection leases resource", - "name": "Microsoft.ContainerService/fleets/coordination.k8s.io/leases/delete", + "description": "Writes clusterrolebindings", + "displayName": "Creates/Updates clusterrolebindings resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterrolebindings/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes bindings", - "displayName": "Creates/Updates bindings resource", - "name": "Microsoft.ContainerService/fleets/bindings/write", + "description": "Deletes clusterrolebindings", + "displayName": "Deletes/DeletesCollection clusterrolebindings resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterrolebindings/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads componentstatuses", - "displayName": "Gets/List componentstatuses resource", - "name": "Microsoft.ContainerService/fleets/componentstatuses/read", + "description": "Reads clusterroles", + "displayName": "Gets/List clusterroles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes componentstatuses", - "displayName": "Creates/Updates componentstatuses resource", - "name": "Microsoft.ContainerService/fleets/componentstatuses/write", + "description": "Writes clusterroles", + "displayName": "Creates/Updates clusterroles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes componentstatuses", - "displayName": "Deletes/DeletesCollection componentstatuses resource", - "name": "Microsoft.ContainerService/fleets/componentstatuses/delete", + "description": "Deletes clusterroles", + "displayName": "Deletes/DeletesCollection clusterroles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads configmaps", - "displayName": "Gets/List configmaps resource", - "name": "Microsoft.ContainerService/fleets/configmaps/read", + "description": "Binds clusterroles", + "displayName": "Bind clusterroles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/bind/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes configmaps", - "displayName": "Creates/Updates configmaps resource", - "name": "Microsoft.ContainerService/fleets/configmaps/write", + "description": "Escalates", + "displayName": "Escalate clusterroles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/escalate/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes configmaps", - "displayName": "Deletes/DeletesCollection configmaps resource", - "name": "Microsoft.ContainerService/fleets/configmaps/delete", + "description": "Reads rolebindings", + "displayName": "Gets/List rolebindings resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads endpoints", - "displayName": "Gets/List endpoints resource", - "name": "Microsoft.ContainerService/fleets/endpoints/read", + "description": "Writes rolebindings", + "displayName": "Creates/Updates rolebindings resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes endpoints", - "displayName": "Creates/Updates endpoints resource", - "name": "Microsoft.ContainerService/fleets/endpoints/write", + "description": "Deletes rolebindings", + "displayName": "Deletes/DeletesCollection rolebindings resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes endpoints", - "displayName": "Deletes/DeletesCollection endpoints resource", - "name": "Microsoft.ContainerService/fleets/endpoints/delete", + "description": "Reads roles", + "displayName": "Gets/List roles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads events", - "displayName": "Gets/List events resource", - "name": "Microsoft.ContainerService/fleets/events/read", + "description": "Writes roles", + "displayName": "Creates/Updates roles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes events", - "displayName": "Creates/Updates events resource", - "name": "Microsoft.ContainerService/fleets/events/write", + "description": "Deletes roles", + "displayName": "Deletes/DeletesCollection roles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes events", - "displayName": "Deletes/DeletesCollection events resource", - "name": "Microsoft.ContainerService/fleets/events/delete", + "description": "Binds roles", + "displayName": "Bind roles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/bind/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads limitranges", - "displayName": "Gets/List limitranges resource", - "name": "Microsoft.ContainerService/fleets/limitranges/read", + "description": "Escalates roles", + "displayName": "Escalate roles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/escalate/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes limitranges", - "displayName": "Creates/Updates limitranges resource", - "name": "Microsoft.ContainerService/fleets/limitranges/write", + "description": "Reads priorityclasses", + "displayName": "Gets/List priorityclasses resource", + "name": "Microsoft.ContainerService/fleets/scheduling.k8s.io/priorityclasses/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes limitranges", - "displayName": "Deletes/DeletesCollection limitranges resource", - "name": "Microsoft.ContainerService/fleets/limitranges/delete", + "description": "Writes priorityclasses", + "displayName": "Creates/Updates priorityclasses resource", + "name": "Microsoft.ContainerService/fleets/scheduling.k8s.io/priorityclasses/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads namespaces", - "displayName": "Gets/List namespaces resource", - "name": "Microsoft.ContainerService/fleets/namespaces/read", + "description": "Deletes priorityclasses", + "displayName": "Deletes/DeletesCollection priorityclasses resource", + "name": "Microsoft.ContainerService/fleets/scheduling.k8s.io/priorityclasses/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes namespaces", - "displayName": "Creates/Updates namespaces resource", - "name": "Microsoft.ContainerService/fleets/namespaces/write", + "description": "Impersonate users", + "displayName": "Impersonate users resource", + "name": "Microsoft.ContainerService/fleets/users/impersonate/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes namespaces", - "displayName": "Deletes/DeletesCollection namespaces resource", - "name": "Microsoft.ContainerService/fleets/namespaces/delete", + "description": "Impersonate groups", + "displayName": "Impersonate groups resource", + "name": "Microsoft.ContainerService/fleets/groups/impersonate/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads nodes", - "displayName": "Gets/List nodes resource", - "name": "Microsoft.ContainerService/fleets/nodes/read", + "description": "Impersonate userextras", + "displayName": "Impersonate userextras resource", + "name": "Microsoft.ContainerService/fleets/authentication.k8s.io/userextras/impersonate/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes nodes", - "displayName": "Creates/Updates nodes resource", - "name": "Microsoft.ContainerService/fleets/nodes/write", + "description": "Reads storageclasses", + "displayName": "Gets/List storageclasses resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/storageclasses/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes nodes", - "displayName": "Deletes/DeletesCollection nodes resource", - "name": "Microsoft.ContainerService/fleets/nodes/delete", + "description": "Writes storageclasses", + "displayName": "Creates/Updates storageclasses resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/storageclasses/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads persistentvolumeclaims", - "displayName": "Gets/List persistentvolumeclaims resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/read", + "description": "Deletes storageclasses", + "displayName": "Deletes/DeletesCollection storageclasses resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/storageclasses/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes persistentvolumeclaims", - "displayName": "Creates/Updates persistentvolumeclaims resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/write", + "description": "Reads volumeattachments", + "displayName": "Gets/List volumeattachments resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/volumeattachments/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes persistentvolumeclaims", - "displayName": "Deletes/DeletesCollection persistentvolumeclaims resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/delete", + "description": "Writes volumeattachments", + "displayName": "Creates/Updates volumeattachments resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/volumeattachments/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads persistentvolumes", - "displayName": "Gets/List persistentvolumes resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumes/read", + "description": "Deletes volumeattachments", + "displayName": "Deletes/DeletesCollection volumeattachments resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/volumeattachments/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes persistentvolumes", - "displayName": "Creates/Updates persistentvolumes resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumes/write", + "description": "Reads csidrivers", + "displayName": "Gets/List csidrivers resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csidrivers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes persistentvolumes", - "displayName": "Deletes/DeletesCollection persistentvolumes resource", - "name": "Microsoft.ContainerService/fleets/persistentvolumes/delete", + "description": "Writes csidrivers", + "displayName": "Creates/Updates csidrivers resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csidrivers/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads podtemplates", - "displayName": "Gets/List podtemplates resource", - "name": "Microsoft.ContainerService/fleets/podtemplates/read", + "description": "Deletes csidrivers", + "displayName": "Deletes/DeletesCollection csidrivers resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csidrivers/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes podtemplates", - "displayName": "Creates/Updates podtemplates resource", - "name": "Microsoft.ContainerService/fleets/podtemplates/write", + "description": "Reads csinodes", + "displayName": "Gets/List csinodes resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csinodes/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes podtemplates", - "displayName": "Deletes/DeletesCollection podtemplates resource", - "name": "Microsoft.ContainerService/fleets/podtemplates/delete", + "description": "Writes csinodes", + "displayName": "Creates/Updates csinodes resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csinodes/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads replicationcontrollers", - "displayName": "Gets/List replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", + "description": "Deletes csinodes", + "displayName": "Deletes/DeletesCollection csinodes resource", + "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csinodes/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes replicationcontrollers", - "displayName": "Creates/Updates replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", + "description": "Read fleet membercluster resource", + "displayName": "Get/List fleet membercluster resource", + "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes replicationcontrollers", - "displayName": "Deletes/DeletesCollection replicationcontrollers resource", - "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", + "description": "Write fleet membercluster resource", + "displayName": "Create/Update fleet membercluster resource", + "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads resourcequotas", - "displayName": "Gets/List resourcequotas resource", - "name": "Microsoft.ContainerService/fleets/resourcequotas/read", + "description": "Delete fleet membercluster resource", + "displayName": "Delete fleet membercluster resource", + "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes resourcequotas", - "displayName": "Creates/Updates resourcequotas resource", - "name": "Microsoft.ContainerService/fleets/resourcequotas/write", + "description": "Read fleet internalmembercluster resource", + "displayName": "Get/List fleet internalmembercluster resource", + "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes resourcequotas", - "displayName": "Deletes/DeletesCollection resourcequotas resource", - "name": "Microsoft.ContainerService/fleets/resourcequotas/delete", + "description": "Write fleet internalmembercluster resource", + "displayName": "Create/Update fleet internalmembercluster resource", + "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads secrets", - "displayName": "Gets/List secrets resource", - "name": "Microsoft.ContainerService/fleets/secrets/read", + "description": "Delete fleet internalmembercluster resource", + "displayName": "Delete fleet internalmembercluster resource", + "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes secrets", - "displayName": "Creates/Updates secrets resource", - "name": "Microsoft.ContainerService/fleets/secrets/write", + "description": "Read fleet clusterresourceplacement resource", + "displayName": "Gets/List fleet clusterresourceplacement resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes secrets", - "displayName": "Deletes/DeletesCollection secrets resource", - "name": "Microsoft.ContainerService/fleets/secrets/delete", + "description": "Write fleet clusterresourceplacement resource", + "displayName": "Create/Update fleet clusterresourceplacement resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads serviceaccounts", - "displayName": "Gets/List serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/read", + "description": "Delete fleet clusterresourceplacement resource", + "displayName": "Delete fleet clusterresourceplacement resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes serviceaccounts", - "displayName": "Creates/Updates serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/write", + "description": "Read fleet clusterresourcebinding resource", + "displayName": "Gets/List fleet clusterresourcebinding resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes serviceaccounts", - "displayName": "Deletes/DeletesCollection serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/delete", + "description": "Create/Update fleet clusterresourcebinding resource", + "displayName": "Create/Update fleet clusterresourcebinding resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Impersonate serviceaccounts", - "displayName": "Impersonate serviceaccounts resource", - "name": "Microsoft.ContainerService/fleets/serviceaccounts/impersonate/action", + "description": "Delete fleet clusterresourcebinding resource", + "displayName": "Delete fleet clusterresourcebinding resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads services", - "displayName": "Gets/List services resource", - "name": "Microsoft.ContainerService/fleets/services/read", + "description": "Read fleet clusterresourcesnapshot resource", + "displayName": "Gets/List fleet clusterresourcesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes services", - "displayName": "Creates/Updates services resource", - "name": "Microsoft.ContainerService/fleets/services/write", + "description": "Write fleet clusterresourcesnapshot resource", + "displayName": "Create/Update fleet clusterresourcesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes services", - "displayName": "Deletes/DeletesCollection services resource", - "name": "Microsoft.ContainerService/fleets/services/delete", + "description": "Delete fleet clusterresourcesnapshot resource", + "displayName": "Delete fleet clusterresourcesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads events", - "displayName": "Gets/List events resource", - "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/read", + "description": "Read fleet clusterschedulingpolicysnapshot resource", + "displayName": "Gets/List fleet clusterschedulingpolicysnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes events", - "displayName": "Creates/Updates events resource", - "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/write", + "description": "Write fleet clusterschedulingpolicysnapshot resource", + "displayName": "Create/Update fleet clusterschedulingpolicysnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes events", - "displayName": "Deletes/DeletesCollection events resource", - "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/delete", + "description": "Delete fleet clusterschedulingpolicysnapshot resource", + "displayName": "Delete fleet clusterschedulingpolicysnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads daemonsets", - "displayName": "Gets/List daemonsets resource", - "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/read", + "description": "Read fleet clusterresourceoverride resource", + "displayName": "Gets/List fleet clusterresourceoverride resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes daemonsets", - "displayName": "Creates/Updates daemonsets resource", - "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/write", + "description": "Write fleet clusterresourceoverride resource", + "displayName": "Create/Update fleet clusterresourceoverride resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes daemonsets", - "displayName": "Deletes/DeletesCollection daemonsets resource", - "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/delete", + "description": "Delete fleet clusterresourceoverride resource", + "displayName": "Delete fleet clusterresourceoverride resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads deployments", - "displayName": "Gets/List deployments resource", - "name": "Microsoft.ContainerService/fleets/extensions/deployments/read", + "description": "Read fleet clusterresourceoverridesnapshot resource", + "displayName": "Gets/List fleet clusterresourceoverridesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes deployments", - "displayName": "Creates/Updates deployments resource", - "name": "Microsoft.ContainerService/fleets/extensions/deployments/write", + "description": "Write fleet clusterresourceoverridesnapshot resource", + "displayName": "Create/Update fleet clusterresourceoverridesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes deployments", - "displayName": "Deletes/DeletesCollection deployments resource", - "name": "Microsoft.ContainerService/fleets/extensions/deployments/delete", + "description": "Delete fleet clusterresourceoverridesnapshot resource", + "displayName": "Delete fleet clusterresourceoverridesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ingresses", - "displayName": "Gets/List ingresses resource", - "name": "Microsoft.ContainerService/fleets/extensions/ingresses/read", + "description": "Read fleet resourceoverride resource", + "displayName": "Gets/List fleet resourceoverride resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes ingresses", - "displayName": "Creates/Updates ingresses resource", - "name": "Microsoft.ContainerService/fleets/extensions/ingresses/write", + "description": "Write fleet resourceoverride resource", + "displayName": "Create/Update fleet resourceoverride resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes ingresses", - "displayName": "Deletes/DeletesCollection ingresses resource", - "name": "Microsoft.ContainerService/fleets/extensions/ingresses/delete", + "description": "Delete fleet resourceoverride resource", + "displayName": "Delete fleet resourceoverride resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads networkpolicies", - "displayName": "Gets/List networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/read", + "description": "Read fleet resourceoverridesnapshot resource", + "displayName": "Gets/List fleet resourceoverridesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes networkpolicies", - "displayName": "Creates/Updates networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/write", + "description": "Write fleet resourceoverridesnapshot resource", + "displayName": "Create/Update fleet resourceoverridesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes networkpolicies", - "displayName": "Deletes/DeletesCollection networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/delete", + "description": "Delete fleet resourceoverridesnapshot resource", + "displayName": "Delete fleet resourceoverridesnapshot resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads podsecuritypolicies", - "displayName": "Gets/List podsecuritypolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/podsecuritypolicies/read", + "description": "Read fleet work resource", + "displayName": "Gets/List fleet work resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes podsecuritypolicies", - "displayName": "Creates/Updates podsecuritypolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/podsecuritypolicies/write", + "description": "Write fleet work resource", + "displayName": "Create/Update fleet work resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes podsecuritypolicies", - "displayName": "Deletes/DeletesCollection podsecuritypolicies resource", - "name": "Microsoft.ContainerService/fleets/extensions/podsecuritypolicies/delete", + "description": "Delete fleet work resource", + "displayName": "Delete fleet work resource", + "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" + } + ], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Authorization/*/read", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.ContainerService/fleets/read", + "Microsoft.ContainerService/fleets/listCredentials/action" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.ContainerService/fleets/*" + ], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Grants read/write access to Kubernetes resources within a namespace in the fleet-managed hub cluster - provides write permissions on most objects within a a namespace, with the exception of ResourceQuota object and the namespace object itself. Applying this role at cluster scope will give access across all namespaces.", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Kubernetes Fleet Manager RBAC Admin", + "permittedActions": [ + { + "description": "Reads the administrators for the subscription.", + "displayName": "Get administrator", + "name": "Microsoft.Authorization/classicAdministrators/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads pods", - "displayName": "Gets/List pods resource", - "name": "Microsoft.ContainerService/fleets/metrics.k8s.io/pods/read", + "description": "Get information about a role assignment.", + "displayName": "Get role assignment", + "name": "Microsoft.Authorization/roleAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Lists all the permissions the caller has at a given scope.", + "displayName": "List permissions", + "name": "Microsoft.Authorization/permissions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets locks at the specified scope.", + "displayName": "Get management locks", + "name": "Microsoft.Authorization/locks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role definition.", + "displayName": "Get role definition", + "name": "Microsoft.Authorization/roleDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get operations for all resource providers which can be used in role definitions.", + "displayName": "Get operations for resource providers", + "name": "Microsoft.Authorization/providerOperations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy set definition.", + "displayName": "Get policy set definition", + "name": "Microsoft.Authorization/policySetDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy definition.", + "displayName": "Get policy definition", + "name": "Microsoft.Authorization/policyDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy assignment.", + "displayName": "Get policy assignment", + "name": "Microsoft.Authorization/policyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the list of operations", + "displayName": "Get operations", + "name": "Microsoft.Authorization/operations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the administrator opreation statuses of the subscription.", + "displayName": "Get administrator operation statuses", + "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a deny assignment.", + "displayName": "Get deny assignment", + "name": "Microsoft.Authorization/denyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about resource management private link.", + "displayName": "Get Resource Management Private Link", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection proxy.", + "displayName": "Get Private Endpoint Connection Proxy", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private link association.", + "displayName": "Get Private Link Association", + "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy exemption.", + "displayName": "Get policy exemption", + "name": "Microsoft.Authorization/policyExemptions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule requests at given scope.", + "displayName": "Get Role assignment schedule request", + "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule requests at given scope.", + "displayName": "Get Role eligibility schedule request", + "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedules at given scope.", + "displayName": "Get Role assignment schedule", + "name": "Microsoft.Authorization/roleAssignmentSchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedules at given scope.", + "displayName": "Get Role eligibility schedule", + "name": "Microsoft.Authorization/roleEligibilitySchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule instances at given scope.", + "displayName": "Get Role assignment schedule instance", + "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule instances at given scope.", + "displayName": "Get Role eligibility schedule instance", + "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get Role management policies", + "displayName": "Get Role management policy", + "name": "Microsoft.Authorization/roleManagementPolicies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get role management policy assignments", + "displayName": "Get Role management policy assignment", + "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Read the information about diagnostics settings", + "displayName": "Get information about diagnostics settings", + "name": "Microsoft.Authorization/diagnosticSettings/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get the information about diagnostic settings categories", + "displayName": "Read the information about diagnostic settings categories", + "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get the subscription operation results.", + "displayName": "Get Subscription Operation Results", + "name": "Microsoft.Resources/subscriptions/operationresults/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets the list of subscriptions.", + "displayName": "Get Subscriptions", + "name": "Microsoft.Resources/subscriptions/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Get fleet", + "displayName": "Get fleet", + "name": "Microsoft.ContainerService/fleets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads nodes", - "displayName": "Gets/List nodes resource", - "name": "Microsoft.ContainerService/fleets/metrics.k8s.io/nodes/read", + "description": "List fleet credentials", + "displayName": "List fleet credentials", + "name": "Microsoft.ContainerService/fleets/listCredentials/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" - }, + } + ], + "permittedDataActions": [ { - "description": "Reads networkpolicies", - "displayName": "Gets/List networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read", + "description": "Reads controllerrevisions", + "displayName": "Gets/List controllerrevisions resource", + "name": "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes networkpolicies", - "displayName": "Creates/Updates networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write", + "description": "Reads daemonsets", + "displayName": "Gets/List daemonsets resource", + "name": "Microsoft.ContainerService/fleets/apps/daemonsets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes networkpolicies", - "displayName": "Deletes/DeletesCollection networkpolicies resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/delete", + "description": "Writes daemonsets", + "displayName": "Creates/Updates daemonsets resource", + "name": "Microsoft.ContainerService/fleets/apps/daemonsets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ingresses", - "displayName": "Gets/List ingresses resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read", + "description": "Deletes daemonsets", + "displayName": "Deletes/DeletesCollection daemonsets resource", + "name": "Microsoft.ContainerService/fleets/apps/daemonsets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes ingresses", - "displayName": "Creates/Updates ingresses resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write", + "description": "Reads deployments", + "displayName": "Gets/List deployments resource", + "name": "Microsoft.ContainerService/fleets/apps/deployments/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes ingresses", - "displayName": "Deletes/DeletesCollection ingresses resource", - "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/delete", + "description": "Writes deployments", + "displayName": "Creates/Updates deployments resource", + "name": "Microsoft.ContainerService/fleets/apps/deployments/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads runtimeclasses", - "displayName": "Gets/List runtimeclasses resource", - "name": "Microsoft.ContainerService/fleets/node.k8s.io/runtimeclasses/read", + "description": "Deletes deployments", + "displayName": "Deletes/DeletesCollection deployments resource", + "name": "Microsoft.ContainerService/fleets/apps/deployments/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes runtimeclasses", - "displayName": "Creates/Updates runtimeclasses resource", - "name": "Microsoft.ContainerService/fleets/node.k8s.io/runtimeclasses/write", + "description": "Reads statefulsets", + "displayName": "Gets/List statefulsets resource", + "name": "Microsoft.ContainerService/fleets/apps/statefulsets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes runtimeclasses", - "displayName": "Deletes/DeletesCollection runtimeclasses resource", - "name": "Microsoft.ContainerService/fleets/node.k8s.io/runtimeclasses/delete", + "description": "Writes statefulsets", + "displayName": "Creates/Updates statefulsets resource", + "name": "Microsoft.ContainerService/fleets/apps/statefulsets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads api", - "displayName": "Gets/List api resource", - "name": "Microsoft.ContainerService/fleets/api/read", + "description": "Deletes statefulsets", + "displayName": "Deletes/DeletesCollection statefulsets resource", + "name": "Microsoft.ContainerService/fleets/apps/statefulsets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads api/v1", - "displayName": "Gets/List api/v1 resource", - "name": "Microsoft.ContainerService/fleets/api/v1/read", + "description": "Writes localsubjectaccessreviews", + "displayName": "Creates/Updates localsubjectaccessreviews resource", + "name": "Microsoft.ContainerService/fleets/authorization.k8s.io/localsubjectaccessreviews/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apis", - "displayName": "Gets/List apis resource", - "name": "Microsoft.ContainerService/fleets/apis/read", + "description": "Reads horizontalpodautoscalers", + "displayName": "Gets/List horizontalpodautoscalers resource", + "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads admissionregistration.k8s.io", - "displayName": "Gets/List admissionregistration.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/admissionregistration.k8s.io/read", + "description": "Writes horizontalpodautoscalers", + "displayName": "Creates/Updates horizontalpodautoscalers resource", + "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads admissionregistration.k8s.io/v1", - "displayName": "Gets/List admissionregistration.k8s.io/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/admissionregistration.k8s.io/v1/read", + "description": "Deletes horizontalpodautoscalers", + "displayName": "Deletes/DeletesCollection horizontalpodautoscalers resource", + "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads admissionregistration.k8s.io/v1beta1", - "displayName": "Gets/List admissionregistration.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/admissionregistration.k8s.io/v1beta1/read", + "description": "Reads cronjobs", + "displayName": "Gets/List cronjobs resource", + "name": "Microsoft.ContainerService/fleets/batch/cronjobs/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiextensions.k8s.io", - "displayName": "Gets/List apiextensions.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/apiextensions.k8s.io/read", + "description": "Writes cronjobs", + "displayName": "Creates/Updates cronjobs resource", + "name": "Microsoft.ContainerService/fleets/batch/cronjobs/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiextensions.k8s.io/v1", - "displayName": "Gets/List apiextensions.k8s.io/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/apiextensions.k8s.io/v1/read", + "description": "Deletes cronjobs", + "displayName": "Deletes/DeletesCollection cronjobs resource", + "name": "Microsoft.ContainerService/fleets/batch/cronjobs/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiextensions.k8s.io/v1beta1", - "displayName": "Gets/List apiextensions.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/apiextensions.k8s.io/v1beta1/read", + "description": "Reads jobs", + "displayName": "Gets/List jobs resource", + "name": "Microsoft.ContainerService/fleets/batch/jobs/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiregistration.k8s.io", - "displayName": "Gets/List apiregistration.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/apiregistration.k8s.io/read", + "description": "Writes jobs", + "displayName": "Creates/Updates jobs resource", + "name": "Microsoft.ContainerService/fleets/batch/jobs/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiregistration.k8s.io/v1", - "displayName": "Gets/List apiregistration.k8s.io/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/apiregistration.k8s.io/v1/read", + "description": "Deletes jobs", + "displayName": "Deletes/DeletesCollection jobs resource", + "name": "Microsoft.ContainerService/fleets/batch/jobs/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiregistration.k8s.io/v1beta1", - "displayName": "Gets/List apiregistration.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/apiregistration.k8s.io/v1beta1/read", + "description": "Reads configmaps", + "displayName": "Gets/List configmaps resource", + "name": "Microsoft.ContainerService/fleets/configmaps/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apps", - "displayName": "Gets/List apps resource", - "name": "Microsoft.ContainerService/fleets/apis/apps/read", + "description": "Writes configmaps", + "displayName": "Creates/Updates configmaps resource", + "name": "Microsoft.ContainerService/fleets/configmaps/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apps/v1", - "displayName": "Gets/List apps/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/apps/v1/read", + "description": "Deletes configmaps", + "displayName": "Deletes/DeletesCollection configmaps resource", + "name": "Microsoft.ContainerService/fleets/configmaps/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apps/v1beta1", - "displayName": "Gets/List apps/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/apps/v1beta1/read", + "description": "Reads endpoints", + "displayName": "Gets/List endpoints resource", + "name": "Microsoft.ContainerService/fleets/endpoints/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apps/v1beta2", - "displayName": "Gets/List apps/v1beta2 resource", - "name": "Microsoft.ContainerService/fleets/apis/apps/v1beta2/read", + "description": "Writes endpoints", + "displayName": "Creates/Updates endpoints resource", + "name": "Microsoft.ContainerService/fleets/endpoints/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads authentication.k8s.io", - "displayName": "Gets/List authentication.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/authentication.k8s.io/read", + "description": "Deletes endpoints", + "displayName": "Deletes/DeletesCollection endpoints resource", + "name": "Microsoft.ContainerService/fleets/endpoints/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads authentication.k8s.io/v1", - "displayName": "Gets/List authentication.k8s.io/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/authentication.k8s.io/v1/read", + "description": "Reads events", + "displayName": "Gets/List events resource", + "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads authentication.k8s.io/v1beta1", - "displayName": "Gets/List authentication.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/authentication.k8s.io/v1beta1/read", + "description": "Reads events", + "displayName": "Gets/List events resource", + "name": "Microsoft.ContainerService/fleets/events/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads authorization.k8s.io", - "displayName": "Gets/List authorization.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/authorization.k8s.io/read", + "description": "Reads daemonsets", + "displayName": "Gets/List daemonsets resource", + "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads authorization.k8s.io/v1", - "displayName": "Gets/List authorization.k8s.io/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/authorization.k8s.io/v1/read", + "description": "Writes daemonsets", + "displayName": "Creates/Updates daemonsets resource", + "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads authorization.k8s.io/v1beta1", - "displayName": "Gets/List authorization.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/authorization.k8s.io/v1beta1/read", + "description": "Deletes daemonsets", + "displayName": "Deletes/DeletesCollection daemonsets resource", + "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads autoscaling", - "displayName": "Gets/List autoscaling resource", - "name": "Microsoft.ContainerService/fleets/apis/autoscaling/read", + "description": "Reads deployments", + "displayName": "Gets/List deployments resource", + "name": "Microsoft.ContainerService/fleets/extensions/deployments/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads autoscaling/v1", - "displayName": "Gets/List autoscaling/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/autoscaling/v1/read", + "description": "Writes deployments", + "displayName": "Creates/Updates deployments resource", + "name": "Microsoft.ContainerService/fleets/extensions/deployments/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads autoscaling/v2beta1", - "displayName": "Gets/List autoscaling/v2beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/autoscaling/v2beta1/read", + "description": "Deletes deployments", + "displayName": "Deletes/DeletesCollection deployments resource", + "name": "Microsoft.ContainerService/fleets/extensions/deployments/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads autoscaling/v2beta2", - "displayName": "Gets/List autoscaling/v2beta2 resource", - "name": "Microsoft.ContainerService/fleets/apis/autoscaling/v2beta2/read", + "description": "Reads ingresses", + "displayName": "Gets/List ingresses resource", + "name": "Microsoft.ContainerService/fleets/extensions/ingresses/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads batch", - "displayName": "Gets/List batch resource", - "name": "Microsoft.ContainerService/fleets/apis/batch/read", + "description": "Writes ingresses", + "displayName": "Creates/Updates ingresses resource", + "name": "Microsoft.ContainerService/fleets/extensions/ingresses/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads batch/v1", - "displayName": "Gets/List batch/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/batch/v1/read", + "description": "Deletes ingresses", + "displayName": "Deletes/DeletesCollection ingresses resource", + "name": "Microsoft.ContainerService/fleets/extensions/ingresses/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads batch/v1beta1", - "displayName": "Gets/List batch/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/batch/v1beta1/read", + "description": "Reads networkpolicies", + "displayName": "Gets/List networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads certificates.k8s.io", - "displayName": "Gets/List certificates.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/certificates.k8s.io/read", + "description": "Writes networkpolicies", + "displayName": "Creates/Updates networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads certificates.k8s.io/v1beta1", - "displayName": "Gets/List certificates.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/certificates.k8s.io/v1beta1/read", + "description": "Deletes networkpolicies", + "displayName": "Deletes/DeletesCollection networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads coordination.k8s.io", - "displayName": "Gets/List coordination.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/coordination.k8s.io/read", + "description": "Reads limitranges", + "displayName": "Gets/List limitranges resource", + "name": "Microsoft.ContainerService/fleets/limitranges/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads coordination/v1", - "displayName": "Gets/List coordination/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/coordination.k8s.io/v1/read", + "description": "Reads namespaces", + "displayName": "Gets/List namespaces resource", + "name": "Microsoft.ContainerService/fleets/namespaces/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads coordination.k8s.io/v1beta1", - "displayName": "Gets/List coordination.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/coordination.k8s.io/v1beta1/read", + "description": "Reads ingresses", + "displayName": "Gets/List ingresses resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads events.k8s.io", - "displayName": "Gets/List events.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/events.k8s.io/read", + "description": "Writes ingresses", + "displayName": "Creates/Updates ingresses resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads events.k8s.io/v1beta1", - "displayName": "Gets/List events.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/events.k8s.io/v1beta1/read", + "description": "Deletes ingresses", + "displayName": "Deletes/DeletesCollection ingresses resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads extensions", - "displayName": "Gets/List extensions resource", - "name": "Microsoft.ContainerService/fleets/apis/extensions/read", + "description": "Reads networkpolicies", + "displayName": "Gets/List networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads extensions/v1beta1", - "displayName": "Gets/List extensions/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/extensions/v1beta1/read", + "description": "Writes networkpolicies", + "displayName": "Creates/Updates networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads metrics.k8s.io", - "displayName": "Gets/List metrics.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/metrics.k8s.io/read", + "description": "Deletes networkpolicies", + "displayName": "Deletes/DeletesCollection networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads metrics.k8s.io/v1beta1", - "displayName": "Gets/List metrics.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/metrics.k8s.io/v1beta1/read", + "description": "Reads persistentvolumeclaims", + "displayName": "Gets/List persistentvolumeclaims resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads networking.k8s.io", - "displayName": "Gets/List networking.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/networking.k8s.io/read", + "description": "Writes persistentvolumeclaims", + "displayName": "Creates/Updates persistentvolumeclaims resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads networking/v1", - "displayName": "Gets/List networking/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/networking.k8s.io/v1/read", + "description": "Deletes persistentvolumeclaims", + "displayName": "Deletes/DeletesCollection persistentvolumeclaims resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads networking.k8s.io/v1beta1", - "displayName": "Gets/List networking.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/networking.k8s.io/v1beta1/read", + "description": "Reads poddisruptionbudgets", + "displayName": "Gets/List poddisruptionbudgets resource", + "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads node.k8s.io", - "displayName": "Gets/List node.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/node.k8s.io/read", + "description": "Writes poddisruptionbudgets", + "displayName": "Creates/Updates poddisruptionbudgets resource", + "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads node.k8s.io/v1beta1", - "displayName": "Gets/List node.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/node.k8s.io/v1beta1/read", + "description": "Deletes poddisruptionbudgets", + "displayName": "Deletes/DeletesCollection poddisruptionbudgets resource", + "name": "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads policy", - "displayName": "Gets/List policy resource", - "name": "Microsoft.ContainerService/fleets/apis/policy/read", + "description": "Reads rolebindings", + "displayName": "Gets/List rolebindings resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads policy/v1beta1", - "displayName": "Gets/List policy/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/policy/v1beta1/read", + "description": "Writes rolebindings", + "displayName": "Creates/Updates rolebindings resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads rbac.authorization.k8s.io", - "displayName": "Gets/List rbac.authorization.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/rbac.authorization.k8s.io/read", + "description": "Deletes rolebindings", + "displayName": "Deletes/DeletesCollection rolebindings resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads rbac.authorization/v1", - "displayName": "Gets/List rbac.authorization/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/rbac.authorization.k8s.io/v1/read", + "description": "Reads roles", + "displayName": "Gets/List roles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads rbac.authorization.k8s.io/v1beta1", - "displayName": "Gets/List rbac.authorization.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/rbac.authorization.k8s.io/v1beta1/read", + "description": "Writes roles", + "displayName": "Creates/Updates roles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads scheduling.k8s.io", - "displayName": "Gets/List scheduling.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/scheduling.k8s.io/read", + "description": "Deletes roles", + "displayName": "Deletes/DeletesCollection roles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads scheduling/v1", - "displayName": "Gets/List scheduling/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/scheduling.k8s.io/v1/read", + "description": "Binds roles", + "displayName": "Bind roles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/bind/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads scheduling.k8s.io/v1beta1", - "displayName": "Gets/List scheduling.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/scheduling.k8s.io/v1beta1/read", + "description": "Escalates roles", + "displayName": "Escalate roles resource", + "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/escalate/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads storage.k8s.io", - "displayName": "Gets/List storage.k8s.io resource", - "name": "Microsoft.ContainerService/fleets/apis/storage.k8s.io/read", + "description": "Reads replicationcontrollers", + "displayName": "Gets/List replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads storage/v1", - "displayName": "Gets/List storage/v1 resource", - "name": "Microsoft.ContainerService/fleets/apis/storage.k8s.io/v1/read", + "description": "Writes replicationcontrollers", + "displayName": "Creates/Updates replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads storage.k8s.io/v1beta1", - "displayName": "Gets/List storage.k8s.io/v1beta1 resource", - "name": "Microsoft.ContainerService/fleets/apis/storage.k8s.io/v1beta1/read", + "description": "Deletes replicationcontrollers", + "displayName": "Deletes/DeletesCollection replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads healthz", - "displayName": "Gets/List healthz resource", - "name": "Microsoft.ContainerService/fleets/healthz/read", + "description": "Reads replicationcontrollers", + "displayName": "Gets/List replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads autoregister-completion", - "displayName": "Gets/List autoregister-completion resource", - "name": "Microsoft.ContainerService/fleets/healthz/autoregister-completion/read", + "description": "Writes replicationcontrollers", + "displayName": "Creates/Updates replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads etcd", - "displayName": "Gets/List etcd resource", - "name": "Microsoft.ContainerService/fleets/healthz/etcd/read", + "description": "Deletes replicationcontrollers", + "displayName": "Deletes/DeletesCollection replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads log", - "displayName": "Gets/List log resource", - "name": "Microsoft.ContainerService/fleets/healthz/log/read", + "description": "Reads resourcequotas", + "displayName": "Gets/List resourcequotas resource", + "name": "Microsoft.ContainerService/fleets/resourcequotas/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ping", - "displayName": "Gets/List ping resource", - "name": "Microsoft.ContainerService/fleets/healthz/ping/read", + "description": "Reads secrets", + "displayName": "Gets/List secrets resource", + "name": "Microsoft.ContainerService/fleets/secrets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiservice-openapi-controller", - "displayName": "Gets/List apiservice-openapi-controller resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/apiservice-openapi-controller/read", + "description": "Writes secrets", + "displayName": "Creates/Updates secrets resource", + "name": "Microsoft.ContainerService/fleets/secrets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiservice-registration-controller", - "displayName": "Gets/List apiservice-registration-controller resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/apiservice-registration-controller/read", + "description": "Deletes secrets", + "displayName": "Deletes/DeletesCollection secrets resource", + "name": "Microsoft.ContainerService/fleets/secrets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiservice-status-available-controller", - "displayName": "Gets/List apiservice-status-available-controller resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/apiservice-status-available-controller/read", + "description": "Reads serviceaccounts", + "displayName": "Gets/List serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads bootstrap-controller", - "displayName": "Gets/List bootstrap-controller resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/bootstrap-controller/read", + "description": "Writes serviceaccounts", + "displayName": "Creates/Updates serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ca-registration", - "displayName": "Gets/List ca-registration resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/ca-registration/read", + "description": "Deletes serviceaccounts", + "displayName": "Deletes/DeletesCollection serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads crd-informer-synced", - "displayName": "Gets/List crd-informer-synced resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/crd-informer-synced/read", + "description": "Impersonate serviceaccounts", + "displayName": "Impersonate serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/impersonate/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads generic-apiserver-start-informers", - "displayName": "Gets/List generic-apiserver-start-informers resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/generic-apiserver-start-informers/read", + "description": "Reads services", + "displayName": "Gets/List services resource", + "name": "Microsoft.ContainerService/fleets/services/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads kube-apiserver-autoregistration", - "displayName": "Gets/List kube-apiserver-autoregistration resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/kube-apiserver-autoregistration/read", + "description": "Writes services", + "displayName": "Creates/Updates services resource", + "name": "Microsoft.ContainerService/fleets/services/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads bootstrap-roles", - "displayName": "Gets/List bootstrap-roles resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/rbac/bootstrap-roles/read", + "description": "Deletes services", + "displayName": "Deletes/DeletesCollection services resource", + "name": "Microsoft.ContainerService/fleets/services/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" + } + ], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Authorization/*/read", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.ContainerService/fleets/read", + "Microsoft.ContainerService/fleets/listCredentials/action" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", + "Microsoft.ContainerService/fleets/apps/daemonsets/*", + "Microsoft.ContainerService/fleets/apps/deployments/*", + "Microsoft.ContainerService/fleets/apps/statefulsets/*", + "Microsoft.ContainerService/fleets/authorization.k8s.io/localsubjectaccessreviews/write", + "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*", + "Microsoft.ContainerService/fleets/batch/cronjobs/*", + "Microsoft.ContainerService/fleets/batch/jobs/*", + "Microsoft.ContainerService/fleets/configmaps/*", + "Microsoft.ContainerService/fleets/endpoints/*", + "Microsoft.ContainerService/fleets/events.k8s.io/events/read", + "Microsoft.ContainerService/fleets/events/read", + "Microsoft.ContainerService/fleets/extensions/daemonsets/*", + "Microsoft.ContainerService/fleets/extensions/deployments/*", + "Microsoft.ContainerService/fleets/extensions/ingresses/*", + "Microsoft.ContainerService/fleets/extensions/networkpolicies/*", + "Microsoft.ContainerService/fleets/limitranges/read", + "Microsoft.ContainerService/fleets/namespaces/read", + "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*", + "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*", + "Microsoft.ContainerService/fleets/persistentvolumeclaims/*", + "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*", + "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/*", + "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/*", + "Microsoft.ContainerService/fleets/replicationcontrollers/*", + "Microsoft.ContainerService/fleets/replicationcontrollers/*", + "Microsoft.ContainerService/fleets/resourcequotas/read", + "Microsoft.ContainerService/fleets/secrets/*", + "Microsoft.ContainerService/fleets/serviceaccounts/*", + "Microsoft.ContainerService/fleets/services/*" + ], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Grants read/write access to most Kubernetes resources within a namespace in the fleet-managed hub cluster. This role does not allow viewing or modifying roles or role bindings. However, this role allows accessing Secrets as any ServiceAccount in the namespace, so it can be used to gain the API access levels of any ServiceAccount in the namespace.\u00a0 Applying this role at cluster scope will give access across all namespaces.", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Kubernetes Fleet Manager RBAC Writer", + "permittedActions": [ + { + "description": "Reads the administrators for the subscription.", + "displayName": "Get administrator", + "name": "Microsoft.Authorization/classicAdministrators/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reads bootstrap-system-priority-classes", - "displayName": "Gets/List bootstrap-system-priority-classes resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/scheduling/bootstrap-system-priority-classes/read", + "description": "Get information about a role assignment.", + "displayName": "Get role assignment", + "name": "Microsoft.Authorization/roleAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Lists all the permissions the caller has at a given scope.", + "displayName": "List permissions", + "name": "Microsoft.Authorization/permissions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets locks at the specified scope.", + "displayName": "Get management locks", + "name": "Microsoft.Authorization/locks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role definition.", + "displayName": "Get role definition", + "name": "Microsoft.Authorization/roleDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get operations for all resource providers which can be used in role definitions.", + "displayName": "Get operations for resource providers", + "name": "Microsoft.Authorization/providerOperations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy set definition.", + "displayName": "Get policy set definition", + "name": "Microsoft.Authorization/policySetDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy definition.", + "displayName": "Get policy definition", + "name": "Microsoft.Authorization/policyDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy assignment.", + "displayName": "Get policy assignment", + "name": "Microsoft.Authorization/policyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the list of operations", + "displayName": "Get operations", + "name": "Microsoft.Authorization/operations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the administrator opreation statuses of the subscription.", + "displayName": "Get administrator operation statuses", + "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a deny assignment.", + "displayName": "Get deny assignment", + "name": "Microsoft.Authorization/denyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about resource management private link.", + "displayName": "Get Resource Management Private Link", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection proxy.", + "displayName": "Get Private Endpoint Connection Proxy", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private link association.", + "displayName": "Get Private Link Association", + "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy exemption.", + "displayName": "Get policy exemption", + "name": "Microsoft.Authorization/policyExemptions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule requests at given scope.", + "displayName": "Get Role assignment schedule request", + "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule requests at given scope.", + "displayName": "Get Role eligibility schedule request", + "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedules at given scope.", + "displayName": "Get Role assignment schedule", + "name": "Microsoft.Authorization/roleAssignmentSchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedules at given scope.", + "displayName": "Get Role eligibility schedule", + "name": "Microsoft.Authorization/roleEligibilitySchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule instances at given scope.", + "displayName": "Get Role assignment schedule instance", + "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule instances at given scope.", + "displayName": "Get Role eligibility schedule instance", + "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get Role management policies", + "displayName": "Get Role management policy", + "name": "Microsoft.Authorization/roleManagementPolicies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get role management policy assignments", + "displayName": "Get Role management policy assignment", + "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Read the information about diagnostics settings", + "displayName": "Get information about diagnostics settings", + "name": "Microsoft.Authorization/diagnosticSettings/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get the information about diagnostic settings categories", + "displayName": "Read the information about diagnostic settings categories", + "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get the subscription operation results.", + "displayName": "Get Subscription Operation Results", + "name": "Microsoft.Resources/subscriptions/operationresults/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets the list of subscriptions.", + "displayName": "Get Subscriptions", + "name": "Microsoft.Resources/subscriptions/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Get fleet", + "displayName": "Get fleet", + "name": "Microsoft.ContainerService/fleets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-apiextensions-controllers", - "displayName": "Gets/List start-apiextensions-controllers resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/start-apiextensions-controllers/read", + "description": "List fleet credentials", + "displayName": "List fleet credentials", + "name": "Microsoft.ContainerService/fleets/listCredentials/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" - }, + } + ], + "permittedDataActions": [ { - "description": "Reads start-apiextensions-informers", - "displayName": "Gets/List start-apiextensions-informers resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/start-apiextensions-informers/read", + "description": "Reads controllerrevisions", + "displayName": "Gets/List controllerrevisions resource", + "name": "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-kube-aggregator-informers", - "displayName": "Gets/List start-kube-aggregator-informers resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/start-kube-aggregator-informers/read", + "description": "Reads daemonsets", + "displayName": "Gets/List daemonsets resource", + "name": "Microsoft.ContainerService/fleets/apps/daemonsets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-kube-apiserver-admission-initializer", - "displayName": "Gets/List start-kube-apiserver-admission-initializer resource", - "name": "Microsoft.ContainerService/fleets/healthz/poststarthook/start-kube-apiserver-admission-initializer/read", + "description": "Writes daemonsets", + "displayName": "Creates/Updates daemonsets resource", + "name": "Microsoft.ContainerService/fleets/apps/daemonsets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads livez", - "displayName": "Gets/List livez resource", - "name": "Microsoft.ContainerService/fleets/livez/read", + "description": "Deletes daemonsets", + "displayName": "Deletes/DeletesCollection daemonsets resource", + "name": "Microsoft.ContainerService/fleets/apps/daemonsets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads autoregister-completion", - "displayName": "Gets/List autoregister-completion resource", - "name": "Microsoft.ContainerService/fleets/livez/autoregister-completion/read", + "description": "Reads deployments", + "displayName": "Gets/List deployments resource", + "name": "Microsoft.ContainerService/fleets/apps/deployments/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads etcd", - "displayName": "Gets/List etcd resource", - "name": "Microsoft.ContainerService/fleets/livez/etcd/read", + "description": "Writes deployments", + "displayName": "Creates/Updates deployments resource", + "name": "Microsoft.ContainerService/fleets/apps/deployments/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads log", - "displayName": "Gets/List log resource", - "name": "Microsoft.ContainerService/fleets/livez/log/read", + "description": "Deletes deployments", + "displayName": "Deletes/DeletesCollection deployments resource", + "name": "Microsoft.ContainerService/fleets/apps/deployments/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ping", - "displayName": "Gets/List ping resource", - "name": "Microsoft.ContainerService/fleets/livez/ping/read", + "description": "Reads statefulsets", + "displayName": "Gets/List statefulsets resource", + "name": "Microsoft.ContainerService/fleets/apps/statefulsets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiservice-openapi-controller", - "displayName": "Gets/List apiservice-openapi-controller resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/apiservice-openapi-controller/read", + "description": "Writes statefulsets", + "displayName": "Creates/Updates statefulsets resource", + "name": "Microsoft.ContainerService/fleets/apps/statefulsets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiservice-registration-controller", - "displayName": "Gets/List apiservice-registration-controller resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/apiservice-registration-controller/read", + "description": "Deletes statefulsets", + "displayName": "Deletes/DeletesCollection statefulsets resource", + "name": "Microsoft.ContainerService/fleets/apps/statefulsets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiservice-status-available-controller", - "displayName": "Gets/List apiservice-status-available-controller resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/apiservice-status-available-controller/read", + "description": "Reads horizontalpodautoscalers", + "displayName": "Gets/List horizontalpodautoscalers resource", + "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads bootstrap-controller", - "displayName": "Gets/List bootstrap-controller resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/bootstrap-controller/read", + "description": "Writes horizontalpodautoscalers", + "displayName": "Creates/Updates horizontalpodautoscalers resource", + "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ca-registration", - "displayName": "Gets/List ca-registration resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/ca-registration/read", + "description": "Deletes horizontalpodautoscalers", + "displayName": "Deletes/DeletesCollection horizontalpodautoscalers resource", + "name": "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads crd-informer-synced", - "displayName": "Gets/List crd-informer-synced resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/crd-informer-synced/read", + "description": "Reads cronjobs", + "displayName": "Gets/List cronjobs resource", + "name": "Microsoft.ContainerService/fleets/batch/cronjobs/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads generic-apiserver-start-informers", - "displayName": "Gets/List generic-apiserver-start-informers resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/generic-apiserver-start-informers/read", + "description": "Writes cronjobs", + "displayName": "Creates/Updates cronjobs resource", + "name": "Microsoft.ContainerService/fleets/batch/cronjobs/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads kube-apiserver-autoregistration", - "displayName": "Gets/List kube-apiserver-autoregistration resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/kube-apiserver-autoregistration/read", + "description": "Deletes cronjobs", + "displayName": "Deletes/DeletesCollection cronjobs resource", + "name": "Microsoft.ContainerService/fleets/batch/cronjobs/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads bootstrap-roles", - "displayName": "Gets/List bootstrap-roles resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/rbac/bootstrap-roles/read", + "description": "Reads jobs", + "displayName": "Gets/List jobs resource", + "name": "Microsoft.ContainerService/fleets/batch/jobs/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads bootstrap-system-priority-classes", - "displayName": "Gets/List bootstrap-system-priority-classes resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/scheduling/bootstrap-system-priority-classes/read", + "description": "Writes jobs", + "displayName": "Creates/Updates jobs resource", + "name": "Microsoft.ContainerService/fleets/batch/jobs/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-apiextensions-controllers", - "displayName": "Gets/List start-apiextensions-controllers resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/start-apiextensions-controllers/read", + "description": "Deletes jobs", + "displayName": "Deletes/DeletesCollection jobs resource", + "name": "Microsoft.ContainerService/fleets/batch/jobs/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-apiextensions-informers", - "displayName": "Gets/List start-apiextensions-informers resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/start-apiextensions-informers/read", + "description": "Reads configmaps", + "displayName": "Gets/List configmaps resource", + "name": "Microsoft.ContainerService/fleets/configmaps/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-kube-aggregator-informers", - "displayName": "Gets/List start-kube-aggregator-informers resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/start-kube-aggregator-informers/read", + "description": "Writes configmaps", + "displayName": "Creates/Updates configmaps resource", + "name": "Microsoft.ContainerService/fleets/configmaps/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-kube-apiserver-admission-initializer", - "displayName": "Gets/List start-kube-apiserver-admission-initializer resource", - "name": "Microsoft.ContainerService/fleets/livez/poststarthook/start-kube-apiserver-admission-initializer/read", + "description": "Deletes configmaps", + "displayName": "Deletes/DeletesCollection configmaps resource", + "name": "Microsoft.ContainerService/fleets/configmaps/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads logs", - "displayName": "Gets/List logs resource", - "name": "Microsoft.ContainerService/fleets/logs/read", + "description": "Reads endpoints", + "displayName": "Gets/List endpoints resource", + "name": "Microsoft.ContainerService/fleets/endpoints/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads metrics", - "displayName": "Gets/List metrics resource", - "name": "Microsoft.ContainerService/fleets/metrics/read", + "description": "Writes endpoints", + "displayName": "Creates/Updates endpoints resource", + "name": "Microsoft.ContainerService/fleets/endpoints/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads v2", - "displayName": "Gets/List v2 resource", - "name": "Microsoft.ContainerService/fleets/openapi/v2/read", + "description": "Deletes endpoints", + "displayName": "Deletes/DeletesCollection endpoints resource", + "name": "Microsoft.ContainerService/fleets/endpoints/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads readyz", - "displayName": "Gets/List readyz resource", - "name": "Microsoft.ContainerService/fleets/readyz/read", + "description": "Reads events", + "displayName": "Gets/List events resource", + "name": "Microsoft.ContainerService/fleets/events.k8s.io/events/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads autoregister-completion", - "displayName": "Gets/List autoregister-completion resource", - "name": "Microsoft.ContainerService/fleets/readyz/autoregister-completion/read", + "description": "Reads events", + "displayName": "Gets/List events resource", + "name": "Microsoft.ContainerService/fleets/events/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads etcd", - "displayName": "Gets/List etcd resource", - "name": "Microsoft.ContainerService/fleets/readyz/etcd/read", + "description": "Reads daemonsets", + "displayName": "Gets/List daemonsets resource", + "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads log", - "displayName": "Gets/List log resource", - "name": "Microsoft.ContainerService/fleets/readyz/log/read", + "description": "Writes daemonsets", + "displayName": "Creates/Updates daemonsets resource", + "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ping", - "displayName": "Gets/List ping resource", - "name": "Microsoft.ContainerService/fleets/readyz/ping/read", + "description": "Deletes daemonsets", + "displayName": "Deletes/DeletesCollection daemonsets resource", + "name": "Microsoft.ContainerService/fleets/extensions/daemonsets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiservice-openapi-controller", - "displayName": "Gets/List apiservice-openapi-controller resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/apiservice-openapi-controller/read", + "description": "Reads deployments", + "displayName": "Gets/List deployments resource", + "name": "Microsoft.ContainerService/fleets/extensions/deployments/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiservice-registration-controller", - "displayName": "Gets/List apiservice-registration-controller resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/apiservice-registration-controller/read", + "description": "Writes deployments", + "displayName": "Creates/Updates deployments resource", + "name": "Microsoft.ContainerService/fleets/extensions/deployments/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads apiservice-status-available-controller", - "displayName": "Gets/List apiservice-status-available-controller resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/apiservice-status-available-controller/read", + "description": "Deletes deployments", + "displayName": "Deletes/DeletesCollection deployments resource", + "name": "Microsoft.ContainerService/fleets/extensions/deployments/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads bootstrap-controller", - "displayName": "Gets/List bootstrap-controller resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/bootstrap-controller/read", + "description": "Reads ingresses", + "displayName": "Gets/List ingresses resource", + "name": "Microsoft.ContainerService/fleets/extensions/ingresses/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ca-registration", - "displayName": "Gets/List ca-registration resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/ca-registration/read", + "description": "Writes ingresses", + "displayName": "Creates/Updates ingresses resource", + "name": "Microsoft.ContainerService/fleets/extensions/ingresses/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads crd-informer-synced", - "displayName": "Gets/List crd-informer-synced resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/crd-informer-synced/read", + "description": "Deletes ingresses", + "displayName": "Deletes/DeletesCollection ingresses resource", + "name": "Microsoft.ContainerService/fleets/extensions/ingresses/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads generic-apiserver-start-informers", - "displayName": "Gets/List generic-apiserver-start-informers resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/generic-apiserver-start-informers/read", + "description": "Reads networkpolicies", + "displayName": "Gets/List networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads kube-apiserver-autoregistration", - "displayName": "Gets/List kube-apiserver-autoregistration resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/kube-apiserver-autoregistration/read", + "description": "Writes networkpolicies", + "displayName": "Creates/Updates networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads bootstrap-roles", - "displayName": "Gets/List bootstrap-roles resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/rbac/bootstrap-roles/read", + "description": "Deletes networkpolicies", + "displayName": "Deletes/DeletesCollection networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/extensions/networkpolicies/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads bootstrap-system-priority-classes", - "displayName": "Gets/List bootstrap-system-priority-classes resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/scheduling/bootstrap-system-priority-classes/read", + "description": "Reads limitranges", + "displayName": "Gets/List limitranges resource", + "name": "Microsoft.ContainerService/fleets/limitranges/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-apiextensions-controllers", - "displayName": "Gets/List start-apiextensions-controllers resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/start-apiextensions-controllers/read", + "description": "Reads namespaces", + "displayName": "Gets/List namespaces resource", + "name": "Microsoft.ContainerService/fleets/namespaces/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-apiextensions-informers", - "displayName": "Gets/List start-apiextensions-informers resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/start-apiextensions-informers/read", + "description": "Reads ingresses", + "displayName": "Gets/List ingresses resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-kube-aggregator-informers", - "displayName": "Gets/List start-kube-aggregator-informers resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/start-kube-aggregator-informers/read", + "description": "Writes ingresses", + "displayName": "Creates/Updates ingresses resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads start-kube-apiserver-admission-initializer", - "displayName": "Gets/List start-kube-apiserver-admission-initializer resource", - "name": "Microsoft.ContainerService/fleets/readyz/poststarthook/start-kube-apiserver-admission-initializer/read", + "description": "Deletes ingresses", + "displayName": "Deletes/DeletesCollection ingresses resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads shutdown", - "displayName": "Gets/List shutdown resource", - "name": "Microsoft.ContainerService/fleets/readyz/shutdown/read", + "description": "Reads networkpolicies", + "displayName": "Gets/List networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads resetMetrics", - "displayName": "Gets/List resetMetrics resource", - "name": "Microsoft.ContainerService/fleets/resetMetrics/read", + "description": "Writes networkpolicies", + "displayName": "Creates/Updates networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads swagger-ui", - "displayName": "Gets/List swagger-ui resource", - "name": "Microsoft.ContainerService/fleets/swagger-ui/read", + "description": "Deletes networkpolicies", + "displayName": "Deletes/DeletesCollection networkpolicies resource", + "name": "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads swagger-api", - "displayName": "Gets/List swagger-api resource", - "name": "Microsoft.ContainerService/fleets/swagger-api/read", + "description": "Reads persistentvolumeclaims", + "displayName": "Gets/List persistentvolumeclaims resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads ui", - "displayName": "Gets/List ui resource", - "name": "Microsoft.ContainerService/fleets/ui/read", + "description": "Writes persistentvolumeclaims", + "displayName": "Creates/Updates persistentvolumeclaims resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads version", - "displayName": "Gets/List version resource", - "name": "Microsoft.ContainerService/fleets/version/read", + "description": "Deletes persistentvolumeclaims", + "displayName": "Deletes/DeletesCollection persistentvolumeclaims resource", + "name": "Microsoft.ContainerService/fleets/persistentvolumeclaims/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, @@ -969483,518 +971843,377 @@ "providerName": "Microsoft.ContainerService" }, { - "description": "Reads podsecuritypolicies", - "displayName": "Gets/List podsecuritypolicies resource", - "name": "Microsoft.ContainerService/fleets/policy/podsecuritypolicies/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes podsecuritypolicies", - "displayName": "Creates/Updates podsecuritypolicies resource", - "name": "Microsoft.ContainerService/fleets/policy/podsecuritypolicies/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes podsecuritypolicies", - "displayName": "Deletes/DeletesCollection podsecuritypolicies resource", - "name": "Microsoft.ContainerService/fleets/policy/podsecuritypolicies/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Use action on podsecuritypolicies", - "displayName": "Use podsecuritypolicies resource", - "name": "Microsoft.ContainerService/fleets/policy/podsecuritypolicies/use/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads clusterrolebindings", - "displayName": "Gets/List clusterrolebindings resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterrolebindings/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes clusterrolebindings", - "displayName": "Creates/Updates clusterrolebindings resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterrolebindings/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes clusterrolebindings", - "displayName": "Deletes/DeletesCollection clusterrolebindings resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterrolebindings/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads clusterroles", - "displayName": "Gets/List clusterroles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes clusterroles", - "displayName": "Creates/Updates clusterroles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes clusterroles", - "displayName": "Deletes/DeletesCollection clusterroles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Binds clusterroles", - "displayName": "Bind clusterroles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/bind/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Escalates", - "displayName": "Escalate clusterroles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/clusterroles/escalate/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads rolebindings", - "displayName": "Gets/List rolebindings resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes rolebindings", - "displayName": "Creates/Updates rolebindings resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes rolebindings", - "displayName": "Deletes/DeletesCollection rolebindings resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/rolebindings/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads roles", - "displayName": "Gets/List roles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes roles", - "displayName": "Creates/Updates roles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes roles", - "displayName": "Deletes/DeletesCollection roles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Binds roles", - "displayName": "Bind roles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/bind/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Escalates roles", - "displayName": "Escalate roles resource", - "name": "Microsoft.ContainerService/fleets/rbac.authorization.k8s.io/roles/escalate/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads priorityclasses", - "displayName": "Gets/List priorityclasses resource", - "name": "Microsoft.ContainerService/fleets/scheduling.k8s.io/priorityclasses/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Writes priorityclasses", - "displayName": "Creates/Updates priorityclasses resource", - "name": "Microsoft.ContainerService/fleets/scheduling.k8s.io/priorityclasses/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Deletes priorityclasses", - "displayName": "Deletes/DeletesCollection priorityclasses resource", - "name": "Microsoft.ContainerService/fleets/scheduling.k8s.io/priorityclasses/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Impersonate users", - "displayName": "Impersonate users resource", - "name": "Microsoft.ContainerService/fleets/users/impersonate/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Impersonate groups", - "displayName": "Impersonate groups resource", - "name": "Microsoft.ContainerService/fleets/groups/impersonate/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Impersonate userextras", - "displayName": "Impersonate userextras resource", - "name": "Microsoft.ContainerService/fleets/authentication.k8s.io/userextras/impersonate/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Reads storageclasses", - "displayName": "Gets/List storageclasses resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/storageclasses/read", + "description": "Reads replicationcontrollers", + "displayName": "Gets/List replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes storageclasses", - "displayName": "Creates/Updates storageclasses resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/storageclasses/write", + "description": "Writes replicationcontrollers", + "displayName": "Creates/Updates replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes storageclasses", - "displayName": "Deletes/DeletesCollection storageclasses resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/storageclasses/delete", + "description": "Deletes replicationcontrollers", + "displayName": "Deletes/DeletesCollection replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads volumeattachments", - "displayName": "Gets/List volumeattachments resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/volumeattachments/read", + "description": "Reads replicationcontrollers", + "displayName": "Gets/List replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes volumeattachments", - "displayName": "Creates/Updates volumeattachments resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/volumeattachments/write", + "description": "Writes replicationcontrollers", + "displayName": "Creates/Updates replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes volumeattachments", - "displayName": "Deletes/DeletesCollection volumeattachments resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/volumeattachments/delete", + "description": "Deletes replicationcontrollers", + "displayName": "Deletes/DeletesCollection replicationcontrollers resource", + "name": "Microsoft.ContainerService/fleets/replicationcontrollers/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads csidrivers", - "displayName": "Gets/List csidrivers resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csidrivers/read", + "description": "Reads resourcequotas", + "displayName": "Gets/List resourcequotas resource", + "name": "Microsoft.ContainerService/fleets/resourcequotas/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes csidrivers", - "displayName": "Creates/Updates csidrivers resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csidrivers/write", + "description": "Reads secrets", + "displayName": "Gets/List secrets resource", + "name": "Microsoft.ContainerService/fleets/secrets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes csidrivers", - "displayName": "Deletes/DeletesCollection csidrivers resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csidrivers/delete", + "description": "Writes secrets", + "displayName": "Creates/Updates secrets resource", + "name": "Microsoft.ContainerService/fleets/secrets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Reads csinodes", - "displayName": "Gets/List csinodes resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csinodes/read", + "description": "Deletes secrets", + "displayName": "Deletes/DeletesCollection secrets resource", + "name": "Microsoft.ContainerService/fleets/secrets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Writes csinodes", - "displayName": "Creates/Updates csinodes resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csinodes/write", + "description": "Reads serviceaccounts", + "displayName": "Gets/List serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Deletes csinodes", - "displayName": "Deletes/DeletesCollection csinodes resource", - "name": "Microsoft.ContainerService/fleets/storage.k8s.io/csinodes/delete", + "description": "Writes serviceaccounts", + "displayName": "Creates/Updates serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Read fleet membercluster resource", - "displayName": "Get/List fleet membercluster resource", - "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/read", + "description": "Deletes serviceaccounts", + "displayName": "Deletes/DeletesCollection serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Write fleet membercluster resource", - "displayName": "Create/Update fleet membercluster resource", - "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/write", + "description": "Impersonate serviceaccounts", + "displayName": "Impersonate serviceaccounts resource", + "name": "Microsoft.ContainerService/fleets/serviceaccounts/impersonate/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete fleet membercluster resource", - "displayName": "Delete fleet membercluster resource", - "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/memberclusters/delete", + "description": "Reads services", + "displayName": "Gets/List services resource", + "name": "Microsoft.ContainerService/fleets/services/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Read fleet internalmembercluster resource", - "displayName": "Get/List fleet internalmembercluster resource", - "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/read", + "description": "Writes services", + "displayName": "Creates/Updates services resource", + "name": "Microsoft.ContainerService/fleets/services/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Write fleet internalmembercluster resource", - "displayName": "Create/Update fleet internalmembercluster resource", - "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/write", + "description": "Deletes services", + "displayName": "Deletes/DeletesCollection services resource", + "name": "Microsoft.ContainerService/fleets/services/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" - }, + } + ], + "rawPermissions": [ { - "description": "Delete fleet internalmembercluster resource", - "displayName": "Delete fleet internalmembercluster resource", - "name": "Microsoft.ContainerService/fleets/cluster.kubernetes-fleet.io/internalmemberclusters/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, + "actions": [ + "Microsoft.Authorization/*/read", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.ContainerService/fleets/read", + "Microsoft.ContainerService/fleets/listCredentials/action" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.ContainerService/fleets/apps/controllerrevisions/read", + "Microsoft.ContainerService/fleets/apps/daemonsets/*", + "Microsoft.ContainerService/fleets/apps/deployments/*", + "Microsoft.ContainerService/fleets/apps/statefulsets/*", + "Microsoft.ContainerService/fleets/autoscaling/horizontalpodautoscalers/*", + "Microsoft.ContainerService/fleets/batch/cronjobs/*", + "Microsoft.ContainerService/fleets/batch/jobs/*", + "Microsoft.ContainerService/fleets/configmaps/*", + "Microsoft.ContainerService/fleets/endpoints/*", + "Microsoft.ContainerService/fleets/events.k8s.io/events/read", + "Microsoft.ContainerService/fleets/events/read", + "Microsoft.ContainerService/fleets/extensions/daemonsets/*", + "Microsoft.ContainerService/fleets/extensions/deployments/*", + "Microsoft.ContainerService/fleets/extensions/ingresses/*", + "Microsoft.ContainerService/fleets/extensions/networkpolicies/*", + "Microsoft.ContainerService/fleets/limitranges/read", + "Microsoft.ContainerService/fleets/namespaces/read", + "Microsoft.ContainerService/fleets/networking.k8s.io/ingresses/*", + "Microsoft.ContainerService/fleets/networking.k8s.io/networkpolicies/*", + "Microsoft.ContainerService/fleets/persistentvolumeclaims/*", + "Microsoft.ContainerService/fleets/policy/poddisruptionbudgets/*", + "Microsoft.ContainerService/fleets/replicationcontrollers/*", + "Microsoft.ContainerService/fleets/replicationcontrollers/*", + "Microsoft.ContainerService/fleets/resourcequotas/read", + "Microsoft.ContainerService/fleets/secrets/*", + "Microsoft.ContainerService/fleets/serviceaccounts/*", + "Microsoft.ContainerService/fleets/services/*" + ], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Grants read/write access to Azure resources provided by Azure Kubernetes Fleet Manager, including fleets, fleet members, fleet update strategies, fleet update runs, etc.", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Kubernetes Fleet Manager Contributor Role", + "permittedActions": [ { - "description": "Read fleet clusterresourceplacement resource", - "displayName": "Gets/List fleet clusterresourceplacement resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/read", + "description": "Get fleet", + "displayName": "Get fleet", + "name": "Microsoft.ContainerService/fleets/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Write fleet clusterresourceplacement resource", - "displayName": "Create/Update fleet clusterresourceplacement resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/write", + "description": "Create or Update a fleet", + "displayName": "Create or Update a fleet", + "name": "Microsoft.ContainerService/fleets/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete fleet clusterresourceplacement resource", - "displayName": "Delete fleet clusterresourceplacement resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceplacements/delete", + "description": "Delete a fleet", + "displayName": "Delete a fleet", + "name": "Microsoft.ContainerService/fleets/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Read fleet clusterresourcebinding resource", - "displayName": "Gets/List fleet clusterresourcebinding resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/read", + "description": "List fleet credentials", + "displayName": "List fleet credentials", + "name": "Microsoft.ContainerService/fleets/listCredentials/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Create/Update fleet clusterresourcebinding resource", - "displayName": "Create/Update fleet clusterresourcebinding resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/write", + "description": "Get a fleet member", + "displayName": "Get a fleet member", + "name": "Microsoft.ContainerService/fleets/members/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete fleet clusterresourcebinding resource", - "displayName": "Delete fleet clusterresourcebinding resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcebindings/delete", + "description": "Create or Update a fleet member", + "displayName": "Create or Update a fleet member", + "name": "Microsoft.ContainerService/fleets/members/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Read fleet clusterresourcesnapshot resource", - "displayName": "Gets/List fleet clusterresourcesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/read", + "description": "Delete a fleet member", + "displayName": "Delete a fleet member", + "name": "Microsoft.ContainerService/fleets/members/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Write fleet clusterresourcesnapshot resource", - "displayName": "Create/Update fleet clusterresourcesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/write", + "description": "Get a fleet update run", + "displayName": "Get a fleet update run", + "name": "Microsoft.ContainerService/fleets/updateRuns/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete fleet clusterresourcesnapshot resource", - "displayName": "Delete fleet clusterresourcesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourcesnapshots/delete", + "description": "Create or Update a fleet update run", + "displayName": "Create or Update a fleet update run", + "name": "Microsoft.ContainerService/fleets/updateRuns/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Read fleet clusterschedulingpolicysnapshot resource", - "displayName": "Gets/List fleet clusterschedulingpolicysnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/read", + "description": "Delete a fleet update run", + "displayName": "Delete a fleet update run", + "name": "Microsoft.ContainerService/fleets/updateRuns/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Write fleet clusterschedulingpolicysnapshot resource", - "displayName": "Create/Update fleet clusterschedulingpolicysnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/write", + "description": "Starts a fleet update run", + "displayName": "Starts a fleet update run", + "name": "Microsoft.ContainerService/fleets/updateRuns/start/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete fleet clusterschedulingpolicysnapshot resource", - "displayName": "Delete fleet clusterschedulingpolicysnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterschedulingpolicysnapshots/delete", + "description": "Stops a fleet update run", + "displayName": "Stops a fleet update run", + "name": "Microsoft.ContainerService/fleets/updateRuns/stop/action", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Read fleet clusterresourceoverride resource", - "displayName": "Gets/List fleet clusterresourceoverride resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/read", + "description": "Get a fleet update strategy", + "displayName": "Get a fleet update strategy", + "name": "Microsoft.ContainerService/fleets/updateStrategies/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Write fleet clusterresourceoverride resource", - "displayName": "Create/Update fleet clusterresourceoverride resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/write", + "description": "Create or Update a fleet update strategy", + "displayName": "Create or Update a fleet update strategy", + "name": "Microsoft.ContainerService/fleets/updateStrategies/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete fleet clusterresourceoverride resource", - "displayName": "Delete fleet clusterresourceoverride resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverrides/delete", + "description": "Delete a fleet update strategy", + "displayName": "Delete a fleet update strategy", + "name": "Microsoft.ContainerService/fleets/updateStrategies/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Read fleet clusterresourceoverridesnapshot resource", - "displayName": "Gets/List fleet clusterresourceoverridesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/read", + "description": "Get a fleet auto upgrade profile", + "displayName": "Get a fleet auto upgrade profile", + "name": "Microsoft.ContainerService/fleets/autoUpgradeProfiles/read", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Write fleet clusterresourceoverridesnapshot resource", - "displayName": "Create/Update fleet clusterresourceoverridesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/write", + "description": "Create or Update a fleet auto upgrade profile", + "displayName": "Create or Update a fleet auto upgrade profile", + "name": "Microsoft.ContainerService/fleets/autoUpgradeProfiles/write", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Delete fleet clusterresourceoverridesnapshot resource", - "displayName": "Delete fleet clusterresourceoverridesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/clusterresourceoverridesnapshots/delete", + "description": "Delete a fleet auto upgrade profile", + "displayName": "Delete a fleet auto upgrade profile", + "name": "Microsoft.ContainerService/fleets/autoUpgradeProfiles/delete", "providerDisplayName": "Microsoft Container Service", "providerName": "Microsoft.ContainerService" }, { - "description": "Read fleet resourceoverride resource", - "displayName": "Gets/List fleet resourceoverride resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Write fleet resourceoverride resource", - "displayName": "Create/Update fleet resourceoverride resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Delete fleet resourceoverride resource", - "displayName": "Delete fleet resourceoverride resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverrides/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Read fleet resourceoverridesnapshot resource", - "displayName": "Gets/List fleet resourceoverridesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Write fleet resourceoverridesnapshot resource", - "displayName": "Create/Update fleet resourceoverridesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Delete fleet resourceoverridesnapshot resource", - "displayName": "Delete fleet resourceoverridesnapshot resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/resourceoverridesnapshots/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Read fleet work resource", - "displayName": "Gets/List fleet work resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Write fleet work resource", - "displayName": "Create/Update fleet work resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/write", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Delete fleet work resource", - "displayName": "Delete fleet work resource", - "name": "Microsoft.ContainerService/fleets/placement.kubernetes-fleet.io/works/delete", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" } ], + "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ContainerService/fleets/read", - "Microsoft.ContainerService/fleets/listCredentials/action" + "Microsoft.ContainerService/fleets/*", + "Microsoft.Resources/deployments/*" ], "condition": null, "conditionVersion": null, - "dataActions": [ - "Microsoft.ContainerService/fleets/*" - ], + "dataActions": [], "notActions": [], "notDataActions": [] } @@ -988625,6 +990844,153 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Get the list of Namespace Resource Description", "displayName": "Get Namespace Resource", @@ -1019177,6 +1021543,34 @@ } ] }, + { + "description": "Allows read access to Template Specs at the assigned scope.", + "hasExternal": false, + "hasUnknown": false, + "name": "Template Spec Reader", + "permittedActions": [ + { + "description": "Gets or lists template specs", + "displayName": "Read template spec version", + "name": "Microsoft.Resources/templateSpecs/versions/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Resources/templateSpecs/*/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Allows full access to Template Spec operations at the assigned scope.", "hasExternal": false, @@ -1019502,34 +1021896,6 @@ } ] }, - { - "description": "Allows read access to Template Specs at the assigned scope.", - "hasExternal": false, - "hasUnknown": false, - "name": "Template Spec Reader", - "permittedActions": [ - { - "description": "Gets or lists template specs", - "displayName": "Read template spec version", - "name": "Microsoft.Resources/templateSpecs/versions/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Resources/templateSpecs/*/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Microsoft Sentinel Playbook Operator", "hasExternal": false, @@ -1020164,543 +1022530,6 @@ } ] }, - { - "description": "Azure Center for SAP solutions service role - This role is intended to be used for providing the permissions to user assigned managed identity. Azure Center for SAP solutions will use this identity to deploy and manage SAP systems.", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Center for SAP solutions service role", - "permittedActions": [ - { - "description": "Creates or updates a resource group.", - "displayName": "Create Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets the list of subscriptions.", - "displayName": "Get Subscriptions", - "name": "Microsoft.Resources/subscriptions/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets a load balancer definition", - "displayName": "Get Load Balancer", - "name": "Microsoft.Network/loadBalancers/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Creates a load balancer or updates an existing load balancer", - "displayName": "Create or Update Load Balancer", - "name": "Microsoft.Network/loadBalancers/write", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets a load balancer backend address pool definition", - "displayName": "Get Load Balancer Backend Address Pool", - "name": "Microsoft.Network/loadBalancers/backendAddressPools/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Creates a load balancer backend address pool or updates an existing load balancer backend address pool", - "displayName": "Create or update load balancer backend address pool", - "name": "Microsoft.Network/loadBalancers/backendAddressPools/write", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets a load balancer frontend IP configuration definition", - "displayName": "Get Load Balancer Frontend IP Configuration", - "name": "Microsoft.Network/loadBalancers/frontendIPConfigurations/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets a load balancer load balancing rule definition", - "displayName": "Get Load Balancer Load Balancing Rule", - "name": "Microsoft.Network/loadBalancers/loadBalancingRules/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets a load balancer inbound nat rule definition", - "displayName": "Get Load Balancer Inbound Nat Rule", - "name": "Microsoft.Network/loadBalancers/inboundNatRules/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets the events for Load Balancer", - "displayName": "Get Load Balancer Event Log Definitions", - "name": "Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets references to all the network interfaces under a load balancer", - "displayName": "Get Load Balancer Network Interfaces", - "name": "Microsoft.Network/loadBalancers/networkInterfaces/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets a load balancer outbound rule definition", - "displayName": "Get Load Balancer Outbound Rule", - "name": "Microsoft.Network/loadBalancers/outboundRules/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets references to all the virtual machines under a load balancer", - "displayName": "Get Load Balancer Virtual Machines", - "name": "Microsoft.Network/loadBalancers/virtualMachines/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets the available metrics for Load Balancer", - "displayName": "Read Load Balancer metric definitions", - "name": "Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets a network interface definition. ", - "displayName": "Get Network Interface", - "name": "Microsoft.Network/networkInterfaces/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Creates a network interface or updates an existing network interface. ", - "displayName": "Create or Update Network Interface", - "name": "Microsoft.Network/networkInterfaces/write", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets a network interface ip configuration definition. ", - "displayName": "Get Network Interface IP Configuration", - "name": "Microsoft.Network/networkInterfaces/ipconfigurations/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets all the load balancers that the network interface is part of", - "displayName": "Get Network Interface Load Balancers", - "name": "Microsoft.Network/networkInterfaces/loadBalancers/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Get the virtual network definition", - "displayName": "Get Virtual Network", - "name": "Microsoft.Network/virtualNetworks/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Check if Ip Address is available at the specified virtual network", - "displayName": "Check Ip Address Availability", - "name": "Microsoft.Network/virtualNetworks/checkIpAddressAvailability/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets a virtual network subnet definition", - "displayName": "Get Virtual Network Subnet", - "name": "Microsoft.Network/virtualNetworks/subnets/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets references to all the virtual machines in a virtual network subnet", - "displayName": "Get Virtual Network Subnet Virtual Machines", - "name": "Microsoft.Network/virtualNetworks/subnets/virtualMachines/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets references to all the virtual machines in a virtual network", - "displayName": "Get Virtual Network Virtual Machines", - "name": "Microsoft.Network/virtualNetworks/virtualMachines/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Joins a Network Interface IP Configuration. Not alertable.", - "displayName": "Join Network Interface IP Configuration.", - "name": "Microsoft.Network/networkInterfaces/ipconfigurations/join/action", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets an private endpoint resource.", - "displayName": "Get an private endpoint resource.", - "name": "Microsoft.Network/privateEndpoints/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Creates a new private endpoint, or updates an existing private endpoint.", - "displayName": "Create or update an private endpoint.", - "name": "Microsoft.Network/privateEndpoints/write", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Joins a Virtual Machine to a network interface. Not Alertable.", - "displayName": "Join Virtual Machine to a network interface.", - "name": "Microsoft.Network/networkInterfaces/join/action", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Joins a load balancer backend address pool. Not Alertable.", - "displayName": "Join Load Balancer Backend Address Pool.", - "name": "Microsoft.Network/loadBalancers/backendAddressPools/join/action", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Joins a Load Balancer Frontend IP Configuration. Not alertable.", - "displayName": "Join Load Balancer Frontend IP Configuration.", - "name": "Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Joins a virtual network. Not Alertable.", - "displayName": "Join Virtual Network.", - "name": "Microsoft.Network/virtualNetworks/subnets/join/action", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Joins a load balancer to virtual network subnets", - "displayName": "Join load balancer to virtual network subnets", - "name": "Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Returns the list of storage accounts or gets the properties for the specified storage account.", - "displayName": "List/Get Storage Account(s)", - "name": "Microsoft.Storage/storageAccounts/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Creates a storage account with the specified parameters or update the properties or tags or adds custom domain for the specified storage account.", - "displayName": "Create/Update Storage Account", - "name": "Microsoft.Storage/storageAccounts/write", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Approve Private Endpoint Connections", - "displayName": "Approve Private Endpoint Connections", - "name": "Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "List blob services", - "displayName": "List Blob Services", - "name": "Microsoft.Storage/storageAccounts/blobServices/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Returns a container", - "displayName": "Get blob container", - "name": "Microsoft.Storage/storageAccounts/blobServices/containers/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "List file services", - "displayName": "List File Services", - "name": "Microsoft.Storage/storageAccounts/fileServices/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Put file service properties", - "displayName": "Put File Service Properties", - "name": "Microsoft.Storage/storageAccounts/fileServices/write", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Get file share", - "displayName": "Get File Share", - "name": "Microsoft.Storage/storageAccounts/fileServices/shares/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Create or update file share", - "displayName": "Put File Share", - "name": "Microsoft.Storage/storageAccounts/fileServices/shares/write", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Get the properties of a virtual machine", - "displayName": "Get Virtual Machine", - "name": "Microsoft.Compute/virtualMachines/read", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Creates a new virtual machine or updates an existing virtual machine", - "displayName": "Create or Update Virtual Machine", - "name": "Microsoft.Compute/virtualMachines/write", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Gets the detailed runtime status of the virtual machine and its resources", - "displayName": "Get Virtual Machine Instance View", - "name": "Microsoft.Compute/virtualMachines/instanceView/read", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Get the properties of an availability set", - "displayName": "Get Availablity Set", - "name": "Microsoft.Compute/availabilitySets/read", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Creates a new availability set or updates an existing one", - "displayName": "Create or Update Availability Set", - "name": "Microsoft.Compute/availabilitySets/write", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Gets the list of Microsoft.Compute SKUs available for your Subscription", - "displayName": "Gets the list of Microsoft.Compute SKUs available for your Subscription", - "name": "Microsoft.Compute/skus/read", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Get the properties of an SSH public key", - "displayName": "Get SSH Public Key", - "name": "Microsoft.Compute/sshPublicKeys/read", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Get the properties of a virtual machine extension", - "displayName": "Get Virtual Machine Extension", - "name": "Microsoft.Compute/virtualMachines/extensions/read", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Creates a new virtual machine extension or updates an existing one", - "displayName": "Create or Update Virtual Machine Extension", - "name": "Microsoft.Compute/virtualMachines/extensions/write", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Deletes the virtual machine extension", - "displayName": "Delete Virtual Machine Extension", - "name": "Microsoft.Compute/virtualMachines/extensions/delete", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Get the properties of a Disk", - "displayName": "Get Disk", - "name": "Microsoft.Compute/disks/read", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Creates a new Disk or updates an existing one", - "displayName": "Create or Update Disk", - "name": "Microsoft.Compute/disks/write", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Resources/subscriptions/resourceGroups/write", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourcegroups/deployments/*", - "Microsoft.Network/loadBalancers/read", - "Microsoft.Network/loadBalancers/write", - "Microsoft.Network/loadBalancers/backendAddressPools/read", - "Microsoft.Network/loadBalancers/backendAddressPools/write", - "Microsoft.Network/loadBalancers/frontendIPConfigurations/read", - "Microsoft.Network/loadBalancers/loadBalancingRules/read", - "Microsoft.Network/loadBalancers/inboundNatRules/read", - "Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read", - "Microsoft.Network/loadBalancers/networkInterfaces/read", - "Microsoft.Network/loadBalancers/outboundRules/read", - "Microsoft.Network/loadBalancers/virtualMachines/read", - "Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read", - "Microsoft.Network/networkInterfaces/read", - "Microsoft.Network/networkInterfaces/write", - "Microsoft.Network/networkInterfaces/ipconfigurations/read", - "Microsoft.Network/networkInterfaces/loadBalancers/read", - "Microsoft.Network/virtualNetworks/read", - "Microsoft.Network/virtualNetworks/checkIpAddressAvailability/read", - "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/virtualNetworks/subnets/virtualMachines/read", - "Microsoft.Network/virtualNetworks/virtualMachines/read", - "Microsoft.Network/networkInterfaces/ipconfigurations/join/action", - "Microsoft.Network/privateEndpoints/read", - "Microsoft.Network/privateEndpoints/write", - "Microsoft.Network/networkInterfaces/join/action", - "Microsoft.Network/loadBalancers/backendAddressPools/join/action", - "Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action", - "Microsoft.Network/virtualNetworks/subnets/join/action", - "Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action", - "Microsoft.Storage/storageAccounts/read", - "Microsoft.Storage/storageAccounts/write", - "Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action", - "Microsoft.Storage/storageAccounts/blobServices/read", - "Microsoft.Storage/storageAccounts/blobServices/containers/read", - "Microsoft.Storage/storageAccounts/fileServices/read", - "Microsoft.Storage/storageAccounts/fileServices/write", - "Microsoft.Storage/storageAccounts/fileServices/shares/read", - "Microsoft.Storage/storageAccounts/fileServices/shares/write", - "Microsoft.Compute/virtualMachines/read", - "Microsoft.Compute/virtualMachines/write", - "Microsoft.Compute/virtualMachines/instanceView/read", - "Microsoft.Compute/availabilitySets/read", - "Microsoft.Compute/availabilitySets/write", - "Microsoft.Compute/skus/read", - "Microsoft.Compute/sshPublicKeys/read", - "Microsoft.Compute/virtualMachines/extensions/read", - "Microsoft.Compute/virtualMachines/extensions/write", - "Microsoft.Compute/virtualMachines/extensions/delete", - "Microsoft.Compute/disks/read", - "Microsoft.Compute/disks/write" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "This role provides read access to all capabilities of Azure Center for SAP solutions.", "hasExternal": false, @@ -1021209,31 +1023038,540 @@ "rawPermissions": [ { "actions": [ - "Microsoft.Advisor/configurations/read", - "Microsoft.Advisor/recommendations/read", - "Microsoft.Workloads/sapvirtualInstances/*/read", - "Microsoft.Workloads/Locations/*/read", - "Microsoft.Workloads/Operations/read", - "Microsoft.Workloads/Locations/OperationStatuses/read", + "Microsoft.Advisor/configurations/read", + "Microsoft.Advisor/recommendations/read", + "Microsoft.Workloads/sapvirtualInstances/*/read", + "Microsoft.Workloads/Locations/*/read", + "Microsoft.Workloads/Operations/read", + "Microsoft.Workloads/Locations/OperationStatuses/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Insights/alertRules/read", + "Microsoft.Insights/metrics/read", + "Microsoft.Insights/metricDefinitions/read", + "Microsoft.Resources/deployments/read", + "Microsoft.Authorization/*/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", + "Microsoft.ResourceHealth/availabilityStatuses/read", + "Microsoft.Network/virtualNetworks/read", + "Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read", + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Network/virtualNetworks/subnets/virtualMachines/read", + "Microsoft.Network/networkInterfaces/read", + "Microsoft.Network/networkInterfaces/ipconfigurations/read", + "Microsoft.Network/networkInterfaces/loadBalancers/read", + "Microsoft.Network/networkInterfaces/providers/Microsoft.Insights/metricDefinitions/read", + "Microsoft.Network/loadBalancers/read", + "Microsoft.Network/loadBalancers/backendAddressPools/read", + "Microsoft.Network/loadBalancers/frontendIPConfigurations/read", + "Microsoft.Network/loadBalancers/loadBalancingRules/read", + "Microsoft.Network/loadBalancers/inboundNatRules/read", + "Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read", + "Microsoft.Network/loadBalancers/networkInterfaces/read", + "Microsoft.Network/loadBalancers/outboundRules/read", + "Microsoft.Network/loadBalancers/virtualMachines/read", + "Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read", + "Microsoft.Network/privateEndpoints/read", + "Microsoft.Storage/storageAccounts/read", + "Microsoft.Storage/storageAccounts/blobServices/read", + "Microsoft.Storage/storageAccounts/blobServices/containers/read", + "Microsoft.Storage/storageAccounts/fileServices/read", + "Microsoft.Storage/storageAccounts/fileServices/shares/read", + "Microsoft.Compute/virtualMachines/read", + "Microsoft.Compute/availabilitySets/read", + "Microsoft.Compute/virtualMachines/extensions/read", + "Microsoft.Compute/disks/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Azure Center for SAP solutions service role - This role is intended to be used for providing the permissions to user assigned managed identity. Azure Center for SAP solutions will use this identity to deploy and manage SAP systems.", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Center for SAP solutions service role", + "permittedActions": [ + { + "description": "Creates or updates a resource group.", + "displayName": "Create Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets the list of subscriptions.", + "displayName": "Get Subscriptions", + "name": "Microsoft.Resources/subscriptions/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets a load balancer definition", + "displayName": "Get Load Balancer", + "name": "Microsoft.Network/loadBalancers/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Creates a load balancer or updates an existing load balancer", + "displayName": "Create or Update Load Balancer", + "name": "Microsoft.Network/loadBalancers/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets a load balancer backend address pool definition", + "displayName": "Get Load Balancer Backend Address Pool", + "name": "Microsoft.Network/loadBalancers/backendAddressPools/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Creates a load balancer backend address pool or updates an existing load balancer backend address pool", + "displayName": "Create or update load balancer backend address pool", + "name": "Microsoft.Network/loadBalancers/backendAddressPools/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets a load balancer frontend IP configuration definition", + "displayName": "Get Load Balancer Frontend IP Configuration", + "name": "Microsoft.Network/loadBalancers/frontendIPConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets a load balancer load balancing rule definition", + "displayName": "Get Load Balancer Load Balancing Rule", + "name": "Microsoft.Network/loadBalancers/loadBalancingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets a load balancer inbound nat rule definition", + "displayName": "Get Load Balancer Inbound Nat Rule", + "name": "Microsoft.Network/loadBalancers/inboundNatRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets the events for Load Balancer", + "displayName": "Get Load Balancer Event Log Definitions", + "name": "Microsoft.Network/loadBalancers/providers/Microsoft.Insights/logDefinitions/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets references to all the network interfaces under a load balancer", + "displayName": "Get Load Balancer Network Interfaces", + "name": "Microsoft.Network/loadBalancers/networkInterfaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets a load balancer outbound rule definition", + "displayName": "Get Load Balancer Outbound Rule", + "name": "Microsoft.Network/loadBalancers/outboundRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets references to all the virtual machines under a load balancer", + "displayName": "Get Load Balancer Virtual Machines", + "name": "Microsoft.Network/loadBalancers/virtualMachines/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets the available metrics for Load Balancer", + "displayName": "Read Load Balancer metric definitions", + "name": "Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets a network interface definition. ", + "displayName": "Get Network Interface", + "name": "Microsoft.Network/networkInterfaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Creates a network interface or updates an existing network interface. ", + "displayName": "Create or Update Network Interface", + "name": "Microsoft.Network/networkInterfaces/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets a network interface ip configuration definition. ", + "displayName": "Get Network Interface IP Configuration", + "name": "Microsoft.Network/networkInterfaces/ipconfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets all the load balancers that the network interface is part of", + "displayName": "Get Network Interface Load Balancers", + "name": "Microsoft.Network/networkInterfaces/loadBalancers/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get the virtual network definition", + "displayName": "Get Virtual Network", + "name": "Microsoft.Network/virtualNetworks/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Check if Ip Address is available at the specified virtual network", + "displayName": "Check Ip Address Availability", + "name": "Microsoft.Network/virtualNetworks/checkIpAddressAvailability/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets a virtual network subnet definition", + "displayName": "Get Virtual Network Subnet", + "name": "Microsoft.Network/virtualNetworks/subnets/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets references to all the virtual machines in a virtual network subnet", + "displayName": "Get Virtual Network Subnet Virtual Machines", + "name": "Microsoft.Network/virtualNetworks/subnets/virtualMachines/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets references to all the virtual machines in a virtual network", + "displayName": "Get Virtual Network Virtual Machines", + "name": "Microsoft.Network/virtualNetworks/virtualMachines/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Joins a Network Interface IP Configuration. Not alertable.", + "displayName": "Join Network Interface IP Configuration.", + "name": "Microsoft.Network/networkInterfaces/ipconfigurations/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets an private endpoint resource.", + "displayName": "Get an private endpoint resource.", + "name": "Microsoft.Network/privateEndpoints/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Creates a new private endpoint, or updates an existing private endpoint.", + "displayName": "Create or update an private endpoint.", + "name": "Microsoft.Network/privateEndpoints/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Joins a Virtual Machine to a network interface. Not Alertable.", + "displayName": "Join Virtual Machine to a network interface.", + "name": "Microsoft.Network/networkInterfaces/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Joins a load balancer backend address pool. Not Alertable.", + "displayName": "Join Load Balancer Backend Address Pool.", + "name": "Microsoft.Network/loadBalancers/backendAddressPools/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Joins a Load Balancer Frontend IP Configuration. Not alertable.", + "displayName": "Join Load Balancer Frontend IP Configuration.", + "name": "Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Joins a virtual network. Not Alertable.", + "displayName": "Join Virtual Network.", + "name": "Microsoft.Network/virtualNetworks/subnets/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Joins a load balancer to virtual network subnets", + "displayName": "Join load balancer to virtual network subnets", + "name": "Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Returns the list of storage accounts or gets the properties for the specified storage account.", + "displayName": "List/Get Storage Account(s)", + "name": "Microsoft.Storage/storageAccounts/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Creates a storage account with the specified parameters or update the properties or tags or adds custom domain for the specified storage account.", + "displayName": "Create/Update Storage Account", + "name": "Microsoft.Storage/storageAccounts/write", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Approve Private Endpoint Connections", + "displayName": "Approve Private Endpoint Connections", + "name": "Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "List blob services", + "displayName": "List Blob Services", + "name": "Microsoft.Storage/storageAccounts/blobServices/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Returns a container", + "displayName": "Get blob container", + "name": "Microsoft.Storage/storageAccounts/blobServices/containers/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "List file services", + "displayName": "List File Services", + "name": "Microsoft.Storage/storageAccounts/fileServices/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Put file service properties", + "displayName": "Put File Service Properties", + "name": "Microsoft.Storage/storageAccounts/fileServices/write", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Get file share", + "displayName": "Get File Share", + "name": "Microsoft.Storage/storageAccounts/fileServices/shares/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Create or update file share", + "displayName": "Put File Share", + "name": "Microsoft.Storage/storageAccounts/fileServices/shares/write", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Get the properties of a virtual machine", + "displayName": "Get Virtual Machine", + "name": "Microsoft.Compute/virtualMachines/read", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Creates a new virtual machine or updates an existing virtual machine", + "displayName": "Create or Update Virtual Machine", + "name": "Microsoft.Compute/virtualMachines/write", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Gets the detailed runtime status of the virtual machine and its resources", + "displayName": "Get Virtual Machine Instance View", + "name": "Microsoft.Compute/virtualMachines/instanceView/read", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Get the properties of an availability set", + "displayName": "Get Availablity Set", + "name": "Microsoft.Compute/availabilitySets/read", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Creates a new availability set or updates an existing one", + "displayName": "Create or Update Availability Set", + "name": "Microsoft.Compute/availabilitySets/write", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Gets the list of Microsoft.Compute SKUs available for your Subscription", + "displayName": "Gets the list of Microsoft.Compute SKUs available for your Subscription", + "name": "Microsoft.Compute/skus/read", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Get the properties of an SSH public key", + "displayName": "Get SSH Public Key", + "name": "Microsoft.Compute/sshPublicKeys/read", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Get the properties of a virtual machine extension", + "displayName": "Get Virtual Machine Extension", + "name": "Microsoft.Compute/virtualMachines/extensions/read", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Creates a new virtual machine extension or updates an existing one", + "displayName": "Create or Update Virtual Machine Extension", + "name": "Microsoft.Compute/virtualMachines/extensions/write", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Deletes the virtual machine extension", + "displayName": "Delete Virtual Machine Extension", + "name": "Microsoft.Compute/virtualMachines/extensions/delete", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Get the properties of a Disk", + "displayName": "Get Disk", + "name": "Microsoft.Compute/disks/read", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Creates a new Disk or updates an existing one", + "displayName": "Create or Update Disk", + "name": "Microsoft.Compute/disks/write", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Resources/subscriptions/resourceGroups/write", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Insights/alertRules/read", - "Microsoft.Insights/metrics/read", - "Microsoft.Insights/metricDefinitions/read", - "Microsoft.Resources/deployments/read", - "Microsoft.Authorization/*/read", + "Microsoft.Resources/deployments/*", "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", - "Microsoft.ResourceHealth/availabilityStatuses/read", - "Microsoft.Network/virtualNetworks/read", - "Microsoft.Network/virtualNetworks/providers/Microsoft.Insights/metricDefinitions/read", - "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/virtualNetworks/subnets/virtualMachines/read", - "Microsoft.Network/networkInterfaces/read", - "Microsoft.Network/networkInterfaces/ipconfigurations/read", - "Microsoft.Network/networkInterfaces/loadBalancers/read", - "Microsoft.Network/networkInterfaces/providers/Microsoft.Insights/metricDefinitions/read", + "Microsoft.Resources/subscriptions/resourcegroups/deployments/*", "Microsoft.Network/loadBalancers/read", + "Microsoft.Network/loadBalancers/write", "Microsoft.Network/loadBalancers/backendAddressPools/read", + "Microsoft.Network/loadBalancers/backendAddressPools/write", "Microsoft.Network/loadBalancers/frontendIPConfigurations/read", "Microsoft.Network/loadBalancers/loadBalancingRules/read", "Microsoft.Network/loadBalancers/inboundNatRules/read", @@ -1021242,16 +1023580,44 @@ "Microsoft.Network/loadBalancers/outboundRules/read", "Microsoft.Network/loadBalancers/virtualMachines/read", "Microsoft.Network/loadBalancers/providers/Microsoft.Insights/metricDefinitions/read", + "Microsoft.Network/networkInterfaces/read", + "Microsoft.Network/networkInterfaces/write", + "Microsoft.Network/networkInterfaces/ipconfigurations/read", + "Microsoft.Network/networkInterfaces/loadBalancers/read", + "Microsoft.Network/virtualNetworks/read", + "Microsoft.Network/virtualNetworks/checkIpAddressAvailability/read", + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Network/virtualNetworks/subnets/virtualMachines/read", + "Microsoft.Network/virtualNetworks/virtualMachines/read", + "Microsoft.Network/networkInterfaces/ipconfigurations/join/action", "Microsoft.Network/privateEndpoints/read", + "Microsoft.Network/privateEndpoints/write", + "Microsoft.Network/networkInterfaces/join/action", + "Microsoft.Network/loadBalancers/backendAddressPools/join/action", + "Microsoft.Network/loadBalancers/frontendIPConfigurations/join/action", + "Microsoft.Network/virtualNetworks/subnets/join/action", + "Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action", "Microsoft.Storage/storageAccounts/read", + "Microsoft.Storage/storageAccounts/write", + "Microsoft.Storage/storageAccounts/PrivateEndpointConnectionsApproval/action", "Microsoft.Storage/storageAccounts/blobServices/read", "Microsoft.Storage/storageAccounts/blobServices/containers/read", "Microsoft.Storage/storageAccounts/fileServices/read", + "Microsoft.Storage/storageAccounts/fileServices/write", "Microsoft.Storage/storageAccounts/fileServices/shares/read", + "Microsoft.Storage/storageAccounts/fileServices/shares/write", "Microsoft.Compute/virtualMachines/read", + "Microsoft.Compute/virtualMachines/write", + "Microsoft.Compute/virtualMachines/instanceView/read", "Microsoft.Compute/availabilitySets/read", + "Microsoft.Compute/availabilitySets/write", + "Microsoft.Compute/skus/read", + "Microsoft.Compute/sshPublicKeys/read", "Microsoft.Compute/virtualMachines/extensions/read", - "Microsoft.Compute/disks/read" + "Microsoft.Compute/virtualMachines/extensions/write", + "Microsoft.Compute/virtualMachines/extensions/delete", + "Microsoft.Compute/disks/read", + "Microsoft.Compute/disks/write" ], "condition": null, "conditionVersion": null, @@ -1023785,42 +1026151,6 @@ } ] }, - { - "description": "List cluster monitoring user credential action.", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Kubernetes Service Cluster Monitoring User", - "permittedActions": [ - { - "description": "List the clusterMonitoringUser credential of a managed cluster", - "displayName": "List clusterMonitoringUser credential", - "name": "Microsoft.ContainerService/managedClusters/listClusterMonitoringUserCredential/action", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - }, - { - "description": "Get a managed cluster", - "displayName": "Get Managed Cluster", - "name": "Microsoft.ContainerService/managedClusters/read", - "providerDisplayName": "Microsoft Container Service", - "providerName": "Microsoft.ContainerService" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.ContainerService/managedClusters/listClusterMonitoringUserCredential/action", - "Microsoft.ContainerService/managedClusters/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "View all containerapp resources, but does not allow you to make any changes.", "hasExternal": false, @@ -1024197,6 +1026527,42 @@ } ] }, + { + "description": "List cluster monitoring user credential action.", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Kubernetes Service Cluster Monitoring User", + "permittedActions": [ + { + "description": "List the clusterMonitoringUser credential of a managed cluster", + "displayName": "List clusterMonitoringUser credential", + "name": "Microsoft.ContainerService/managedClusters/listClusterMonitoringUserCredential/action", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + }, + { + "description": "Get a managed cluster", + "displayName": "Get Managed Cluster", + "name": "Microsoft.ContainerService/managedClusters/read", + "providerDisplayName": "Microsoft Container Service", + "providerName": "Microsoft.ContainerService" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.ContainerService/managedClusters/listClusterMonitoringUserCredential/action", + "Microsoft.ContainerService/managedClusters/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Custom Role for AzureStackHCI RP to manage hybrid compute machines and hybrid connectivity endpoints in a resource group", "hasExternal": false, @@ -1025812,198 +1028178,6 @@ } ] }, - { - "description": "Provide access to CWUM Solution by Bayer Ag Powered Services", - "hasExternal": false, - "hasUnknown": false, - "name": "Bayer Ag Powered Services CWUM Solution", - "permittedActions": [], - "permittedDataActions": [ - { - "description": "Gets or Lists existing AgFoodPlatform parties resource(s).", - "displayName": "Get or List AgFoodPlatform parties resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/read", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Gets or Lists existing AgFoodPlatform boundaries resource(s).", - "displayName": "Get or List AgFoodPlatform boundaries resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Creates or Updates AgFoodPlatform boundaries.", - "displayName": "Create or Update AgFoodPlatform boundaries.", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Gets or Lists existing AgFoodPlatform farms resource(s).", - "displayName": "Get or List AgFoodPlatform farms resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/farms/read", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Creates or Updates AgFoodPlatform farms.", - "displayName": "Create or Update AgFoodPlatform farms.", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/farms/write", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Gets or Lists existing AgFoodPlatform fields resource(s).", - "displayName": "Get or List AgFoodPlatform fields resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/fields/read", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Creates or Updates AgFoodPlatform fields.", - "displayName": "Create or Update AgFoodPlatform fields.", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/fields/write", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Gets or Lists existing AgFoodPlatform satelliteDataIngestionJobs resource(s).", - "displayName": "Get or List AgFoodPlatform satelliteDataIngestionJobs resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/read", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Creates or Updates AgFoodPlatform satelliteDataIngestionJobs.", - "displayName": "Create or Update AgFoodPlatform satelliteDataIngestionJobs.", - "name": "Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/write", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Gets or Lists existing AgFoodPlatform scenes resource(s).", - "displayName": "Get or List AgFoodPlatform scenes resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/scenes/read", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Creates or Updates AgFoodPlatform scenes.", - "displayName": "Create or Update AgFoodPlatform scenes.", - "name": "Microsoft.AgFoodPlatform/farmBeats/scenes/write", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Deletes an existing AgFoodPlatform scenes resource.", - "displayName": "Delete AgFoodPlatform scenes resource.", - "name": "Microsoft.AgFoodPlatform/farmBeats/scenes/delete", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "List(s) existing AgFoodPlatform scene resource(s).", - "displayName": "List AgFoodPlatform scene resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/scenes/list/action", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "scenes Download", - "displayName": "scenes Download", - "name": "Microsoft.AgFoodPlatform/farmBeats/scenes/download/action", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Gets or Lists existing AgFoodPlatform insight attachments resource(s).", - "displayName": "Get or List AgFoodPlatform insight attachments resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/read", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Creates or Updates AgFoodPlatform insight attachments.", - "displayName": "Create or Update AgFoodPlatform insight attachments.", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/write", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Deletes an existing AgFoodPlatform insight attachments resource.", - "displayName": "Delete AgFoodPlatform insight attachments resource.", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/delete", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "List(s) existing AgFoodPlatform insight attachment resource(s).", - "displayName": "List AgFoodPlatform insight attachment resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/list/action", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "insights Download", - "displayName": "insights Download", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/download/action", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Gets or Lists existing AgFoodPlatform insights resource(s).", - "displayName": "Get or List AgFoodPlatform insights resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/read", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Creates or Updates AgFoodPlatform insights.", - "displayName": "Create or Update AgFoodPlatform insights.", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/write", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "Deletes an existing AgFoodPlatform insights resource.", - "displayName": "Delete AgFoodPlatform insights resource.", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/delete", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - }, - { - "description": "List(s) existing AgFoodPlatform insight resource(s).", - "displayName": "List AgFoodPlatform insight resource(s).", - "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/list/action", - "providerDisplayName": "Microsoft AgFoodPlatform", - "providerName": "Microsoft.AgFoodPlatform" - } - ], - "rawPermissions": [ - { - "actions": [], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.AgFoodPlatform/farmBeats/parties/read", - "Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read", - "Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write", - "Microsoft.AgFoodPlatform/farmBeats/parties/farms/read", - "Microsoft.AgFoodPlatform/farmBeats/parties/farms/write", - "Microsoft.AgFoodPlatform/farmBeats/parties/fields/read", - "Microsoft.AgFoodPlatform/farmBeats/parties/fields/write", - "Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*", - "Microsoft.AgFoodPlatform/farmBeats/scenes/*", - "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*", - "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*" - ], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Role for SqlVM migration", "hasExternal": false, @@ -1026232,6 +1028406,198 @@ } ] }, + { + "description": "Provide access to CWUM Solution by Bayer Ag Powered Services", + "hasExternal": false, + "hasUnknown": false, + "name": "Bayer Ag Powered Services CWUM Solution", + "permittedActions": [], + "permittedDataActions": [ + { + "description": "Gets or Lists existing AgFoodPlatform parties resource(s).", + "displayName": "Get or List AgFoodPlatform parties resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/read", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "Gets or Lists existing AgFoodPlatform boundaries resource(s).", + "displayName": "Get or List AgFoodPlatform boundaries resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "Creates or Updates AgFoodPlatform boundaries.", + "displayName": "Create or Update AgFoodPlatform boundaries.", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "Gets or Lists existing AgFoodPlatform farms resource(s).", + "displayName": "Get or List AgFoodPlatform farms resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/farms/read", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "Creates or Updates AgFoodPlatform farms.", + "displayName": "Create or Update AgFoodPlatform farms.", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/farms/write", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "Gets or Lists existing AgFoodPlatform fields resource(s).", + "displayName": "Get or List AgFoodPlatform fields resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/fields/read", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "Creates or Updates AgFoodPlatform fields.", + "displayName": "Create or Update AgFoodPlatform fields.", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/fields/write", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "Gets or Lists existing AgFoodPlatform satelliteDataIngestionJobs resource(s).", + "displayName": "Get or List AgFoodPlatform satelliteDataIngestionJobs resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/read", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "Creates or Updates AgFoodPlatform satelliteDataIngestionJobs.", + "displayName": "Create or Update AgFoodPlatform satelliteDataIngestionJobs.", + "name": "Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/write", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "Gets or Lists existing AgFoodPlatform scenes resource(s).", + "displayName": "Get or List AgFoodPlatform scenes resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/scenes/read", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "Creates or Updates AgFoodPlatform scenes.", + "displayName": "Create or Update AgFoodPlatform scenes.", + "name": "Microsoft.AgFoodPlatform/farmBeats/scenes/write", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "Deletes an existing AgFoodPlatform scenes resource.", + "displayName": "Delete AgFoodPlatform scenes resource.", + "name": "Microsoft.AgFoodPlatform/farmBeats/scenes/delete", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "List(s) existing AgFoodPlatform scene resource(s).", + "displayName": "List AgFoodPlatform scene resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/scenes/list/action", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "scenes Download", + "displayName": "scenes Download", + "name": "Microsoft.AgFoodPlatform/farmBeats/scenes/download/action", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "Gets or Lists existing AgFoodPlatform insight attachments resource(s).", + "displayName": "Get or List AgFoodPlatform insight attachments resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/read", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "Creates or Updates AgFoodPlatform insight attachments.", + "displayName": "Create or Update AgFoodPlatform insight attachments.", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/write", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "Deletes an existing AgFoodPlatform insight attachments resource.", + "displayName": "Delete AgFoodPlatform insight attachments resource.", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/delete", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "List(s) existing AgFoodPlatform insight attachment resource(s).", + "displayName": "List AgFoodPlatform insight attachment resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/list/action", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "insights Download", + "displayName": "insights Download", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/download/action", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "Gets or Lists existing AgFoodPlatform insights resource(s).", + "displayName": "Get or List AgFoodPlatform insights resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/read", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "Creates or Updates AgFoodPlatform insights.", + "displayName": "Create or Update AgFoodPlatform insights.", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/write", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "Deletes an existing AgFoodPlatform insights resource.", + "displayName": "Delete AgFoodPlatform insights resource.", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/delete", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + }, + { + "description": "List(s) existing AgFoodPlatform insight resource(s).", + "displayName": "List AgFoodPlatform insight resource(s).", + "name": "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/list/action", + "providerDisplayName": "Microsoft AgFoodPlatform", + "providerName": "Microsoft.AgFoodPlatform" + } + ], + "rawPermissions": [ + { + "actions": [], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.AgFoodPlatform/farmBeats/parties/read", + "Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/read", + "Microsoft.AgFoodPlatform/farmBeats/parties/boundaries/write", + "Microsoft.AgFoodPlatform/farmBeats/parties/farms/read", + "Microsoft.AgFoodPlatform/farmBeats/parties/farms/write", + "Microsoft.AgFoodPlatform/farmBeats/parties/fields/read", + "Microsoft.AgFoodPlatform/farmBeats/parties/fields/write", + "Microsoft.AgFoodPlatform/farmBeats/ingestionJobs/satelliteDataIngestionJobs/*", + "Microsoft.AgFoodPlatform/farmBeats/scenes/*", + "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insightAttachments/*", + "Microsoft.AgFoodPlatform/farmBeats/parties/models/resourceTypes/resources/insights/*" + ], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "For internal use within Azure. Can manage Azure Front Door domains, but can't grant access to other users.", "hasExternal": false, @@ -1026293,10 +1028659,10 @@ ] }, { - "description": "For internal use within Azure. Can view Azure Front Door secrets, but can't make changes.", + "description": "For internal use within Azure. Can manage Azure Front Door secrets, but can't grant access to other users.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Front Door Secret Reader", + "name": "Azure Front Door Secret Contributor", "permittedActions": [ { "description": null, @@ -1026312,6 +1028678,20 @@ "providerDisplayName": "Microsoft.Cdn", "providerName": "Microsoft.Cdn" }, + { + "description": null, + "displayName": "write", + "name": "Microsoft.Cdn/profiles/secrets/write", + "providerDisplayName": "Microsoft.Cdn", + "providerName": "Microsoft.Cdn" + }, + { + "description": null, + "displayName": "delete", + "name": "Microsoft.Cdn/profiles/secrets/delete", + "providerDisplayName": "Microsoft.Cdn", + "providerName": "Microsoft.Cdn" + }, { "description": "Gets or lists resource groups.", "displayName": "Get Resource Group", @@ -1026326,6 +1028706,8 @@ "actions": [ "Microsoft.Cdn/operationresults/profileresults/secretresults/read", "Microsoft.Cdn/profiles/secrets/read", + "Microsoft.Cdn/profiles/secrets/write", + "Microsoft.Cdn/profiles/secrets/delete", "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, @@ -1026337,36 +1028719,66 @@ ] }, { - "description": "For internal use within Azure. Can manage Azure Front Door secrets, but can't grant access to other users.", + "description": "For internal use within Azure. Can view Azure Front Door domains, but can't make changes.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Front Door Secret Contributor", + "name": "Azure Front Door Domain Reader", "permittedActions": [ { "description": null, "displayName": "read", - "name": "Microsoft.Cdn/operationresults/profileresults/secretresults/read", + "name": "Microsoft.Cdn/operationresults/profileresults/customdomainresults/read", "providerDisplayName": "Microsoft.Cdn", "providerName": "Microsoft.Cdn" }, { "description": null, "displayName": "read", - "name": "Microsoft.Cdn/profiles/secrets/read", + "name": "Microsoft.Cdn/profiles/customdomains/read", "providerDisplayName": "Microsoft.Cdn", "providerName": "Microsoft.Cdn" }, + { + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Cdn/operationresults/profileresults/customdomainresults/read", + "Microsoft.Cdn/profiles/customdomains/read", + "Microsoft.Resources/subscriptions/resourceGroups/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "For internal use within Azure. Can view Azure Front Door secrets, but can't make changes.", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Front Door Secret Reader", + "permittedActions": [ { "description": null, - "displayName": "write", - "name": "Microsoft.Cdn/profiles/secrets/write", + "displayName": "read", + "name": "Microsoft.Cdn/operationresults/profileresults/secretresults/read", "providerDisplayName": "Microsoft.Cdn", "providerName": "Microsoft.Cdn" }, { "description": null, - "displayName": "delete", - "name": "Microsoft.Cdn/profiles/secrets/delete", + "displayName": "read", + "name": "Microsoft.Cdn/profiles/secrets/read", "providerDisplayName": "Microsoft.Cdn", "providerName": "Microsoft.Cdn" }, @@ -1026384,8 +1028796,6 @@ "actions": [ "Microsoft.Cdn/operationresults/profileresults/secretresults/read", "Microsoft.Cdn/profiles/secrets/read", - "Microsoft.Cdn/profiles/secrets/write", - "Microsoft.Cdn/profiles/secrets/delete", "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, @@ -1026397,24 +1028807,45 @@ ] }, { - "description": "For internal use within Azure. Can view Azure Front Door domains, but can't make changes.", + "description": "Grants full access to manage backup and export resources", "hasExternal": false, "hasUnknown": false, - "name": "Azure Front Door Domain Reader", + "name": "MySQL Backup And Export Operator", "permittedActions": [ { - "description": null, - "displayName": "read", - "name": "Microsoft.Cdn/operationresults/profileresults/customdomainresults/read", - "providerDisplayName": "Microsoft.Cdn", - "providerName": "Microsoft.Cdn" + "description": "Validate that the server is ready for backup.", + "displayName": "Validate MySQL Server BackupAndExport", + "name": "Microsoft.DBforMySQL/flexibleServers/validateBackup/action", + "providerDisplayName": "Microsoft DB for MySQL", + "providerName": "Microsoft.DBforMySQL" }, { - "description": null, - "displayName": "read", - "name": "Microsoft.Cdn/profiles/customdomains/read", - "providerDisplayName": "Microsoft.Cdn", - "providerName": "Microsoft.Cdn" + "description": "Creates a server backup for long term with specific backup name and export it.", + "displayName": "Create MySQL Server LTR BackupAndExport", + "name": "Microsoft.DBforMySQL/flexibleServers/backupAndExport/action", + "providerDisplayName": "Microsoft DB for MySQL", + "providerName": "Microsoft.DBforMySQL" + }, + { + "description": "Return ResourceGroup based MySQL Server Operation Results", + "displayName": "Get MySQL ResourceGroup based Server Operation Results ", + "name": "Microsoft.DBforMySQL/locations/operationResults/read", + "providerDisplayName": "Microsoft DB for MySQL", + "providerName": "Microsoft.DBforMySQL" + }, + { + "description": "Return MySQL Server Operation Results", + "displayName": "Get MySQL Server Operation Results", + "name": "Microsoft.DBforMySQL/locations/azureAsyncOperation/read", + "providerDisplayName": "Microsoft DB for MySQL", + "providerName": "Microsoft.DBforMySQL" + }, + { + "description": "Gets the list of subscriptions.", + "displayName": "Get Subscriptions", + "name": "Microsoft.Resources/subscriptions/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { "description": "Gets or lists resource groups.", @@ -1026428,8 +1028859,11 @@ "rawPermissions": [ { "actions": [ - "Microsoft.Cdn/operationresults/profileresults/customdomainresults/read", - "Microsoft.Cdn/profiles/customdomains/read", + "Microsoft.DBforMySQL/flexibleServers/validateBackup/action", + "Microsoft.DBforMySQL/flexibleServers/backupAndExport/action", + "Microsoft.DBforMySQL/locations/operationResults/read", + "Microsoft.DBforMySQL/locations/azureAsyncOperation/read", + "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, @@ -1026440,6 +1028874,642 @@ } ] }, + { + "description": "Allows user to create, modify, describe, or delete NGFirewalls.", + "hasExternal": true, + "hasUnknown": false, + "name": "LocalNGFirewallAdministrator role", + "permittedActions": [ + { + "description": "List FirewallResource resources by subscription ID", + "displayName": "Firewalls_ListBySubscription", + "name": "PaloAltoNetworks.Cloudngfw/firewalls/read", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" + }, + { + "description": "Get a FirewallResource", + "displayName": "Firewalls_Get", + "name": "PaloAltoNetworks.Cloudngfw/firewalls/read", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" + }, + { + "description": "Create a FirewallResource", + "displayName": "Firewalls_CreateOrUpdate", + "name": "PaloAltoNetworks.Cloudngfw/firewalls/write", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" + }, + { + "description": "Delete a FirewallResource", + "displayName": "Firewalls_Delete", + "name": "PaloAltoNetworks.Cloudngfw/firewalls/delete", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" + }, + { + "description": "Get Global Rulestack associated with the Firewall", + "displayName": "Firewalls_getGlobalRulestack", + "name": "PaloAltoNetworks.Cloudngfw/firewalls/getGlobalRulestack/action", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" + }, + { + "description": "Log Profile for Firewall", + "displayName": "Firewalls_getLogProfile", + "name": "PaloAltoNetworks.Cloudngfw/firewalls/getLogProfile/action", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" + }, + { + "description": "Log Profile for Firewall", + "displayName": "Firewalls_saveLogProfile", + "name": "PaloAltoNetworks.Cloudngfw/firewalls/saveLogProfile/action", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" + }, + { + "description": "List LocalRulestackResource resources by subscription ID", + "displayName": "LocalRulestacks_ListBySubscription", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/read", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" + }, + { + "description": "Get a LocalRulestackResource", + "displayName": "LocalRulestacks_Get", + "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/read", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" + }, + { + "description": "List GlobalRulestackResource resources by Tenant", + "displayName": "GlobalRulestack_List", + "name": "PaloAltoNetworks.Cloudngfw/globalRulestacks/read", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" + }, + { + "description": "read operationStatuses", + "displayName": "read_operationStatuses", + "name": "PaloAltoNetworks.Cloudngfw/Locations/operationStatuses/read", + "providerDisplayName": "PaloAltoNetworks.Cloudngfw", + "providerName": "PaloAltoNetworks.Cloudngfw" + }, + { + "description": "Creates a new workspace or links to an existing workspace by providing the customer id from the existing workspace.", + "displayName": "Create Workspace", + "name": "Microsoft.OperationalInsights/workspaces/write", + "providerDisplayName": "Azure Log Analytics", + "providerName": "Microsoft.OperationalInsights" + }, + { + "description": "Retrieves the shared keys for the workspace. These keys are used to connect Microsoft Operational Insights agents to the workspace.", + "displayName": "List Workspace Shared Keys", + "name": "Microsoft.OperationalInsights/workspaces/sharedkeys/read", + "providerDisplayName": "Azure Log Analytics", + "providerName": "Microsoft.OperationalInsights" + }, + { + "description": "Gets an existing workspace", + "displayName": "Get Workspace", + "name": "Microsoft.OperationalInsights/workspaces/read", + "providerDisplayName": "Azure Log Analytics", + "providerName": "Microsoft.OperationalInsights" + }, + { + "description": "Reads the administrators for the subscription.", + "displayName": "Get administrator", + "name": "Microsoft.Authorization/classicAdministrators/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role assignment.", + "displayName": "Get role assignment", + "name": "Microsoft.Authorization/roleAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Lists all the permissions the caller has at a given scope.", + "displayName": "List permissions", + "name": "Microsoft.Authorization/permissions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets locks at the specified scope.", + "displayName": "Get management locks", + "name": "Microsoft.Authorization/locks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role definition.", + "displayName": "Get role definition", + "name": "Microsoft.Authorization/roleDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get operations for all resource providers which can be used in role definitions.", + "displayName": "Get operations for resource providers", + "name": "Microsoft.Authorization/providerOperations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy set definition.", + "displayName": "Get policy set definition", + "name": "Microsoft.Authorization/policySetDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy definition.", + "displayName": "Get policy definition", + "name": "Microsoft.Authorization/policyDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy assignment.", + "displayName": "Get policy assignment", + "name": "Microsoft.Authorization/policyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the list of operations", + "displayName": "Get operations", + "name": "Microsoft.Authorization/operations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the administrator opreation statuses of the subscription.", + "displayName": "Get administrator operation statuses", + "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a deny assignment.", + "displayName": "Get deny assignment", + "name": "Microsoft.Authorization/denyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about resource management private link.", + "displayName": "Get Resource Management Private Link", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection proxy.", + "displayName": "Get Private Endpoint Connection Proxy", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private link association.", + "displayName": "Get Private Link Association", + "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy exemption.", + "displayName": "Get policy exemption", + "name": "Microsoft.Authorization/policyExemptions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule requests at given scope.", + "displayName": "Get Role assignment schedule request", + "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule requests at given scope.", + "displayName": "Get Role eligibility schedule request", + "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedules at given scope.", + "displayName": "Get Role assignment schedule", + "name": "Microsoft.Authorization/roleAssignmentSchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedules at given scope.", + "displayName": "Get Role eligibility schedule", + "name": "Microsoft.Authorization/roleEligibilitySchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule instances at given scope.", + "displayName": "Get Role assignment schedule instance", + "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule instances at given scope.", + "displayName": "Get Role eligibility schedule instance", + "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get Role management policies", + "displayName": "Get Role management policy", + "name": "Microsoft.Authorization/roleManagementPolicies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get role management policy assignments", + "displayName": "Get Role management policy assignment", + "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Read the information about diagnostics settings", + "displayName": "Get information about diagnostics settings", + "name": "Microsoft.Authorization/diagnosticSettings/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get the information about diagnostic settings categories", + "displayName": "Read the information about diagnostic settings categories", + "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Create or update a classic metric alert", + "displayName": "Create or update classic metric alert", + "name": "Microsoft.Insights/AlertRules/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Delete a classic metric alert", + "displayName": "Delete classic metric alert", + "name": "Microsoft.Insights/AlertRules/Delete", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert", + "displayName": "Read classic metric alert", + "name": "Microsoft.Insights/AlertRules/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert activated", + "displayName": "Classic metric alert activated", + "name": "Microsoft.Insights/AlertRules/Activated/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert resolved", + "displayName": "Classic metric alert resolved", + "name": "Microsoft.Insights/AlertRules/Resolved/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert rule throttled", + "displayName": "Classic metric alert rule throttled", + "name": "Microsoft.Insights/AlertRules/Throttled/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert incident", + "displayName": "Read classic metric alert incidents", + "name": "Microsoft.Insights/AlertRules/Incidents/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read metrics", + "displayName": "Read metrics", + "name": "Microsoft.Insights/Metrics/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read metric definitions", + "displayName": "Read metric definitions", + "name": "Microsoft.Insights/MetricDefinitions/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets the availability statuses for all resources in the specified scope", + "displayName": "Get Availability Statuses", + "name": "Microsoft.ResourceHealth/AvailabilityStatuses/read", + "providerDisplayName": "Microsoft ResourceHealth", + "providerName": "Microsoft.ResourceHealth" + }, + { + "description": "Registers Support Resource Provider", + "displayName": "Registers Support Resource Provider", + "name": "Microsoft.Support/register/action", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Looks up resource Id for resource type", + "displayName": "Look Up Resource Id", + "name": "Microsoft.Support/lookUpResourceId/action", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Checks that name is valid and not in use for resource type", + "displayName": "Check Name Availability", + "name": "Microsoft.Support/checkNameAvailability/action", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Lists one or all support tickets", + "displayName": "Reads Support Ticket", + "name": "Microsoft.Support/supportTickets/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Allows creating and updating a support ticket", + "displayName": "Writes Support Ticket", + "name": "Microsoft.Support/supportTickets/write", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Lists one or all Azure services available for support", + "displayName": "Reads Services", + "name": "Microsoft.Support/services/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Lists one or all problem classifications for an Azure service", + "displayName": "Reads Problem Classifications", + "name": "Microsoft.Support/services/problemClassifications/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Gets the result of the asynchronous operation", + "displayName": "Get Operation Result", + "name": "Microsoft.Support/operationresults/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Gets the status of the asynchronous operation", + "displayName": "Get Operation Status", + "name": "Microsoft.Support/operationsstatus/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Lists all operations available on Microsoft.Support resource provider", + "displayName": "Lists operations", + "name": "Microsoft.Support/operations/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" + }, + { + "description": "Get the virtual network definition", + "displayName": "Get Virtual Network", + "name": "Microsoft.Network/virtualNetworks/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Joins a virtual network. Not Alertable.", + "displayName": "Join Virtual Network.", + "name": "Microsoft.Network/virtualNetworks/subnets/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Creates a public Ip address or updates an existing public Ip address. ", + "displayName": "Create or Update Public Ip Address", + "name": "Microsoft.Network/publicIPAddresses/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets a public ip address definition.", + "displayName": "Get Public Ip Address", + "name": "Microsoft.Network/publicIPAddresses/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Joins a public ip address. Not Alertable.", + "displayName": "Join Public Ip Address.", + "name": "Microsoft.Network/publicIPAddresses/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get a Network Virtual Appliance", + "displayName": "Get a Network Virtual Appliance", + "name": "Microsoft.Network/networkVirtualAppliances/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Create or update a Network Virtual Appliance", + "displayName": "Create or update a Network Virtual Appliance", + "name": "Microsoft.Network/networkVirtualAppliances/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Delete a Network Virtual Appliance", + "displayName": "Delete a Network Virtual Appliance", + "name": "Microsoft.Network/networkVirtualAppliances/delete", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get a Virtual Hub", + "displayName": "Get a Virtual Hub", + "name": "Microsoft.Network/virtualHubs/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get a Virtual Wan", + "displayName": "Get a Virtual Wan", + "name": "Microsoft.Network/virtualWans/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets all Virtual Hubs that reference a Virtual Wan.", + "displayName": "Gets all Virtual Hubs that reference a Virtual Wan.", + "name": "Microsoft.Network/virtualWans/virtualHubs/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets a network security group definition", + "displayName": "Get Network Security Group", + "name": "Microsoft.Network/networkSecurityGroups/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Joins a network security group. Not Alertable.", + "displayName": "Join Network Security Group.", + "name": "Microsoft.Network/networkSecurityGroups/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "PaloAltoNetworks.Cloudngfw/firewalls/*", + "PaloAltoNetworks.Cloudngfw/localRulestacks/read", + "PaloAltoNetworks.Cloudngfw/globalRulestacks/read", + "PaloAltoNetworks.Cloudngfw/Locations/operationStatuses/read", + "Microsoft.OperationalInsights/workspaces/write", + "Microsoft.OperationalInsights/workspaces/sharedKeys/read", + "Microsoft.OperationalInsights/workspaces/read", + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.Insights/metrics/read", + "Microsoft.Insights/metricDefinitions/read", + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.ResourceHealth/availabilityStatuses/read", + "Microsoft.Support/*", + "Microsoft.Network/virtualNetworks/read", + "Microsoft.Network/virtualNetworks/subnets/join/action", + "Microsoft.Network/publicIPAddresses/write", + "Microsoft.Network/publicIPAddresses/read", + "Microsoft.Network/publicIPAddresses/join/action", + "Microsoft.Network/networkVirtualAppliances/read", + "Microsoft.Network/networkVirtualAppliances/write", + "Microsoft.Network/networkVirtualAppliances/delete", + "Microsoft.Network/virtualHubs/read", + "Microsoft.Network/virtualWans/read", + "Microsoft.Network/virtualWans/virtualHubs/read", + "Microsoft.Network/networkSecurityGroups/read", + "Microsoft.Network/networkSecurityGroups/join/action" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Grants full access to the cluster and its resources, including the ability to register Azure Stack HCI and assign others as Azure Arc HCI VM Contributor and/or Azure Arc HCI VM Reader", "hasExternal": false, @@ -1028278,710 +1031348,6 @@ } ] }, - { - "description": "Grants full access to manage backup and export resources", - "hasExternal": false, - "hasUnknown": false, - "name": "MySQL Backup And Export Operator", - "permittedActions": [ - { - "description": "Validate that the server is ready for backup.", - "displayName": "Validate MySQL Server BackupAndExport", - "name": "Microsoft.DBforMySQL/flexibleServers/validateBackup/action", - "providerDisplayName": "Microsoft DB for MySQL", - "providerName": "Microsoft.DBforMySQL" - }, - { - "description": "Creates a server backup for long term with specific backup name and export it.", - "displayName": "Create MySQL Server LTR BackupAndExport", - "name": "Microsoft.DBforMySQL/flexibleServers/backupAndExport/action", - "providerDisplayName": "Microsoft DB for MySQL", - "providerName": "Microsoft.DBforMySQL" - }, - { - "description": "Return ResourceGroup based MySQL Server Operation Results", - "displayName": "Get MySQL ResourceGroup based Server Operation Results ", - "name": "Microsoft.DBforMySQL/locations/operationResults/read", - "providerDisplayName": "Microsoft DB for MySQL", - "providerName": "Microsoft.DBforMySQL" - }, - { - "description": "Return MySQL Server Operation Results", - "displayName": "Get MySQL Server Operation Results", - "name": "Microsoft.DBforMySQL/locations/azureAsyncOperation/read", - "providerDisplayName": "Microsoft DB for MySQL", - "providerName": "Microsoft.DBforMySQL" - }, - { - "description": "Gets the list of subscriptions.", - "displayName": "Get Subscriptions", - "name": "Microsoft.Resources/subscriptions/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.DBforMySQL/flexibleServers/validateBackup/action", - "Microsoft.DBforMySQL/flexibleServers/backupAndExport/action", - "Microsoft.DBforMySQL/locations/operationResults/read", - "Microsoft.DBforMySQL/locations/azureAsyncOperation/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Allows user to create, modify, describe, or delete NGFirewalls.", - "hasExternal": true, - "hasUnknown": false, - "name": "LocalNGFirewallAdministrator role", - "permittedActions": [ - { - "description": "List FirewallResource resources by subscription ID", - "displayName": "Firewalls_ListBySubscription", - "name": "PaloAltoNetworks.Cloudngfw/firewalls/read", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Get a FirewallResource", - "displayName": "Firewalls_Get", - "name": "PaloAltoNetworks.Cloudngfw/firewalls/read", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Create a FirewallResource", - "displayName": "Firewalls_CreateOrUpdate", - "name": "PaloAltoNetworks.Cloudngfw/firewalls/write", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Delete a FirewallResource", - "displayName": "Firewalls_Delete", - "name": "PaloAltoNetworks.Cloudngfw/firewalls/delete", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Get Global Rulestack associated with the Firewall", - "displayName": "Firewalls_getGlobalRulestack", - "name": "PaloAltoNetworks.Cloudngfw/firewalls/getGlobalRulestack/action", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Log Profile for Firewall", - "displayName": "Firewalls_getLogProfile", - "name": "PaloAltoNetworks.Cloudngfw/firewalls/getLogProfile/action", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Log Profile for Firewall", - "displayName": "Firewalls_saveLogProfile", - "name": "PaloAltoNetworks.Cloudngfw/firewalls/saveLogProfile/action", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "List LocalRulestackResource resources by subscription ID", - "displayName": "LocalRulestacks_ListBySubscription", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/read", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Get a LocalRulestackResource", - "displayName": "LocalRulestacks_Get", - "name": "PaloAltoNetworks.Cloudngfw/localRulestacks/read", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "List GlobalRulestackResource resources by Tenant", - "displayName": "GlobalRulestack_List", - "name": "PaloAltoNetworks.Cloudngfw/globalRulestacks/read", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "read operationStatuses", - "displayName": "read_operationStatuses", - "name": "PaloAltoNetworks.Cloudngfw/Locations/operationStatuses/read", - "providerDisplayName": "PaloAltoNetworks.Cloudngfw", - "providerName": "PaloAltoNetworks.Cloudngfw" - }, - { - "description": "Creates a new workspace or links to an existing workspace by providing the customer id from the existing workspace.", - "displayName": "Create Workspace", - "name": "Microsoft.OperationalInsights/workspaces/write", - "providerDisplayName": "Azure Log Analytics", - "providerName": "Microsoft.OperationalInsights" - }, - { - "description": "Retrieves the shared keys for the workspace. These keys are used to connect Microsoft Operational Insights agents to the workspace.", - "displayName": "List Workspace Shared Keys", - "name": "Microsoft.OperationalInsights/workspaces/sharedkeys/read", - "providerDisplayName": "Azure Log Analytics", - "providerName": "Microsoft.OperationalInsights" - }, - { - "description": "Gets an existing workspace", - "displayName": "Get Workspace", - "name": "Microsoft.OperationalInsights/workspaces/read", - "providerDisplayName": "Azure Log Analytics", - "providerName": "Microsoft.OperationalInsights" - }, - { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Create or update a classic metric alert", - "displayName": "Create or update classic metric alert", - "name": "Microsoft.Insights/AlertRules/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Delete a classic metric alert", - "displayName": "Delete classic metric alert", - "name": "Microsoft.Insights/AlertRules/Delete", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert", - "displayName": "Read classic metric alert", - "name": "Microsoft.Insights/AlertRules/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert activated", - "displayName": "Classic metric alert activated", - "name": "Microsoft.Insights/AlertRules/Activated/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert resolved", - "displayName": "Classic metric alert resolved", - "name": "Microsoft.Insights/AlertRules/Resolved/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert rule throttled", - "displayName": "Classic metric alert rule throttled", - "name": "Microsoft.Insights/AlertRules/Throttled/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert incident", - "displayName": "Read classic metric alert incidents", - "name": "Microsoft.Insights/AlertRules/Incidents/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read metrics", - "displayName": "Read metrics", - "name": "Microsoft.Insights/Metrics/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read metric definitions", - "displayName": "Read metric definitions", - "name": "Microsoft.Insights/MetricDefinitions/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets the availability statuses for all resources in the specified scope", - "displayName": "Get Availability Statuses", - "name": "Microsoft.ResourceHealth/AvailabilityStatuses/read", - "providerDisplayName": "Microsoft ResourceHealth", - "providerName": "Microsoft.ResourceHealth" - }, - { - "description": "Registers Support Resource Provider", - "displayName": "Registers Support Resource Provider", - "name": "Microsoft.Support/register/action", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Looks up resource Id for resource type", - "displayName": "Look Up Resource Id", - "name": "Microsoft.Support/lookUpResourceId/action", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Checks that name is valid and not in use for resource type", - "displayName": "Check Name Availability", - "name": "Microsoft.Support/checkNameAvailability/action", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Lists one or all support tickets", - "displayName": "Reads Support Ticket", - "name": "Microsoft.Support/supportTickets/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Allows creating and updating a support ticket", - "displayName": "Writes Support Ticket", - "name": "Microsoft.Support/supportTickets/write", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Lists one or all Azure services available for support", - "displayName": "Reads Services", - "name": "Microsoft.Support/services/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Lists one or all problem classifications for an Azure service", - "displayName": "Reads Problem Classifications", - "name": "Microsoft.Support/services/problemClassifications/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Gets the result of the asynchronous operation", - "displayName": "Get Operation Result", - "name": "Microsoft.Support/operationresults/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Gets the status of the asynchronous operation", - "displayName": "Get Operation Status", - "name": "Microsoft.Support/operationsstatus/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Lists all operations available on Microsoft.Support resource provider", - "displayName": "Lists operations", - "name": "Microsoft.Support/operations/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" - }, - { - "description": "Get the virtual network definition", - "displayName": "Get Virtual Network", - "name": "Microsoft.Network/virtualNetworks/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Joins a virtual network. Not Alertable.", - "displayName": "Join Virtual Network.", - "name": "Microsoft.Network/virtualNetworks/subnets/join/action", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Creates a public Ip address or updates an existing public Ip address. ", - "displayName": "Create or Update Public Ip Address", - "name": "Microsoft.Network/publicIPAddresses/write", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets a public ip address definition.", - "displayName": "Get Public Ip Address", - "name": "Microsoft.Network/publicIPAddresses/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Joins a public ip address. Not Alertable.", - "displayName": "Join Public Ip Address.", - "name": "Microsoft.Network/publicIPAddresses/join/action", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Get a Network Virtual Appliance", - "displayName": "Get a Network Virtual Appliance", - "name": "Microsoft.Network/networkVirtualAppliances/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Create or update a Network Virtual Appliance", - "displayName": "Create or update a Network Virtual Appliance", - "name": "Microsoft.Network/networkVirtualAppliances/write", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Delete a Network Virtual Appliance", - "displayName": "Delete a Network Virtual Appliance", - "name": "Microsoft.Network/networkVirtualAppliances/delete", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Get a Virtual Hub", - "displayName": "Get a Virtual Hub", - "name": "Microsoft.Network/virtualHubs/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Get a Virtual Wan", - "displayName": "Get a Virtual Wan", - "name": "Microsoft.Network/virtualWans/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets all Virtual Hubs that reference a Virtual Wan.", - "displayName": "Gets all Virtual Hubs that reference a Virtual Wan.", - "name": "Microsoft.Network/virtualWans/virtualHubs/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets a network security group definition", - "displayName": "Get Network Security Group", - "name": "Microsoft.Network/networkSecurityGroups/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Joins a network security group. Not Alertable.", - "displayName": "Join Network Security Group.", - "name": "Microsoft.Network/networkSecurityGroups/join/action", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "PaloAltoNetworks.Cloudngfw/firewalls/*", - "PaloAltoNetworks.Cloudngfw/localRulestacks/read", - "PaloAltoNetworks.Cloudngfw/globalRulestacks/read", - "PaloAltoNetworks.Cloudngfw/Locations/operationStatuses/read", - "Microsoft.OperationalInsights/workspaces/write", - "Microsoft.OperationalInsights/workspaces/sharedKeys/read", - "Microsoft.OperationalInsights/workspaces/read", - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Insights/metrics/read", - "Microsoft.Insights/metricDefinitions/read", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ResourceHealth/availabilityStatuses/read", - "Microsoft.Support/*", - "Microsoft.Network/virtualNetworks/read", - "Microsoft.Network/virtualNetworks/subnets/join/action", - "Microsoft.Network/publicIPAddresses/write", - "Microsoft.Network/publicIPAddresses/read", - "Microsoft.Network/publicIPAddresses/join/action", - "Microsoft.Network/networkVirtualAppliances/read", - "Microsoft.Network/networkVirtualAppliances/write", - "Microsoft.Network/networkVirtualAppliances/delete", - "Microsoft.Network/virtualHubs/read", - "Microsoft.Network/virtualWans/read", - "Microsoft.Network/virtualWans/virtualHubs/read", - "Microsoft.Network/networkSecurityGroups/read", - "Microsoft.Network/networkSecurityGroups/join/action" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Allows users to create, modify, describe, or delete Rulestacks.", "hasExternal": true, @@ -1029740,148 +1032106,302 @@ ] }, { - "description": "Has the same access as API Management Service Workspace API Developer as well as read access to users and write access to allow assigning users to groups. This role should be assigned on the service scope.", + "description": "Has read-only access to entities in the workspace. This role should be assigned on the workspace scope.", "hasExternal": false, "hasUnknown": false, - "name": "API Management Service Workspace API Product Manager", + "name": "API Management Workspace Reader", "permittedActions": [ { - "description": "Lists a collection of registered users in the specified service instance. or Gets the details of the user specified by its identifier.", - "displayName": "Get users list or Get user details", - "name": "Microsoft.ApiManagement/service/users/read", + "description": "Lists a collection of named values defined within a service instance. or Gets the details of the named value specified by its identifier.", + "displayName": "Get all named values or Get named value details", + "name": "Microsoft.ApiManagement/service/workspaces/namedValues/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists all APIs of the API Management service instance. or Gets the details of the API specified by its identifier.", + "displayName": "Get API list or Get API details", + "name": "Microsoft.ApiManagement/service/workspaces/apis/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of the operations for the specified API. or Gets the details of the API Operation specified by its identifier.", + "displayName": "Get API operations or Get API operation details", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Get the list of policy configuration at the API Operation level. or Get the policy configuration at the API Operation level.", + "displayName": "Get API Operation policies or Get API operation policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/policies/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Get the policy configuration at the API level. or Get the policy configuration at the API level.", + "displayName": "Get API policies or Get API policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/apis/policies/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Get the schema configuration at the API level. or Get the schema configuration at the API level.", + "displayName": "Gets the schemas stored for a given API or Gets schemas for the API", + "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Get the document describing the Schema", + "displayName": "Get the document for the schema", + "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/document/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of API Version Sets in the specified service instance. or Gets the details of the Api Version Set specified by its identifier.", + "displayName": "Get version set list or Get versionSet details", + "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Get list of version entities", + "displayName": "Get VersionSet version entity list", + "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/versions/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists all subscriptions of the API Management service instance. or Gets the specified Subscription entity (without keys).", + "displayName": "Get subscriptions list or Get subscripiton details", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of products in the specified service instance. or Gets the details of the product specified by its identifier.", + "displayName": "Get product list or Get product details", + "name": "Microsoft.ApiManagement/service/workspaces/products/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Get the policy configuration at the Product level. or Get the policy configuration at the Product level.", + "displayName": "Get Product policies or Get Product policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/products/policies/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Get the policy configuration at the Workspace level. or Get the policy configuration at the Workspace level.", + "displayName": "Get Workspace policies or Get Workspace policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/policies/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of product-group links in the specified service instance. or Get product-group details.", + "displayName": "Get links or Get product-group details", + "name": "Microsoft.ApiManagement/service/workspaces/products/groupLinks/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of product-API links in the specified service instance. or Get product-API details.", + "displayName": "Get links or Get product-API details", + "name": "Microsoft.ApiManagement/service/workspaces/products/apiLinks/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { "description": "Lists a collection of tags defined within a service instance. or Gets the details of the tag specified by its identifier.", "displayName": "Get Tags list or Tag details", - "name": "Microsoft.ApiManagement/service/tags/read", + "name": "Microsoft.ApiManagement/service/workspaces/tags/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { "description": "Lists a collection of Tag-API links in the specified service instance. or Get Tag-API details.", "displayName": "Get links or Get Tag-API details", - "name": "Microsoft.ApiManagement/service/tags/apiLinks/read", + "name": "Microsoft.ApiManagement/service/workspaces/tags/apiLinks/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a Tag-API link.", - "displayName": "Create Tag-API link", - "name": "Microsoft.ApiManagement/service/tags/apiLinks/write", + "description": "Lists a collection of Tag-product links in the specified service instance. or Get Tag-product details.", + "displayName": "Get links or Get Tag-product details", + "name": "Microsoft.ApiManagement/service/workspaces/tags/productLinks/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Delete Tag-API link.", - "displayName": "Remove Tag-API link", - "name": "Microsoft.ApiManagement/service/tags/apiLinks/delete", + "description": "Lists a collection of Tag-operation links in the specified service instance. or Get Tag-operation details.", + "displayName": "Get links or Get Tag-operation details", + "name": "Microsoft.ApiManagement/service/workspaces/tags/operationLinks/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of Tag-operation links in the specified service instance. or Get Tag-operation details.", - "displayName": "Get links or Get Tag-operation details", - "name": "Microsoft.ApiManagement/service/tags/operationLinks/read", + "description": "Gets the list of the Notification Recipient User subscribed to the notification.", + "displayName": "Get recipient users for the Notification", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientUsers/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a Tag-operation link.", - "displayName": "Create Tag-operation link", - "name": "Microsoft.ApiManagement/service/tags/operationLinks/write", + "description": "Gets the list of the Notification Recipient Emails subscribed to a notification.", + "displayName": "Get Email Recipients associated with Publisher Notification", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientEmails/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Delete Tag-operation link.", - "displayName": "Remove Tag-operation link", - "name": "Microsoft.ApiManagement/service/tags/operationLinks/delete", + "description": "Lists a collection of schemas registered. or Gets the details of the Schema specified by its identifier.", + "displayName": "Get schemas list or Get schema details", + "name": "Microsoft.ApiManagement/service/workspaces/schemas/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of Tag-product links in the specified service instance. or Get Tag-product details.", - "displayName": "Get links or Get Tag-product details", - "name": "Microsoft.ApiManagement/service/tags/productLinks/read", + "description": "Lists all releases of an API. An API release is created when making an API Revision current. Releases are also used to rollback to previous revisions. Results will be paged and can be constrained by the $top and $skip parameters. or Returns the details of an API release.", + "displayName": "Get revisions for an API or Get API release details", + "name": "Microsoft.ApiManagement/service/workspaces/apis/releases/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a Tag-product link.", - "displayName": "Create Tag-product link", - "name": "Microsoft.ApiManagement/service/tags/productLinks/write", + "description": "Lists all Tags associated with the Operation. or Get tag associated with the Operation.", + "displayName": "Get tags associated with the Operation or Tag details", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/tags/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Delete Tag-product link.", - "displayName": "Remove Tag-product link", - "name": "Microsoft.ApiManagement/service/tags/productLinks/delete", + "description": "Lists all revisions of an API.", + "displayName": "Get revisions for an API", + "name": "Microsoft.ApiManagement/service/workspaces/apis/revisions/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of products in the specified service instance. or Gets the details of the product specified by its identifier.", - "displayName": "Get product list or Get product details", - "name": "Microsoft.ApiManagement/service/products/read", + "description": "Lists all Products, which the API is part of.", + "displayName": "Get products associated with the API", + "name": "Microsoft.ApiManagement/service/workspaces/apis/products/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of product-API links in the specified service instance. or Get product-API details.", - "displayName": "Get links or Get product-API details", - "name": "Microsoft.ApiManagement/service/products/apiLinks/read", + "description": "Lists all Tags associated with the API. or Get tag associated with the API.", + "displayName": "Get tags associated with the API or Get Tag associated with API", + "name": "Microsoft.ApiManagement/service/workspaces/apis/tags/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a product-API link.", - "displayName": "Create product-API link", - "name": "Microsoft.ApiManagement/service/products/apiLinks/write", + "description": "Lists a collection of operations associated with tags.", + "displayName": "Get Operation-Tag associations list", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operationsByTags/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Delete product-API link.", - "displayName": "Remove product-API link", - "name": "Microsoft.ApiManagement/service/products/apiLinks/delete", + "description": "Lists a collection of the APIs associated with a product.", + "displayName": "Get product APIs list", + "name": "Microsoft.ApiManagement/service/workspaces/products/apis/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists the collection of developer groups associated with the specified product.", + "displayName": "Get product groups list", + "name": "Microsoft.ApiManagement/service/workspaces/products/groups/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists the collection of subscriptions to the specified product.", + "displayName": "Get product subscriptions list", + "name": "Microsoft.ApiManagement/service/workspaces/products/subscriptions/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists all Tags associated with the Product. or Get tag associated with the Product.", + "displayName": "Get product tags or Tag details", + "name": "Microsoft.ApiManagement/service/workspaces/products/tags/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { "description": "Lists a collection of groups defined within a service instance. or Gets the details of the group specified by its identifier.", "displayName": "Get groups list or Get group details", - "name": "Microsoft.ApiManagement/service/groups/read", + "name": "Microsoft.ApiManagement/service/workspaces/groups/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { "description": "Lists a collection of user entities associated with the group.", "displayName": "Get group users list", - "name": "Microsoft.ApiManagement/service/groups/users/read", + "name": "Microsoft.ApiManagement/service/workspaces/groups/users/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Add existing user to existing group", - "displayName": "Add user to group", - "name": "Microsoft.ApiManagement/service/groups/users/write", + "description": "Gets all policy fragments. or Gets a policy fragment.", + "displayName": "Get policy fragments or Get policy fragment", + "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Remove existing user from existing group.", - "displayName": "Remove user from group", - "name": "Microsoft.ApiManagement/service/groups/users/delete", + "description": "Lists a collection of properties defined within a service instance. or Gets the details of the Notification specified by its identifier.", + "displayName": "Get all publisher notifications or Get publisher notification details", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Read metadata for an API Management Service instance", - "displayName": "Read metadata for an API Management Service instance", - "name": "Microsoft.ApiManagement/service/read", + "description": "Lists all Documentations of the API Management service instance. or Gets the details of the documentation specified by its identifier.", + "displayName": "Get documentations list or Get documentation details", + "name": "Microsoft.ApiManagement/service/workspaces/documentations/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of all certificates in the specified workspace or Gets the details of the certificate specified by its identifier.", + "displayName": "Get certificates list or Get cerificate details", + "name": "Microsoft.ApiManagement/service/workspaces/certificates/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of loggers in the specified workspace. or Gets the details of the logger specified by its identifier.", + "displayName": "Get loggers list or Get logger details", + "name": "Microsoft.ApiManagement/service/workspaces/loggers/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists all diagnostics of an API. or Gets the details of the Diagnostic for an API specified by its identifier.", + "displayName": "Get diagnostics list or Get diagnostic details", + "name": "Microsoft.ApiManagement/service/workspaces/apis/diagnostics/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of backed in the specified service instance. or Gets the details of the backend specified by its identifier.", + "displayName": "Get list of backend or Get backend details", + "name": "Microsoft.ApiManagement/service/workspaces/backends/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists all diagnostics of a workspace. or Gets the details of the Diagnostic for a workspace specified by its identifier.", + "displayName": "Get diagnostics list or Get diagnostic details", + "name": "Microsoft.ApiManagement/service/workspaces/diagnostics/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, @@ -1030079,16 +1032599,7 @@ "rawPermissions": [ { "actions": [ - "Microsoft.ApiManagement/service/users/read", - "Microsoft.ApiManagement/service/tags/read", - "Microsoft.ApiManagement/service/tags/apiLinks/*", - "Microsoft.ApiManagement/service/tags/operationLinks/*", - "Microsoft.ApiManagement/service/tags/productLinks/*", - "Microsoft.ApiManagement/service/products/read", - "Microsoft.ApiManagement/service/products/apiLinks/*", - "Microsoft.ApiManagement/service/groups/read", - "Microsoft.ApiManagement/service/groups/users/*", - "Microsoft.ApiManagement/service/read", + "Microsoft.ApiManagement/service/workspaces/*/read", "Microsoft.Authorization/*/read" ], "condition": null, @@ -1030100,10 +1032611,10 @@ ] }, { - "description": "Has read access to entities in the workspace and read and write access to entities for editing APIs. This role should be assigned on the workspace scope.", + "description": "Has read access to entities in the workspace and read and write access to entities for publishing APIs. This role should be assigned on the workspace scope.", "hasExternal": false, "hasUnknown": false, - "name": "API Management Workspace API Developer", + "name": "API Management Workspace API Product Manager", "permittedActions": [ { "description": "Lists a collection of named values defined within a service instance. or Gets the details of the named value specified by its identifier.", @@ -1030399,300 +1032910,6 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, - { - "description": "Lists all APIs of the API Management service instance. or Gets the details of the API specified by its identifier.", - "displayName": "Get API list or Get API details", - "name": "Microsoft.ApiManagement/service/workspaces/apis/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates new or updates existing specified API of the API Management service instance. or Updates the specified API of the API Management service instance.", - "displayName": "Create API or Update API", - "name": "Microsoft.ApiManagement/service/workspaces/apis/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Deletes the specified API of the API Management service instance.", - "displayName": "Remove API", - "name": "Microsoft.ApiManagement/service/workspaces/apis/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of the operations for the specified API. or Gets the details of the API Operation specified by its identifier.", - "displayName": "Get API operations or Get API operation details", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates a new operation in the API or updates an existing one. or Updates the details of the operation in the API specified by its identifier.", - "displayName": "Create API operation or Update API operation", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Deletes the specified operation in the API.", - "displayName": "Remove API operation", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Get the list of policy configuration at the API Operation level. or Get the policy configuration at the API Operation level.", - "displayName": "Get API Operation policies or Get API operation policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/policies/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or updates policy configuration for the API Operation level.", - "displayName": "Set API operation policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/policies/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Deletes the policy configuration at the Api Operation.", - "displayName": "Remove API Operation policy configuration from policies", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/policies/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Get the policy configuration at the API level. or Get the policy configuration at the API level.", - "displayName": "Get API policies or Get API policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/apis/policies/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or updates policy configuration for the API.", - "displayName": "Set API policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/apis/policies/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Deletes the policy configuration at the Api.", - "displayName": "Remove API policy configuration from policies", - "name": "Microsoft.ApiManagement/service/workspaces/apis/policies/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Get the schema configuration at the API level. or Get the schema configuration at the API level.", - "displayName": "Gets the schemas stored for a given API or Gets schemas for the API", - "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or updates schema configuration for the API.", - "displayName": "Sets schema used by the API", - "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Deletes the schema configuration at the Api.", - "displayName": "Removes schema for the API", - "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Get the document describing the Schema", - "displayName": "Get the document for the schema", - "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/document/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Update the document describing the Schema", - "displayName": "Update the document for the schema", - "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/document/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists all releases of an API. An API release is created when making an API Revision current. Releases are also used to rollback to previous revisions. Results will be paged and can be constrained by the $top and $skip parameters. or Returns the details of an API release.", - "displayName": "Get revisions for an API or Get API release details", - "name": "Microsoft.ApiManagement/service/workspaces/apis/releases/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Removes all releases of the API or Deletes the specified release in the API.", - "displayName": "Removes all releases of the API or Delete API release", - "name": "Microsoft.ApiManagement/service/workspaces/apis/releases/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates a new Release for the API. or Updates the details of the release of the API specified by its identifier.", - "displayName": "Create API release or Update API release", - "name": "Microsoft.ApiManagement/service/workspaces/apis/releases/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists all Tags associated with the Operation. or Get tag associated with the Operation.", - "displayName": "Get tags associated with the Operation or Tag details", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/tags/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Assign tag to the Operation.", - "displayName": "Associate Tag with Operation", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/tags/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Detach the tag from the Operation.", - "displayName": "Delete Tag with Operation association", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/tags/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists all revisions of an API.", - "displayName": "Get revisions for an API", - "name": "Microsoft.ApiManagement/service/workspaces/apis/revisions/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists all Products, which the API is part of.", - "displayName": "Get products associated with the API", - "name": "Microsoft.ApiManagement/service/workspaces/apis/products/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists all Tags associated with the API. or Get tag associated with the API.", - "displayName": "Get tags associated with the API or Get Tag associated with API", - "name": "Microsoft.ApiManagement/service/workspaces/apis/tags/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Assign tag to the Api.", - "displayName": "Add Tag", - "name": "Microsoft.ApiManagement/service/workspaces/apis/tags/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Detach the tag from the Api.", - "displayName": "Remove Tag", - "name": "Microsoft.ApiManagement/service/workspaces/apis/tags/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of operations associated with tags.", - "displayName": "Get Operation-Tag associations list", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operationsByTags/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists all diagnostics of an API. or Gets the details of the Diagnostic for an API specified by its identifier.", - "displayName": "Get diagnostics list or Get diagnostic details", - "name": "Microsoft.ApiManagement/service/workspaces/apis/diagnostics/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates a new Diagnostic for an API or updates an existing one. or Updates the details of the Diagnostic for an API specified by its identifier.", - "displayName": "Add diagnostic or Update diagnostic", - "name": "Microsoft.ApiManagement/service/workspaces/apis/diagnostics/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Deletes the specified Diagnostic from an API.", - "displayName": "Remove diagnostic", - "name": "Microsoft.ApiManagement/service/workspaces/apis/diagnostics/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of API Version Sets in the specified service instance. or Gets the details of the Api Version Set specified by its identifier.", - "displayName": "Get version set list or Get versionSet details", - "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or Updates a Api Version Set. or Updates the details of the Api VersionSet specified by its identifier.", - "displayName": "Create VersionSet or Update VersionSet", - "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Deletes specific Api Version Set.", - "displayName": "Remove VersionSet", - "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Get list of version entities", - "displayName": "Get VersionSet version entity list", - "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/versions/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Get the policy configuration at the Workspace level. or Get the policy configuration at the Workspace level.", - "displayName": "Get Workspace policies or Get Workspace policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/policies/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or updates policy configuration for the Workspace.", - "displayName": "Set Workspace policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/policies/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Deletes the policy configuration at the Workspace.", - "displayName": "Remove Workspace policy configuration from policies", - "name": "Microsoft.ApiManagement/service/workspaces/policies/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of schemas registered. or Gets the details of the Schema specified by its identifier.", - "displayName": "Get schemas list or Get schema details", - "name": "Microsoft.ApiManagement/service/workspaces/schemas/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or updates an Schema to be used in Api Management instance.", - "displayName": "Create schema", - "name": "Microsoft.ApiManagement/service/workspaces/schemas/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Deletes specific Schema.", - "displayName": "Remove schema", - "name": "Microsoft.ApiManagement/service/workspaces/schemas/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, { "description": "Lists a collection of products in the specified service instance. or Gets the details of the product specified by its identifier.", "displayName": "Get product list or Get product details", @@ -1030848,65 +1033065,86 @@ "providerName": "Microsoft.ApiManagement" }, { - "description": "Gets all policy fragments. or Gets a policy fragment.", - "displayName": "Get policy fragments or Get policy fragment", - "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/read", + "description": "Lists all subscriptions of the API Management service instance. or Gets the specified Subscription entity (without keys).", + "displayName": "Get subscriptions list or Get subscripiton details", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or updates a policy fragment.", - "displayName": "Set policy fragment", - "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/write", + "description": "Creates or updates the subscription of specified user to the specified product. or Updates the details of a subscription specified by its identifier.", + "displayName": "Subscribe to product or Update subscription", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes a policy fragment.", - "displayName": "Delete policy fragment", - "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/delete", + "description": "Deletes the specified subscription.", + "displayName": "Delete subscription", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists policy resources that reference the policy fragment.", - "displayName": "List policy fragment references", - "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/listReferences/action", + "description": "Regenerates primary key of existing subscription of the API Management service instance.", + "displayName": "Regenerate subscription PK", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/regeneratePrimaryKey/action", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of named values defined within a service instance. or Gets the details of the named value specified by its identifier.", - "displayName": "Get all named values or Get named value details", - "name": "Microsoft.ApiManagement/service/workspaces/namedValues/read", + "description": "Regenerates secondary key of existing subscription of the API Management service instance.", + "displayName": "Regenerate subscription SK", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/regenerateSecondaryKey/action", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or updates named value. or Updates the specific named value.", - "displayName": "Create named value or Update named value", - "name": "Microsoft.ApiManagement/service/workspaces/namedValues/write", + "description": "Gets the specified Subscription keys.", + "displayName": "Get subscripiton keys", + "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/listSecrets/action", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes specific named value from the API Management service instance.", - "displayName": "Remove named value", - "name": "Microsoft.ApiManagement/service/workspaces/namedValues/delete", + "description": "Lists a collection of groups defined within a service instance. or Gets the details of the group specified by its identifier.", + "displayName": "Get groups list or Get group details", + "name": "Microsoft.ApiManagement/service/workspaces/groups/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Gets the secret of the named value specified by its identifier.", - "displayName": "Get the value", - "name": "Microsoft.ApiManagement/service/workspaces/namedValues/listValue/action", + "description": "Creates or Updates a group. or Updates the details of the group specified by its identifier.", + "displayName": "Create group or Update group", + "name": "Microsoft.ApiManagement/service/workspaces/groups/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Refreshes named value by fetching it from Key Vault.", - "displayName": "Refresh certificate from KeyVault", - "name": "Microsoft.ApiManagement/service/workspaces/namedValues/refreshSecret/action", + "description": "Deletes specific group of the API Management service instance.", + "displayName": "Remove group", + "name": "Microsoft.ApiManagement/service/workspaces/groups/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of user entities associated with the group.", + "displayName": "Get group users list", + "name": "Microsoft.ApiManagement/service/workspaces/groups/users/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Add existing user to existing group", + "displayName": "Add user to group", + "name": "Microsoft.ApiManagement/service/workspaces/groups/users/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Remove existing user from existing group.", + "displayName": "Remove user from group", + "name": "Microsoft.ApiManagement/service/workspaces/groups/users/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, @@ -1030995,100 +1033233,65 @@ "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of backed in the specified service instance. or Gets the details of the backend specified by its identifier.", - "displayName": "Get list of backend or Get backend details", - "name": "Microsoft.ApiManagement/service/workspaces/backends/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or Updates a Api Version Set. or Updates the details of the backend specified by its identifier.", - "displayName": "Add Backend or Update backend", - "name": "Microsoft.ApiManagement/service/workspaces/backends/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Deletes specific Api Version Set.", - "displayName": "Remove backend", - "name": "Microsoft.ApiManagement/service/workspaces/backends/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Notifies the APIM proxy to create a new connection to the backend after the specified timeout. If no timeout was specified, timeout of 2 minutes is used.", - "displayName": "Create Request", - "name": "Microsoft.ApiManagement/service/workspaces/backends/reconnect/action", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Lists a collection of all certificates in the specified workspace or Gets the details of the certificate specified by its identifier.", - "displayName": "Get certificates list or Get cerificate details", - "name": "Microsoft.ApiManagement/service/workspaces/certificates/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or updates the certificate being used for authentication with the backend.", - "displayName": "Add certificate", - "name": "Microsoft.ApiManagement/service/workspaces/certificates/write", + "description": "Sends notification to a specified user", + "displayName": "Send notification", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/action", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes specific certificate.", - "displayName": "Remove certificate", - "name": "Microsoft.ApiManagement/service/workspaces/certificates/delete", + "description": "Gets the list of the Notification Recipient User subscribed to the notification.", + "displayName": "Get recipient users for the Notification", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientUsers/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Refreshes certificate by fetching it from Key Vault.", - "displayName": "Refresh certificate from KeyVault", - "name": "Microsoft.ApiManagement/service/workspaces/certificates/refreshSecret/action", + "description": "Adds the API Management User to the list of Recipients for the Notification.", + "displayName": "Add user to notification", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientUsers/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists all diagnostics of a workspace. or Gets the details of the Diagnostic for a workspace specified by its identifier.", - "displayName": "Get diagnostics list or Get diagnostic details", - "name": "Microsoft.ApiManagement/service/workspaces/diagnostics/read", + "description": "Removes the API Management user from the list of Notification.", + "displayName": "Removes user from notification recipients", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientUsers/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates a new Diagnostic for a workspace or updates an existing one. or Updates the details of the Diagnostic for a workspace specified by its identifier.", - "displayName": "Add diagnostic or Update diagnostic", - "name": "Microsoft.ApiManagement/service/workspaces/diagnostics/write", + "description": "Gets the list of the Notification Recipient Emails subscribed to a notification.", + "displayName": "Get Email Recipients associated with Publisher Notification", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientEmails/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes the specified Diagnostic from a workspace.", - "displayName": "Remove diagnostic", - "name": "Microsoft.ApiManagement/service/workspaces/diagnostics/delete", + "description": "Adds the Email address to the list of Recipients for the Notification.", + "displayName": "Create new email recipient", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientEmails/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of loggers in the specified workspace. or Gets the details of the logger specified by its identifier.", - "displayName": "Get loggers list or Get logger details", - "name": "Microsoft.ApiManagement/service/workspaces/loggers/read", + "description": "Removes the email from the list of Notification.", + "displayName": "Removes email associated with notification", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientEmails/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a logger. or Updates an existing logger.", - "displayName": "Add logger or Update logger", - "name": "Microsoft.ApiManagement/service/workspaces/loggers/write", + "description": "Lists a collection of properties defined within a service instance. or Gets the details of the Notification specified by its identifier.", + "displayName": "Get all publisher notifications or Get publisher notification details", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes the specified logger.", - "displayName": "Remove logger", - "name": "Microsoft.ApiManagement/service/workspaces/loggers/delete", + "description": "Create or Update API Management publisher notification.", + "displayName": "Create publisher notification", + "name": "Microsoft.ApiManagement/service/workspaces/notifications/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, @@ -1031287,18 +1033490,11 @@ { "actions": [ "Microsoft.ApiManagement/service/workspaces/*/read", - "Microsoft.ApiManagement/service/workspaces/apis/*", - "Microsoft.ApiManagement/service/workspaces/apiVersionSets/*", - "Microsoft.ApiManagement/service/workspaces/policies/*", - "Microsoft.ApiManagement/service/workspaces/schemas/*", "Microsoft.ApiManagement/service/workspaces/products/*", - "Microsoft.ApiManagement/service/workspaces/policyFragments/*", - "Microsoft.ApiManagement/service/workspaces/namedValues/*", + "Microsoft.ApiManagement/service/workspaces/subscriptions/*", + "Microsoft.ApiManagement/service/workspaces/groups/*", "Microsoft.ApiManagement/service/workspaces/tags/*", - "Microsoft.ApiManagement/service/workspaces/backends/*", - "Microsoft.ApiManagement/service/workspaces/certificates/*", - "Microsoft.ApiManagement/service/workspaces/diagnostics/*", - "Microsoft.ApiManagement/service/workspaces/loggers/*", + "Microsoft.ApiManagement/service/workspaces/notifications/*", "Microsoft.Authorization/*/read" ], "condition": null, @@ -1031310,10 +1033506,10 @@ ] }, { - "description": "Has read-only access to entities in the workspace. This role should be assigned on the workspace scope.", + "description": "Has read access to entities in the workspace and read and write access to entities for editing APIs. This role should be assigned on the workspace scope.", "hasExternal": false, "hasUnknown": false, - "name": "API Management Workspace Reader", + "name": "API Management Workspace API Developer", "permittedActions": [ { "description": "Lists a collection of named values defined within a service instance. or Gets the details of the named value specified by its identifier.", @@ -1031609,224 +1033805,6 @@ "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, - { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.ApiManagement/service/workspaces/*/read", - "Microsoft.Authorization/*/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Has read access to entities in the workspace and read and write access to entities for publishing APIs. This role should be assigned on the workspace scope.", - "hasExternal": false, - "hasUnknown": false, - "name": "API Management Workspace API Product Manager", - "permittedActions": [ - { - "description": "Lists a collection of named values defined within a service instance. or Gets the details of the named value specified by its identifier.", - "displayName": "Get all named values or Get named value details", - "name": "Microsoft.ApiManagement/service/workspaces/namedValues/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, { "description": "Lists all APIs of the API Management service instance. or Gets the details of the API specified by its identifier.", "displayName": "Get API list or Get API details", @@ -1031835,156 +1033813,156 @@ "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of the operations for the specified API. or Gets the details of the API Operation specified by its identifier.", - "displayName": "Get API operations or Get API operation details", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/read", + "description": "Creates new or updates existing specified API of the API Management service instance. or Updates the specified API of the API Management service instance.", + "displayName": "Create API or Update API", + "name": "Microsoft.ApiManagement/service/workspaces/apis/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Get the list of policy configuration at the API Operation level. or Get the policy configuration at the API Operation level.", - "displayName": "Get API Operation policies or Get API operation policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/policies/read", + "description": "Deletes the specified API of the API Management service instance.", + "displayName": "Remove API", + "name": "Microsoft.ApiManagement/service/workspaces/apis/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Get the policy configuration at the API level. or Get the policy configuration at the API level.", - "displayName": "Get API policies or Get API policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/apis/policies/read", + "description": "Lists a collection of the operations for the specified API. or Gets the details of the API Operation specified by its identifier.", + "displayName": "Get API operations or Get API operation details", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Get the schema configuration at the API level. or Get the schema configuration at the API level.", - "displayName": "Gets the schemas stored for a given API or Gets schemas for the API", - "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/read", + "description": "Creates a new operation in the API or updates an existing one. or Updates the details of the operation in the API specified by its identifier.", + "displayName": "Create API operation or Update API operation", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Get the document describing the Schema", - "displayName": "Get the document for the schema", - "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/document/read", + "description": "Deletes the specified operation in the API.", + "displayName": "Remove API operation", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of API Version Sets in the specified service instance. or Gets the details of the Api Version Set specified by its identifier.", - "displayName": "Get version set list or Get versionSet details", - "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/read", + "description": "Get the list of policy configuration at the API Operation level. or Get the policy configuration at the API Operation level.", + "displayName": "Get API Operation policies or Get API operation policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/policies/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Get list of version entities", - "displayName": "Get VersionSet version entity list", - "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/versions/read", + "description": "Creates or updates policy configuration for the API Operation level.", + "displayName": "Set API operation policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/policies/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists all subscriptions of the API Management service instance. or Gets the specified Subscription entity (without keys).", - "displayName": "Get subscriptions list or Get subscripiton details", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/read", + "description": "Deletes the policy configuration at the Api Operation.", + "displayName": "Remove API Operation policy configuration from policies", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/policies/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of products in the specified service instance. or Gets the details of the product specified by its identifier.", - "displayName": "Get product list or Get product details", - "name": "Microsoft.ApiManagement/service/workspaces/products/read", + "description": "Get the policy configuration at the API level. or Get the policy configuration at the API level.", + "displayName": "Get API policies or Get API policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/apis/policies/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Get the policy configuration at the Product level. or Get the policy configuration at the Product level.", - "displayName": "Get Product policies or Get Product policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/products/policies/read", + "description": "Creates or updates policy configuration for the API.", + "displayName": "Set API policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/apis/policies/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Get the policy configuration at the Workspace level. or Get the policy configuration at the Workspace level.", - "displayName": "Get Workspace policies or Get Workspace policy configuration", - "name": "Microsoft.ApiManagement/service/workspaces/policies/read", + "description": "Deletes the policy configuration at the Api.", + "displayName": "Remove API policy configuration from policies", + "name": "Microsoft.ApiManagement/service/workspaces/apis/policies/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of product-group links in the specified service instance. or Get product-group details.", - "displayName": "Get links or Get product-group details", - "name": "Microsoft.ApiManagement/service/workspaces/products/groupLinks/read", + "description": "Get the schema configuration at the API level. or Get the schema configuration at the API level.", + "displayName": "Gets the schemas stored for a given API or Gets schemas for the API", + "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of product-API links in the specified service instance. or Get product-API details.", - "displayName": "Get links or Get product-API details", - "name": "Microsoft.ApiManagement/service/workspaces/products/apiLinks/read", + "description": "Creates or updates schema configuration for the API.", + "displayName": "Sets schema used by the API", + "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of tags defined within a service instance. or Gets the details of the tag specified by its identifier.", - "displayName": "Get Tags list or Tag details", - "name": "Microsoft.ApiManagement/service/workspaces/tags/read", + "description": "Deletes the schema configuration at the Api.", + "displayName": "Removes schema for the API", + "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of Tag-API links in the specified service instance. or Get Tag-API details.", - "displayName": "Get links or Get Tag-API details", - "name": "Microsoft.ApiManagement/service/workspaces/tags/apiLinks/read", + "description": "Get the document describing the Schema", + "displayName": "Get the document for the schema", + "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/document/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of Tag-product links in the specified service instance. or Get Tag-product details.", - "displayName": "Get links or Get Tag-product details", - "name": "Microsoft.ApiManagement/service/workspaces/tags/productLinks/read", + "description": "Update the document describing the Schema", + "displayName": "Update the document for the schema", + "name": "Microsoft.ApiManagement/service/workspaces/apis/schemas/document/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of Tag-operation links in the specified service instance. or Get Tag-operation details.", - "displayName": "Get links or Get Tag-operation details", - "name": "Microsoft.ApiManagement/service/workspaces/tags/operationLinks/read", + "description": "Lists all releases of an API. An API release is created when making an API Revision current. Releases are also used to rollback to previous revisions. Results will be paged and can be constrained by the $top and $skip parameters. or Returns the details of an API release.", + "displayName": "Get revisions for an API or Get API release details", + "name": "Microsoft.ApiManagement/service/workspaces/apis/releases/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Gets the list of the Notification Recipient User subscribed to the notification.", - "displayName": "Get recipient users for the Notification", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientUsers/read", + "description": "Removes all releases of the API or Deletes the specified release in the API.", + "displayName": "Removes all releases of the API or Delete API release", + "name": "Microsoft.ApiManagement/service/workspaces/apis/releases/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Gets the list of the Notification Recipient Emails subscribed to a notification.", - "displayName": "Get Email Recipients associated with Publisher Notification", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientEmails/read", + "description": "Creates a new Release for the API. or Updates the details of the release of the API specified by its identifier.", + "displayName": "Create API release or Update API release", + "name": "Microsoft.ApiManagement/service/workspaces/apis/releases/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of schemas registered. or Gets the details of the Schema specified by its identifier.", - "displayName": "Get schemas list or Get schema details", - "name": "Microsoft.ApiManagement/service/workspaces/schemas/read", + "description": "Lists all Tags associated with the Operation. or Get tag associated with the Operation.", + "displayName": "Get tags associated with the Operation or Tag details", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/tags/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists all releases of an API. An API release is created when making an API Revision current. Releases are also used to rollback to previous revisions. Results will be paged and can be constrained by the $top and $skip parameters. or Returns the details of an API release.", - "displayName": "Get revisions for an API or Get API release details", - "name": "Microsoft.ApiManagement/service/workspaces/apis/releases/read", + "description": "Assign tag to the Operation.", + "displayName": "Associate Tag with Operation", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/tags/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists all Tags associated with the Operation. or Get tag associated with the Operation.", - "displayName": "Get tags associated with the Operation or Tag details", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/tags/read", + "description": "Detach the tag from the Operation.", + "displayName": "Delete Tag with Operation association", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operations/tags/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, @@ -1032010,107 +1033988,114 @@ "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of operations associated with tags.", - "displayName": "Get Operation-Tag associations list", - "name": "Microsoft.ApiManagement/service/workspaces/apis/operationsByTags/read", + "description": "Assign tag to the Api.", + "displayName": "Add Tag", + "name": "Microsoft.ApiManagement/service/workspaces/apis/tags/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of the APIs associated with a product.", - "displayName": "Get product APIs list", - "name": "Microsoft.ApiManagement/service/workspaces/products/apis/read", + "description": "Detach the tag from the Api.", + "displayName": "Remove Tag", + "name": "Microsoft.ApiManagement/service/workspaces/apis/tags/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists the collection of developer groups associated with the specified product.", - "displayName": "Get product groups list", - "name": "Microsoft.ApiManagement/service/workspaces/products/groups/read", + "description": "Lists a collection of operations associated with tags.", + "displayName": "Get Operation-Tag associations list", + "name": "Microsoft.ApiManagement/service/workspaces/apis/operationsByTags/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists the collection of subscriptions to the specified product.", - "displayName": "Get product subscriptions list", - "name": "Microsoft.ApiManagement/service/workspaces/products/subscriptions/read", + "description": "Lists all diagnostics of an API. or Gets the details of the Diagnostic for an API specified by its identifier.", + "displayName": "Get diagnostics list or Get diagnostic details", + "name": "Microsoft.ApiManagement/service/workspaces/apis/diagnostics/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists all Tags associated with the Product. or Get tag associated with the Product.", - "displayName": "Get product tags or Tag details", - "name": "Microsoft.ApiManagement/service/workspaces/products/tags/read", + "description": "Creates a new Diagnostic for an API or updates an existing one. or Updates the details of the Diagnostic for an API specified by its identifier.", + "displayName": "Add diagnostic or Update diagnostic", + "name": "Microsoft.ApiManagement/service/workspaces/apis/diagnostics/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of groups defined within a service instance. or Gets the details of the group specified by its identifier.", - "displayName": "Get groups list or Get group details", - "name": "Microsoft.ApiManagement/service/workspaces/groups/read", + "description": "Deletes the specified Diagnostic from an API.", + "displayName": "Remove diagnostic", + "name": "Microsoft.ApiManagement/service/workspaces/apis/diagnostics/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of user entities associated with the group.", - "displayName": "Get group users list", - "name": "Microsoft.ApiManagement/service/workspaces/groups/users/read", + "description": "Lists a collection of API Version Sets in the specified service instance. or Gets the details of the Api Version Set specified by its identifier.", + "displayName": "Get version set list or Get versionSet details", + "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Gets all policy fragments. or Gets a policy fragment.", - "displayName": "Get policy fragments or Get policy fragment", - "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/read", + "description": "Creates or Updates a Api Version Set. or Updates the details of the Api VersionSet specified by its identifier.", + "displayName": "Create VersionSet or Update VersionSet", + "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of properties defined within a service instance. or Gets the details of the Notification specified by its identifier.", - "displayName": "Get all publisher notifications or Get publisher notification details", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/read", + "description": "Deletes specific Api Version Set.", + "displayName": "Remove VersionSet", + "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists all Documentations of the API Management service instance. or Gets the details of the documentation specified by its identifier.", - "displayName": "Get documentations list or Get documentation details", - "name": "Microsoft.ApiManagement/service/workspaces/documentations/read", + "description": "Get list of version entities", + "displayName": "Get VersionSet version entity list", + "name": "Microsoft.ApiManagement/service/workspaces/apiVersionSets/versions/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of all certificates in the specified workspace or Gets the details of the certificate specified by its identifier.", - "displayName": "Get certificates list or Get cerificate details", - "name": "Microsoft.ApiManagement/service/workspaces/certificates/read", + "description": "Get the policy configuration at the Workspace level. or Get the policy configuration at the Workspace level.", + "displayName": "Get Workspace policies or Get Workspace policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/policies/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of loggers in the specified workspace. or Gets the details of the logger specified by its identifier.", - "displayName": "Get loggers list or Get logger details", - "name": "Microsoft.ApiManagement/service/workspaces/loggers/read", + "description": "Creates or updates policy configuration for the Workspace.", + "displayName": "Set Workspace policy configuration", + "name": "Microsoft.ApiManagement/service/workspaces/policies/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists all diagnostics of an API. or Gets the details of the Diagnostic for an API specified by its identifier.", - "displayName": "Get diagnostics list or Get diagnostic details", - "name": "Microsoft.ApiManagement/service/workspaces/apis/diagnostics/read", + "description": "Deletes the policy configuration at the Workspace.", + "displayName": "Remove Workspace policy configuration from policies", + "name": "Microsoft.ApiManagement/service/workspaces/policies/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of backed in the specified service instance. or Gets the details of the backend specified by its identifier.", - "displayName": "Get list of backend or Get backend details", - "name": "Microsoft.ApiManagement/service/workspaces/backends/read", + "description": "Lists a collection of schemas registered. or Gets the details of the Schema specified by its identifier.", + "displayName": "Get schemas list or Get schema details", + "name": "Microsoft.ApiManagement/service/workspaces/schemas/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists all diagnostics of a workspace. or Gets the details of the Diagnostic for a workspace specified by its identifier.", - "displayName": "Get diagnostics list or Get diagnostic details", - "name": "Microsoft.ApiManagement/service/workspaces/diagnostics/read", + "description": "Creates or updates an Schema to be used in Api Management instance.", + "displayName": "Create schema", + "name": "Microsoft.ApiManagement/service/workspaces/schemas/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes specific Schema.", + "displayName": "Remove schema", + "name": "Microsoft.ApiManagement/service/workspaces/schemas/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, @@ -1032269,86 +1034254,65 @@ "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists all subscriptions of the API Management service instance. or Gets the specified Subscription entity (without keys).", - "displayName": "Get subscriptions list or Get subscripiton details", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/read", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Creates or updates the subscription of specified user to the specified product. or Updates the details of a subscription specified by its identifier.", - "displayName": "Subscribe to product or Update subscription", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/write", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Deletes the specified subscription.", - "displayName": "Delete subscription", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/delete", - "providerDisplayName": "Microsoft API Management", - "providerName": "Microsoft.ApiManagement" - }, - { - "description": "Regenerates primary key of existing subscription of the API Management service instance.", - "displayName": "Regenerate subscription PK", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/regeneratePrimaryKey/action", + "description": "Gets all policy fragments. or Gets a policy fragment.", + "displayName": "Get policy fragments or Get policy fragment", + "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Regenerates secondary key of existing subscription of the API Management service instance.", - "displayName": "Regenerate subscription SK", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/regenerateSecondaryKey/action", + "description": "Creates or updates a policy fragment.", + "displayName": "Set policy fragment", + "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Gets the specified Subscription keys.", - "displayName": "Get subscripiton keys", - "name": "Microsoft.ApiManagement/service/workspaces/subscriptions/listSecrets/action", + "description": "Deletes a policy fragment.", + "displayName": "Delete policy fragment", + "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of groups defined within a service instance. or Gets the details of the group specified by its identifier.", - "displayName": "Get groups list or Get group details", - "name": "Microsoft.ApiManagement/service/workspaces/groups/read", + "description": "Lists policy resources that reference the policy fragment.", + "displayName": "List policy fragment references", + "name": "Microsoft.ApiManagement/service/workspaces/policyFragments/listReferences/action", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Creates or Updates a group. or Updates the details of the group specified by its identifier.", - "displayName": "Create group or Update group", - "name": "Microsoft.ApiManagement/service/workspaces/groups/write", + "description": "Lists a collection of named values defined within a service instance. or Gets the details of the named value specified by its identifier.", + "displayName": "Get all named values or Get named value details", + "name": "Microsoft.ApiManagement/service/workspaces/namedValues/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Deletes specific group of the API Management service instance.", - "displayName": "Remove group", - "name": "Microsoft.ApiManagement/service/workspaces/groups/delete", + "description": "Creates or updates named value. or Updates the specific named value.", + "displayName": "Create named value or Update named value", + "name": "Microsoft.ApiManagement/service/workspaces/namedValues/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of user entities associated with the group.", - "displayName": "Get group users list", - "name": "Microsoft.ApiManagement/service/workspaces/groups/users/read", + "description": "Deletes specific named value from the API Management service instance.", + "displayName": "Remove named value", + "name": "Microsoft.ApiManagement/service/workspaces/namedValues/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Add existing user to existing group", - "displayName": "Add user to group", - "name": "Microsoft.ApiManagement/service/workspaces/groups/users/write", + "description": "Gets the secret of the named value specified by its identifier.", + "displayName": "Get the value", + "name": "Microsoft.ApiManagement/service/workspaces/namedValues/listValue/action", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Remove existing user from existing group.", - "displayName": "Remove user from group", - "name": "Microsoft.ApiManagement/service/workspaces/groups/users/delete", + "description": "Refreshes named value by fetching it from Key Vault.", + "displayName": "Refresh certificate from KeyVault", + "name": "Microsoft.ApiManagement/service/workspaces/namedValues/refreshSecret/action", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, @@ -1032437,65 +1034401,100 @@ "providerName": "Microsoft.ApiManagement" }, { - "description": "Sends notification to a specified user", - "displayName": "Send notification", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/action", + "description": "Lists a collection of backed in the specified service instance. or Gets the details of the backend specified by its identifier.", + "displayName": "Get list of backend or Get backend details", + "name": "Microsoft.ApiManagement/service/workspaces/backends/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Gets the list of the Notification Recipient User subscribed to the notification.", - "displayName": "Get recipient users for the Notification", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientUsers/read", + "description": "Creates or Updates a Api Version Set. or Updates the details of the backend specified by its identifier.", + "displayName": "Add Backend or Update backend", + "name": "Microsoft.ApiManagement/service/workspaces/backends/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Adds the API Management User to the list of Recipients for the Notification.", - "displayName": "Add user to notification", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientUsers/write", + "description": "Deletes specific Api Version Set.", + "displayName": "Remove backend", + "name": "Microsoft.ApiManagement/service/workspaces/backends/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Removes the API Management user from the list of Notification.", - "displayName": "Removes user from notification recipients", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientUsers/delete", + "description": "Notifies the APIM proxy to create a new connection to the backend after the specified timeout. If no timeout was specified, timeout of 2 minutes is used.", + "displayName": "Create Request", + "name": "Microsoft.ApiManagement/service/workspaces/backends/reconnect/action", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Gets the list of the Notification Recipient Emails subscribed to a notification.", - "displayName": "Get Email Recipients associated with Publisher Notification", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientEmails/read", + "description": "Lists a collection of all certificates in the specified workspace or Gets the details of the certificate specified by its identifier.", + "displayName": "Get certificates list or Get cerificate details", + "name": "Microsoft.ApiManagement/service/workspaces/certificates/read", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Adds the Email address to the list of Recipients for the Notification.", - "displayName": "Create new email recipient", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientEmails/write", + "description": "Creates or updates the certificate being used for authentication with the backend.", + "displayName": "Add certificate", + "name": "Microsoft.ApiManagement/service/workspaces/certificates/write", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Removes the email from the list of Notification.", - "displayName": "Removes email associated with notification", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/recipientEmails/delete", + "description": "Deletes specific certificate.", + "displayName": "Remove certificate", + "name": "Microsoft.ApiManagement/service/workspaces/certificates/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Lists a collection of properties defined within a service instance. or Gets the details of the Notification specified by its identifier.", - "displayName": "Get all publisher notifications or Get publisher notification details", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/read", + "description": "Refreshes certificate by fetching it from Key Vault.", + "displayName": "Refresh certificate from KeyVault", + "name": "Microsoft.ApiManagement/service/workspaces/certificates/refreshSecret/action", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, { - "description": "Create or Update API Management publisher notification.", - "displayName": "Create publisher notification", - "name": "Microsoft.ApiManagement/service/workspaces/notifications/write", + "description": "Lists all diagnostics of a workspace. or Gets the details of the Diagnostic for a workspace specified by its identifier.", + "displayName": "Get diagnostics list or Get diagnostic details", + "name": "Microsoft.ApiManagement/service/workspaces/diagnostics/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Creates a new Diagnostic for a workspace or updates an existing one. or Updates the details of the Diagnostic for a workspace specified by its identifier.", + "displayName": "Add diagnostic or Update diagnostic", + "name": "Microsoft.ApiManagement/service/workspaces/diagnostics/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes the specified Diagnostic from a workspace.", + "displayName": "Remove diagnostic", + "name": "Microsoft.ApiManagement/service/workspaces/diagnostics/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of loggers in the specified workspace. or Gets the details of the logger specified by its identifier.", + "displayName": "Get loggers list or Get logger details", + "name": "Microsoft.ApiManagement/service/workspaces/loggers/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Creates or Updates a logger. or Updates an existing logger.", + "displayName": "Add logger or Update logger", + "name": "Microsoft.ApiManagement/service/workspaces/loggers/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Deletes the specified logger.", + "displayName": "Remove logger", + "name": "Microsoft.ApiManagement/service/workspaces/loggers/delete", "providerDisplayName": "Microsoft API Management", "providerName": "Microsoft.ApiManagement" }, @@ -1032694,11 +1034693,378 @@ { "actions": [ "Microsoft.ApiManagement/service/workspaces/*/read", + "Microsoft.ApiManagement/service/workspaces/apis/*", + "Microsoft.ApiManagement/service/workspaces/apiVersionSets/*", + "Microsoft.ApiManagement/service/workspaces/policies/*", + "Microsoft.ApiManagement/service/workspaces/schemas/*", "Microsoft.ApiManagement/service/workspaces/products/*", - "Microsoft.ApiManagement/service/workspaces/subscriptions/*", - "Microsoft.ApiManagement/service/workspaces/groups/*", + "Microsoft.ApiManagement/service/workspaces/policyFragments/*", + "Microsoft.ApiManagement/service/workspaces/namedValues/*", "Microsoft.ApiManagement/service/workspaces/tags/*", - "Microsoft.ApiManagement/service/workspaces/notifications/*", + "Microsoft.ApiManagement/service/workspaces/backends/*", + "Microsoft.ApiManagement/service/workspaces/certificates/*", + "Microsoft.ApiManagement/service/workspaces/diagnostics/*", + "Microsoft.ApiManagement/service/workspaces/loggers/*", + "Microsoft.Authorization/*/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Has the same access as API Management Service Workspace API Developer as well as read access to users and write access to allow assigning users to groups. This role should be assigned on the service scope.", + "hasExternal": false, + "hasUnknown": false, + "name": "API Management Service Workspace API Product Manager", + "permittedActions": [ + { + "description": "Lists a collection of registered users in the specified service instance. or Gets the details of the user specified by its identifier.", + "displayName": "Get users list or Get user details", + "name": "Microsoft.ApiManagement/service/users/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of tags defined within a service instance. or Gets the details of the tag specified by its identifier.", + "displayName": "Get Tags list or Tag details", + "name": "Microsoft.ApiManagement/service/tags/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of Tag-API links in the specified service instance. or Get Tag-API details.", + "displayName": "Get links or Get Tag-API details", + "name": "Microsoft.ApiManagement/service/tags/apiLinks/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Creates or Updates a Tag-API link.", + "displayName": "Create Tag-API link", + "name": "Microsoft.ApiManagement/service/tags/apiLinks/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Delete Tag-API link.", + "displayName": "Remove Tag-API link", + "name": "Microsoft.ApiManagement/service/tags/apiLinks/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of Tag-operation links in the specified service instance. or Get Tag-operation details.", + "displayName": "Get links or Get Tag-operation details", + "name": "Microsoft.ApiManagement/service/tags/operationLinks/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Creates or Updates a Tag-operation link.", + "displayName": "Create Tag-operation link", + "name": "Microsoft.ApiManagement/service/tags/operationLinks/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Delete Tag-operation link.", + "displayName": "Remove Tag-operation link", + "name": "Microsoft.ApiManagement/service/tags/operationLinks/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of Tag-product links in the specified service instance. or Get Tag-product details.", + "displayName": "Get links or Get Tag-product details", + "name": "Microsoft.ApiManagement/service/tags/productLinks/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Creates or Updates a Tag-product link.", + "displayName": "Create Tag-product link", + "name": "Microsoft.ApiManagement/service/tags/productLinks/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Delete Tag-product link.", + "displayName": "Remove Tag-product link", + "name": "Microsoft.ApiManagement/service/tags/productLinks/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of products in the specified service instance. or Gets the details of the product specified by its identifier.", + "displayName": "Get product list or Get product details", + "name": "Microsoft.ApiManagement/service/products/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of product-API links in the specified service instance. or Get product-API details.", + "displayName": "Get links or Get product-API details", + "name": "Microsoft.ApiManagement/service/products/apiLinks/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Creates or Updates a product-API link.", + "displayName": "Create product-API link", + "name": "Microsoft.ApiManagement/service/products/apiLinks/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Delete product-API link.", + "displayName": "Remove product-API link", + "name": "Microsoft.ApiManagement/service/products/apiLinks/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of groups defined within a service instance. or Gets the details of the group specified by its identifier.", + "displayName": "Get groups list or Get group details", + "name": "Microsoft.ApiManagement/service/groups/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Lists a collection of user entities associated with the group.", + "displayName": "Get group users list", + "name": "Microsoft.ApiManagement/service/groups/users/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Add existing user to existing group", + "displayName": "Add user to group", + "name": "Microsoft.ApiManagement/service/groups/users/write", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Remove existing user from existing group.", + "displayName": "Remove user from group", + "name": "Microsoft.ApiManagement/service/groups/users/delete", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Read metadata for an API Management Service instance", + "displayName": "Read metadata for an API Management Service instance", + "name": "Microsoft.ApiManagement/service/read", + "providerDisplayName": "Microsoft API Management", + "providerName": "Microsoft.ApiManagement" + }, + { + "description": "Reads the administrators for the subscription.", + "displayName": "Get administrator", + "name": "Microsoft.Authorization/classicAdministrators/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role assignment.", + "displayName": "Get role assignment", + "name": "Microsoft.Authorization/roleAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Lists all the permissions the caller has at a given scope.", + "displayName": "List permissions", + "name": "Microsoft.Authorization/permissions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets locks at the specified scope.", + "displayName": "Get management locks", + "name": "Microsoft.Authorization/locks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role definition.", + "displayName": "Get role definition", + "name": "Microsoft.Authorization/roleDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get operations for all resource providers which can be used in role definitions.", + "displayName": "Get operations for resource providers", + "name": "Microsoft.Authorization/providerOperations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy set definition.", + "displayName": "Get policy set definition", + "name": "Microsoft.Authorization/policySetDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy definition.", + "displayName": "Get policy definition", + "name": "Microsoft.Authorization/policyDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy assignment.", + "displayName": "Get policy assignment", + "name": "Microsoft.Authorization/policyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the list of operations", + "displayName": "Get operations", + "name": "Microsoft.Authorization/operations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the administrator opreation statuses of the subscription.", + "displayName": "Get administrator operation statuses", + "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a deny assignment.", + "displayName": "Get deny assignment", + "name": "Microsoft.Authorization/denyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about resource management private link.", + "displayName": "Get Resource Management Private Link", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection proxy.", + "displayName": "Get Private Endpoint Connection Proxy", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private link association.", + "displayName": "Get Private Link Association", + "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy exemption.", + "displayName": "Get policy exemption", + "name": "Microsoft.Authorization/policyExemptions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule requests at given scope.", + "displayName": "Get Role assignment schedule request", + "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule requests at given scope.", + "displayName": "Get Role eligibility schedule request", + "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedules at given scope.", + "displayName": "Get Role assignment schedule", + "name": "Microsoft.Authorization/roleAssignmentSchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedules at given scope.", + "displayName": "Get Role eligibility schedule", + "name": "Microsoft.Authorization/roleEligibilitySchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule instances at given scope.", + "displayName": "Get Role assignment schedule instance", + "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule instances at given scope.", + "displayName": "Get Role eligibility schedule instance", + "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get Role management policies", + "displayName": "Get Role management policy", + "name": "Microsoft.Authorization/roleManagementPolicies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get role management policy assignments", + "displayName": "Get Role management policy assignment", + "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Read the information about diagnostics settings", + "displayName": "Get information about diagnostics settings", + "name": "Microsoft.Authorization/diagnosticSettings/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get the information about diagnostic settings categories", + "displayName": "Read the information about diagnostic settings categories", + "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.ApiManagement/service/users/read", + "Microsoft.ApiManagement/service/tags/read", + "Microsoft.ApiManagement/service/tags/apiLinks/*", + "Microsoft.ApiManagement/service/tags/operationLinks/*", + "Microsoft.ApiManagement/service/tags/productLinks/*", + "Microsoft.ApiManagement/service/products/read", + "Microsoft.ApiManagement/service/products/apiLinks/*", + "Microsoft.ApiManagement/service/groups/read", + "Microsoft.ApiManagement/service/groups/users/*", + "Microsoft.ApiManagement/service/read", "Microsoft.Authorization/*/read" ], "condition": null, @@ -1034287,6 +1036653,146 @@ } ] }, + { + "description": "This role is used by Windows 365 to provision required network resources and join Microsoft-hosted VMs to network interfaces.", + "hasExternal": false, + "hasUnknown": false, + "name": "Windows 365 Network Interface Contributor", + "permittedActions": [ + { + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets operation resource that represents status of an asynchronous operation", + "displayName": "Get Operation Resource", + "name": "Microsoft.Network/locations/operations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets operation result of an async POST or DELETE operation", + "displayName": "Get Operation Result", + "name": "Microsoft.Network/locations/operationResults/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets the resources usage metrics", + "displayName": "Get Usage Metric", + "name": "Microsoft.Network/locations/usages/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Creates a network interface or updates an existing network interface. ", + "displayName": "Create or Update Network Interface", + "name": "Microsoft.Network/networkInterfaces/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets a network interface definition. ", + "displayName": "Get Network Interface", + "name": "Microsoft.Network/networkInterfaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Deletes a network interface", + "displayName": "Delete Network Interface", + "name": "Microsoft.Network/networkInterfaces/delete", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Joins a Virtual Machine to a network interface. Not Alertable.", + "displayName": "Join Virtual Machine to a network interface.", + "name": "Microsoft.Network/networkInterfaces/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Network Security Groups configured On Network Interface Of The Vm", + "displayName": "Get Network Interface Effective Security Groups", + "name": "Microsoft.Network/networkInterfaces/effectiveNetworkSecurityGroups/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Route Table configured On Network Interface Of The Vm", + "displayName": "Get Network Interface Effective Route Table", + "name": "Microsoft.Network/networkInterfaces/effectiveRouteTable/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Resources/subscriptions/resourcegroups/read", + "Microsoft.Resources/deployments/read", + "Microsoft.Resources/deployments/write", + "Microsoft.Resources/deployments/delete", + "Microsoft.Resources/deployments/operations/read", + "Microsoft.Resources/deployments/operationstatuses/read", + "Microsoft.Network/locations/operations/read", + "Microsoft.Network/locations/operationResults/read", + "Microsoft.Network/locations/usages/read", + "Microsoft.Network/networkInterfaces/write", + "Microsoft.Network/networkInterfaces/read", + "Microsoft.Network/networkInterfaces/delete", + "Microsoft.Network/networkInterfaces/join/action", + "Microsoft.Network/networkInterfaces/effectiveNetworkSecurityGroups/action", + "Microsoft.Network/networkInterfaces/effectiveRouteTable/action" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Read subscriptions, images, azure firewalls. This role is used in Windows365 scenarios.", "hasExternal": false, @@ -1034514,151 +1037020,410 @@ ] }, { - "description": "This role is used by Windows 365 to provision required network resources and join Microsoft-hosted VMs to network interfaces.", - "hasExternal": false, + "description": "Create, read, download, modify and delete reports objects and related other resource objects.", + "hasExternal": true, "hasUnknown": false, - "name": "Windows 365 Network Interface Contributor", + "name": "App Compliance Automation Administrator", "permittedActions": [ { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "description": "Onboard given subscriptions to Microsoft.AppComplianceAutomation provider.", + "displayName": "ProviderActions_Onboard", + "name": "Microsoft.AppComplianceAutomation/onboard/action", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Trigger quick evaluation for the given subscriptions.", + "displayName": "ProviderActions_TriggerEvaluation", + "name": "Microsoft.AppComplianceAutomation/triggerEvaluation/action", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "List the storage accounts which are in use by related reports", + "displayName": "ProviderActions_ListInUseStorageAccounts", + "name": "Microsoft.AppComplianceAutomation/listInUseStorageAccounts/action", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "action checkNameAvailability", + "displayName": "action_checkNameAvailability", + "name": "Microsoft.AppComplianceAutomation/checkNameAvailability/action", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Get the count of reports.", + "displayName": "ProviderActions_GetCollectionCount", + "name": "Microsoft.AppComplianceAutomation/getCollectionCount/action", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Get the resource overview status.", + "displayName": "ProviderActions_GetOverviewStatus", + "name": "Microsoft.AppComplianceAutomation/getOverviewStatus/action", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Register the subscription for Microsoft.AppComplianceAutomation", + "displayName": "Register the Microsoft.AppComplianceAutomation", + "name": "Microsoft.AppComplianceAutomation/register/action", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Unregister the subscription for Microsoft.AppComplianceAutomation", + "displayName": "Unregister the Microsoft.AppComplianceAutomation", + "name": "Microsoft.AppComplianceAutomation/unregister/action", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "read operations", + "displayName": "read_operations", + "name": "Microsoft.AppComplianceAutomation/operations/read", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "read operationStatuses", + "displayName": "read_operationStatuses", + "name": "Microsoft.AppComplianceAutomation/locations/operationStatuses/read", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "write operationStatuses", + "displayName": "write_operationStatuses", + "name": "Microsoft.AppComplianceAutomation/locations/operationStatuses/write", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Get the AppComplianceAutomation report list for the tenant.", + "displayName": "Reports_List", + "name": "Microsoft.AppComplianceAutomation/reports/read", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Create a new AppComplianceAutomation report or update an exiting AppComplianceAutomation report.", + "displayName": "Reports_CreateOrUpdate", + "name": "Microsoft.AppComplianceAutomation/reports/write", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Delete an AppComplianceAutomation report.", + "displayName": "Reports_Delete", + "name": "Microsoft.AppComplianceAutomation/reports/delete", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Checks the report's nested resource name availability, e.g: Webhooks, Evidences, Snapshots.", + "displayName": "Reports_NestedResourceCheckNameAvailability", + "name": "Microsoft.AppComplianceAutomation/reports/checkNameAvailability/action", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Fix the AppComplianceAutomation report error. e.g: App Compliance Automation Tool service unregistered, automation removed.", + "displayName": "Reports_Fix", + "name": "Microsoft.AppComplianceAutomation/reports/fix/action", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Fix the AppComplianceAutomation report error. e.g: App Compliance Automation Tool service unregistered, automation removed.", + "displayName": "GetScopingQuestions", + "name": "Microsoft.AppComplianceAutomation/reports/getScopingQuestions/action", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Synchronize attestation record from app compliance.", + "displayName": "Reports_SyncCertRecord", + "name": "Microsoft.AppComplianceAutomation/reports/syncCertRecord/action", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Verify the AppComplianceAutomation report health status.", + "displayName": "Report_Verify", + "name": "Microsoft.AppComplianceAutomation/reports/verify/action", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Get the AppComplianceAutomation snapshot list.", + "displayName": "Snapshots_List", + "name": "Microsoft.AppComplianceAutomation/reports/snapshots/read", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Download compliance needs from snapshot, like: Compliance Report, Resource List.", + "displayName": "Snapshots_Download", + "name": "Microsoft.AppComplianceAutomation/reports/snapshots/download/action", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Get the AppComplianceAutomation webhook list.", + "displayName": "Webhooks_List", + "name": "Microsoft.AppComplianceAutomation/reports/webhooks/read", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Create a new AppComplianceAutomation webhook or update an exiting AppComplianceAutomation webhook.", + "displayName": "Webhooks_CreateOrUpdate", + "name": "Microsoft.AppComplianceAutomation/reports/webhooks/write", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Delete an AppComplianceAutomation webhook.", + "displayName": "Webhooks_Delete", + "name": "Microsoft.AppComplianceAutomation/reports/webhooks/delete", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Returns a paginated list of evidences for a specified report.", + "displayName": "Evidences_ListByReport", + "name": "Microsoft.AppComplianceAutomation/reports/evidences/read", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Create or Update an evidence a specified report", + "displayName": "Evidences_CreateOrUpdate", + "name": "Microsoft.AppComplianceAutomation/reports/evidences/write", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Delete an existent evidence from a specified report", + "displayName": "Evidences_Delete", + "name": "Microsoft.AppComplianceAutomation/reports/evidences/delete", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Download evidence file.", + "displayName": "Evidences_Download", + "name": "Microsoft.AppComplianceAutomation/reports/evidences/download/action", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Returns a list format of the singleton scopingConfiguration for a specified report.", + "displayName": "ScopingConfigurations_List", + "name": "Microsoft.AppComplianceAutomation/reports/scopingConfigurations/read", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Get the AppComplianceAutomation scoping configuration of the specific report.", + "displayName": "ScopingConfiguration_CreateOrUpdate", + "name": "Microsoft.AppComplianceAutomation/reports/scopingConfigurations/write", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Clean the AppComplianceAutomation scoping configuration of the specific report.", + "displayName": "ScopingConfiguration_Delete", + "name": "Microsoft.AppComplianceAutomation/reports/scopingConfigurations/delete", + "providerDisplayName": "Microsoft.AppComplianceAutomation", + "providerName": "Microsoft.AppComplianceAutomation" + }, + { + "description": "Returns the result of put blob service properties", + "displayName": "Put blob service properties", + "name": "Microsoft.Storage/storageAccounts/blobServices/write", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Put file service properties", + "displayName": "Put File Service Properties", + "name": "Microsoft.Storage/storageAccounts/fileServices/write", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Returns the access keys for the specified storage account.", + "displayName": "List Storage Account Keys", + "name": "Microsoft.Storage/storageAccounts/listkeys/action", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Creates a storage account with the specified parameters or update the properties or tags or adds custom domain for the specified storage account.", + "displayName": "Create/Update Storage Account", + "name": "Microsoft.Storage/storageAccounts/write", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Returns a user delegation key for the blob service", + "displayName": "Generate a user delegation key", + "name": "Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Returns the list of storage accounts or gets the properties for the specified storage account.", + "displayName": "List/Get Storage Account(s)", + "name": "Microsoft.Storage/storageAccounts/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Returns a container", + "displayName": "Get blob container", + "name": "Microsoft.Storage/storageAccounts/blobServices/containers/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Returns the result of patch blob container", + "displayName": "Patch blob container", + "name": "Microsoft.Storage/storageAccounts/blobServices/containers/write", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "List blob services", + "displayName": "List Blob Services", + "name": "Microsoft.Storage/storageAccounts/blobServices/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Query information about policy states.", + "displayName": "Query Policy States", + "name": "Microsoft.PolicyInsights/policyStates/queryResults/action", + "providerDisplayName": "Microsoft Policy Insights", + "providerName": "Microsoft.PolicyInsights" + }, + { + "description": "Triggers a new compliance evaluation for the selected scope.", + "displayName": "Trigger Policy Insights Compliance Evaluation", + "name": "Microsoft.PolicyInsights/policyStates/triggerEvaluation/action", + "providerDisplayName": "Microsoft Policy Insights", + "providerName": "Microsoft.PolicyInsights" + }, + { + "description": "Get the list of resources based upon filters.", + "displayName": "Get Resources", + "name": "Microsoft.Resources/resources/read", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", + "description": "Gets the list of subscriptions.", + "displayName": "Get Subscriptions", + "name": "Microsoft.Resources/subscriptions/read", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", + "description": "Gets the resources for the resource group.", + "displayName": "Get Resource Group Resources", + "name": "Microsoft.Resources/subscriptions/resourcegroups/resources/read", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", + "description": "Gets resources of a subscription.", + "displayName": "Get Subscription Resources", + "name": "Microsoft.Resources/subscriptions/resources/read", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", + "description": "Deletes a resource group and all its resources.", + "displayName": "Delete Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/delete", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, { - "description": "Gets operation resource that represents status of an asynchronous operation", - "displayName": "Get Operation Resource", - "name": "Microsoft.Network/locations/operations/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" + "description": "Creates or updates a resource group.", + "displayName": "Create Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Gets operation result of an async POST or DELETE operation", - "displayName": "Get Operation Result", - "name": "Microsoft.Network/locations/operationResults/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" + "description": "Gets all the tags on a resource.", + "displayName": "Read tags", + "name": "Microsoft.Resources/tags/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Gets the resources usage metrics", - "displayName": "Get Usage Metric", - "name": "Microsoft.Network/locations/usages/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Creates a network interface or updates an existing network interface. ", - "displayName": "Create or Update Network Interface", - "name": "Microsoft.Network/networkInterfaces/write", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" + "description": "Gets the automations for the scope", + "displayName": "Get automations", + "name": "Microsoft.Security/automations/read", + "providerDisplayName": "Microsoft Security", + "providerName": "Microsoft.Security" }, { - "description": "Gets a network interface definition. ", - "displayName": "Get Network Interface", - "name": "Microsoft.Network/networkInterfaces/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Deletes a network interface", - "displayName": "Delete Network Interface", - "name": "Microsoft.Network/networkInterfaces/delete", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" + "description": "Deletes the automation for the scope", + "displayName": "Delete automation", + "name": "Microsoft.Security/automations/delete", + "providerDisplayName": "Microsoft Security", + "providerName": "Microsoft.Security" }, { - "description": "Joins a Virtual Machine to a network interface. Not Alertable.", - "displayName": "Join Virtual Machine to a network interface.", - "name": "Microsoft.Network/networkInterfaces/join/action", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" + "description": "Creates or updates the automation for the scope", + "displayName": "Update automation", + "name": "Microsoft.Security/automations/write", + "providerDisplayName": "Microsoft Security", + "providerName": "Microsoft.Security" }, { - "description": "Get Network Security Groups configured On Network Interface Of The Vm", - "displayName": "Get Network Interface Effective Security Groups", - "name": "Microsoft.Network/networkInterfaces/effectiveNetworkSecurityGroups/action", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" + "description": "Registers the subscription for Azure Security Center", + "displayName": "Register Subscription", + "name": "Microsoft.Security/register/action", + "providerDisplayName": "Microsoft Security", + "providerName": "Microsoft.Security" }, { - "description": "Get Route Table configured On Network Interface Of The Vm", - "displayName": "Get Network Interface Effective Route Table", - "name": "Microsoft.Network/networkInterfaces/effectiveRouteTable/action", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Resources/subscriptions/resourcegroups/read", - "Microsoft.Resources/deployments/read", - "Microsoft.Resources/deployments/write", - "Microsoft.Resources/deployments/delete", - "Microsoft.Resources/deployments/operations/read", - "Microsoft.Resources/deployments/operationstatuses/read", - "Microsoft.Network/locations/operations/read", - "Microsoft.Network/locations/operationResults/read", - "Microsoft.Network/locations/usages/read", - "Microsoft.Network/networkInterfaces/write", - "Microsoft.Network/networkInterfaces/read", - "Microsoft.Network/networkInterfaces/delete", - "Microsoft.Network/networkInterfaces/join/action", - "Microsoft.Network/networkInterfaces/effectiveNetworkSecurityGroups/action", - "Microsoft.Network/networkInterfaces/effectiveRouteTable/action" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Read, download the reports objects and related other resource objects.", - "hasExternal": true, - "hasUnknown": false, - "name": "App Compliance Automation Reader", - "permittedActions": [ + "description": "Unregisters the subscription from Azure Security Center", + "displayName": "Unregister Subscription", + "name": "Microsoft.Security/unregister/action", + "providerDisplayName": "Microsoft Security", + "providerName": "Microsoft.Security" + }, { "description": "Read Domain Services", "displayName": "Read Domain Service", @@ -1053160,6 +1055925,153 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Get the list of Namespace Resource Description", "displayName": "Get Namespace Resource", @@ -1083629,6 +1086541,33 @@ "rawPermissions": [ { "actions": [ + "Microsoft.AppComplianceAutomation/*", + "Microsoft.Storage/storageAccounts/blobServices/write", + "Microsoft.Storage/storageAccounts/fileservices/write", + "Microsoft.Storage/storageAccounts/listKeys/action", + "Microsoft.Storage/storageAccounts/write", + "Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action", + "Microsoft.Storage/storageAccounts/read", + "Microsoft.Storage/storageAccounts/blobServices/containers/read", + "Microsoft.Storage/storageAccounts/blobServices/containers/write", + "Microsoft.Storage/storageAccounts/blobServices/read", + "Microsoft.PolicyInsights/policyStates/queryResults/action", + "Microsoft.PolicyInsights/policyStates/triggerEvaluation/action", + "Microsoft.Resources/resources/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Resources/subscriptions/resourceGroups/resources/read", + "Microsoft.Resources/subscriptions/resources/read", + "Microsoft.Resources/subscriptions/resourceGroups/delete", + "Microsoft.Resources/subscriptions/resourceGroups/write", + "Microsoft.Resources/tags/read", + "Microsoft.Resources/deployments/validate/action", + "Microsoft.Security/automations/read", + "Microsoft.Resources/deployments/write", + "Microsoft.Security/automations/delete", + "Microsoft.Security/automations/write", + "Microsoft.Security/register/action", + "Microsoft.Security/unregister/action", "*/read" ], "condition": null, @@ -1083640,410 +1086579,11 @@ ] }, { - "description": "Create, read, download, modify and delete reports objects and related other resource objects.", + "description": "Read, download the reports objects and related other resource objects.", "hasExternal": true, "hasUnknown": false, - "name": "App Compliance Automation Administrator", + "name": "App Compliance Automation Reader", "permittedActions": [ - { - "description": "Onboard given subscriptions to Microsoft.AppComplianceAutomation provider.", - "displayName": "ProviderActions_Onboard", - "name": "Microsoft.AppComplianceAutomation/onboard/action", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Trigger quick evaluation for the given subscriptions.", - "displayName": "ProviderActions_TriggerEvaluation", - "name": "Microsoft.AppComplianceAutomation/triggerEvaluation/action", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "List the storage accounts which are in use by related reports", - "displayName": "ProviderActions_ListInUseStorageAccounts", - "name": "Microsoft.AppComplianceAutomation/listInUseStorageAccounts/action", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "action checkNameAvailability", - "displayName": "action_checkNameAvailability", - "name": "Microsoft.AppComplianceAutomation/checkNameAvailability/action", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Get the count of reports.", - "displayName": "ProviderActions_GetCollectionCount", - "name": "Microsoft.AppComplianceAutomation/getCollectionCount/action", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Get the resource overview status.", - "displayName": "ProviderActions_GetOverviewStatus", - "name": "Microsoft.AppComplianceAutomation/getOverviewStatus/action", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Register the subscription for Microsoft.AppComplianceAutomation", - "displayName": "Register the Microsoft.AppComplianceAutomation", - "name": "Microsoft.AppComplianceAutomation/register/action", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Unregister the subscription for Microsoft.AppComplianceAutomation", - "displayName": "Unregister the Microsoft.AppComplianceAutomation", - "name": "Microsoft.AppComplianceAutomation/unregister/action", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "read operations", - "displayName": "read_operations", - "name": "Microsoft.AppComplianceAutomation/operations/read", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "read operationStatuses", - "displayName": "read_operationStatuses", - "name": "Microsoft.AppComplianceAutomation/locations/operationStatuses/read", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "write operationStatuses", - "displayName": "write_operationStatuses", - "name": "Microsoft.AppComplianceAutomation/locations/operationStatuses/write", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Get the AppComplianceAutomation report list for the tenant.", - "displayName": "Reports_List", - "name": "Microsoft.AppComplianceAutomation/reports/read", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Create a new AppComplianceAutomation report or update an exiting AppComplianceAutomation report.", - "displayName": "Reports_CreateOrUpdate", - "name": "Microsoft.AppComplianceAutomation/reports/write", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Delete an AppComplianceAutomation report.", - "displayName": "Reports_Delete", - "name": "Microsoft.AppComplianceAutomation/reports/delete", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Checks the report's nested resource name availability, e.g: Webhooks, Evidences, Snapshots.", - "displayName": "Reports_NestedResourceCheckNameAvailability", - "name": "Microsoft.AppComplianceAutomation/reports/checkNameAvailability/action", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Fix the AppComplianceAutomation report error. e.g: App Compliance Automation Tool service unregistered, automation removed.", - "displayName": "Reports_Fix", - "name": "Microsoft.AppComplianceAutomation/reports/fix/action", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Fix the AppComplianceAutomation report error. e.g: App Compliance Automation Tool service unregistered, automation removed.", - "displayName": "GetScopingQuestions", - "name": "Microsoft.AppComplianceAutomation/reports/getScopingQuestions/action", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Synchronize attestation record from app compliance.", - "displayName": "Reports_SyncCertRecord", - "name": "Microsoft.AppComplianceAutomation/reports/syncCertRecord/action", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Verify the AppComplianceAutomation report health status.", - "displayName": "Report_Verify", - "name": "Microsoft.AppComplianceAutomation/reports/verify/action", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Get the AppComplianceAutomation snapshot list.", - "displayName": "Snapshots_List", - "name": "Microsoft.AppComplianceAutomation/reports/snapshots/read", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Download compliance needs from snapshot, like: Compliance Report, Resource List.", - "displayName": "Snapshots_Download", - "name": "Microsoft.AppComplianceAutomation/reports/snapshots/download/action", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Get the AppComplianceAutomation webhook list.", - "displayName": "Webhooks_List", - "name": "Microsoft.AppComplianceAutomation/reports/webhooks/read", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Create a new AppComplianceAutomation webhook or update an exiting AppComplianceAutomation webhook.", - "displayName": "Webhooks_CreateOrUpdate", - "name": "Microsoft.AppComplianceAutomation/reports/webhooks/write", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Delete an AppComplianceAutomation webhook.", - "displayName": "Webhooks_Delete", - "name": "Microsoft.AppComplianceAutomation/reports/webhooks/delete", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Returns a paginated list of evidences for a specified report.", - "displayName": "Evidences_ListByReport", - "name": "Microsoft.AppComplianceAutomation/reports/evidences/read", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Create or Update an evidence a specified report", - "displayName": "Evidences_CreateOrUpdate", - "name": "Microsoft.AppComplianceAutomation/reports/evidences/write", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Delete an existent evidence from a specified report", - "displayName": "Evidences_Delete", - "name": "Microsoft.AppComplianceAutomation/reports/evidences/delete", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Download evidence file.", - "displayName": "Evidences_Download", - "name": "Microsoft.AppComplianceAutomation/reports/evidences/download/action", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Returns a list format of the singleton scopingConfiguration for a specified report.", - "displayName": "ScopingConfigurations_List", - "name": "Microsoft.AppComplianceAutomation/reports/scopingConfigurations/read", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Get the AppComplianceAutomation scoping configuration of the specific report.", - "displayName": "ScopingConfiguration_CreateOrUpdate", - "name": "Microsoft.AppComplianceAutomation/reports/scopingConfigurations/write", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Clean the AppComplianceAutomation scoping configuration of the specific report.", - "displayName": "ScopingConfiguration_Delete", - "name": "Microsoft.AppComplianceAutomation/reports/scopingConfigurations/delete", - "providerDisplayName": "Microsoft.AppComplianceAutomation", - "providerName": "Microsoft.AppComplianceAutomation" - }, - { - "description": "Returns the result of put blob service properties", - "displayName": "Put blob service properties", - "name": "Microsoft.Storage/storageAccounts/blobServices/write", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Put file service properties", - "displayName": "Put File Service Properties", - "name": "Microsoft.Storage/storageAccounts/fileServices/write", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Returns the access keys for the specified storage account.", - "displayName": "List Storage Account Keys", - "name": "Microsoft.Storage/storageAccounts/listkeys/action", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Creates a storage account with the specified parameters or update the properties or tags or adds custom domain for the specified storage account.", - "displayName": "Create/Update Storage Account", - "name": "Microsoft.Storage/storageAccounts/write", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Returns a user delegation key for the blob service", - "displayName": "Generate a user delegation key", - "name": "Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Returns the list of storage accounts or gets the properties for the specified storage account.", - "displayName": "List/Get Storage Account(s)", - "name": "Microsoft.Storage/storageAccounts/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Returns a container", - "displayName": "Get blob container", - "name": "Microsoft.Storage/storageAccounts/blobServices/containers/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Returns the result of patch blob container", - "displayName": "Patch blob container", - "name": "Microsoft.Storage/storageAccounts/blobServices/containers/write", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "List blob services", - "displayName": "List Blob Services", - "name": "Microsoft.Storage/storageAccounts/blobServices/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Query information about policy states.", - "displayName": "Query Policy States", - "name": "Microsoft.PolicyInsights/policyStates/queryResults/action", - "providerDisplayName": "Microsoft Policy Insights", - "providerName": "Microsoft.PolicyInsights" - }, - { - "description": "Triggers a new compliance evaluation for the selected scope.", - "displayName": "Trigger Policy Insights Compliance Evaluation", - "name": "Microsoft.PolicyInsights/policyStates/triggerEvaluation/action", - "providerDisplayName": "Microsoft Policy Insights", - "providerName": "Microsoft.PolicyInsights" - }, - { - "description": "Get the list of resources based upon filters.", - "displayName": "Get Resources", - "name": "Microsoft.Resources/resources/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets the list of subscriptions.", - "displayName": "Get Subscriptions", - "name": "Microsoft.Resources/subscriptions/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets the resources for the resource group.", - "displayName": "Get Resource Group Resources", - "name": "Microsoft.Resources/subscriptions/resourcegroups/resources/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets resources of a subscription.", - "displayName": "Get Subscription Resources", - "name": "Microsoft.Resources/subscriptions/resources/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a resource group and all its resources.", - "displayName": "Delete Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates a resource group.", - "displayName": "Create Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets all the tags on a resource.", - "displayName": "Read tags", - "name": "Microsoft.Resources/tags/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets the automations for the scope", - "displayName": "Get automations", - "name": "Microsoft.Security/automations/read", - "providerDisplayName": "Microsoft Security", - "providerName": "Microsoft.Security" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes the automation for the scope", - "displayName": "Delete automation", - "name": "Microsoft.Security/automations/delete", - "providerDisplayName": "Microsoft Security", - "providerName": "Microsoft.Security" - }, - { - "description": "Creates or updates the automation for the scope", - "displayName": "Update automation", - "name": "Microsoft.Security/automations/write", - "providerDisplayName": "Microsoft Security", - "providerName": "Microsoft.Security" - }, - { - "description": "Registers the subscription for Azure Security Center", - "displayName": "Register Subscription", - "name": "Microsoft.Security/register/action", - "providerDisplayName": "Microsoft Security", - "providerName": "Microsoft.Security" - }, - { - "description": "Unregisters the subscription from Azure Security Center", - "displayName": "Unregister Subscription", - "name": "Microsoft.Security/unregister/action", - "providerDisplayName": "Microsoft Security", - "providerName": "Microsoft.Security" - }, { "description": "Read Domain Services", "displayName": "Read Domain Service", @@ -1102545,6 +1105085,153 @@ "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, { "description": "Get the list of Namespace Resource Description", "displayName": "Get Namespace Resource", @@ -1133014,33 +1135701,6 @@ "rawPermissions": [ { "actions": [ - "Microsoft.AppComplianceAutomation/*", - "Microsoft.Storage/storageAccounts/blobServices/write", - "Microsoft.Storage/storageAccounts/fileservices/write", - "Microsoft.Storage/storageAccounts/listKeys/action", - "Microsoft.Storage/storageAccounts/write", - "Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action", - "Microsoft.Storage/storageAccounts/read", - "Microsoft.Storage/storageAccounts/blobServices/containers/read", - "Microsoft.Storage/storageAccounts/blobServices/containers/write", - "Microsoft.Storage/storageAccounts/blobServices/read", - "Microsoft.PolicyInsights/policyStates/queryResults/action", - "Microsoft.PolicyInsights/policyStates/triggerEvaluation/action", - "Microsoft.Resources/resources/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/subscriptions/resourceGroups/resources/read", - "Microsoft.Resources/subscriptions/resources/read", - "Microsoft.Resources/subscriptions/resourceGroups/delete", - "Microsoft.Resources/subscriptions/resourceGroups/write", - "Microsoft.Resources/tags/read", - "Microsoft.Resources/deployments/validate/action", - "Microsoft.Security/automations/read", - "Microsoft.Resources/deployments/write", - "Microsoft.Security/automations/delete", - "Microsoft.Security/automations/write", - "Microsoft.Security/register/action", - "Microsoft.Security/unregister/action", "*/read" ], "condition": null, @@ -1134084,387 +1136744,10 @@ "Microsoft.AzureSphere/catalogs/listDeviceGroups/action", "Microsoft.AzureSphere/catalogs/listDeviceInsights/action", "Microsoft.AzureSphere/catalogs/listDevices/action", - "Microsoft.AzureSphere/catalogs/listDeployments/action", - "Microsoft.AzureSphere/catalogs/products/countDevices/action", - "Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action", - "Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action", - "Microsoft.Authorization/*/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Insights/DiagnosticSettings/Read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Allows user to read and download Azure Sphere resources and upload images.", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Sphere Publisher", - "permittedActions": [ - { - "description": "read operations", - "displayName": "read_operations", - "name": "Microsoft.AzureSphere/operations/read", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "read operationStatuses", - "displayName": "read_operationStatuses", - "name": "Microsoft.AzureSphere/locations/operationStatuses/read", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "List Catalog resources by subscription ID", - "displayName": "Catalogs_ListBySubscription", - "name": "Microsoft.AzureSphere/catalogs/read", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "Get a Catalog", - "displayName": "Catalogs_Get", - "name": "Microsoft.AzureSphere/catalogs/read", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "List Product resources by Catalog", - "displayName": "Products_ListByCatalog", - "name": "Microsoft.AzureSphere/catalogs/products/read", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "List Certificate resources by Catalog", - "displayName": "Certificates_ListByCatalog", - "name": "Microsoft.AzureSphere/catalogs/certificates/read", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "List Image resources by Catalog", - "displayName": "Images_ListByCatalog", - "name": "Microsoft.AzureSphere/catalogs/images/read", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "List DeviceGroup resources by Product. '.default' and '.unassigned' are system defined values and cannot be used for product name.", - "displayName": "DeviceGroups_ListByProduct", - "name": "Microsoft.AzureSphere/catalogs/products/deviceGroups/read", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "List Device resources by DeviceGroup. '.default' and '.unassigned' are system defined values and cannot be used for product or device group name.", - "displayName": "Devices_ListByDeviceGroup", - "name": "Microsoft.AzureSphere/catalogs/products/deviceGroups/devices/read", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "List Deployment resources by DeviceGroup. '.default' and '.unassigned' are system defined values and cannot be used for product or device group name.", - "displayName": "Deployments_ListByDeviceGroup", - "name": "Microsoft.AzureSphere/catalogs/products/deviceGroups/deployments/read", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "Counts devices in catalog.", - "displayName": "Catalogs_CountDevices", - "name": "Microsoft.AzureSphere/catalogs/countDevices/action", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "List the device groups for the catalog.", - "displayName": "Catalogs_ListDeviceGroups", - "name": "Microsoft.AzureSphere/catalogs/listDeviceGroups/action", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "Lists device insights for catalog.", - "displayName": "Catalogs_ListDeviceInsights", - "name": "Microsoft.AzureSphere/catalogs/listDeviceInsights/action", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "Lists devices for catalog.", - "displayName": "Catalogs_ListDevices", - "name": "Microsoft.AzureSphere/catalogs/listDevices/action", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "Counts devices in product. '.default' and '.unassigned' are system defined values and cannot be used for product name.", - "displayName": "Products_CountDevices", - "name": "Microsoft.AzureSphere/catalogs/products/countDevices/action", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "Counts devices in device group. '.default' and '.unassigned' are system defined values and cannot be used for product or device group name.", - "displayName": "DeviceGroups_CountDevices", - "name": "Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "Gets the proof of possession nonce.", - "displayName": "Certificates_RetrieveProofOfPossessionNonce", - "name": "Microsoft.AzureSphere/catalogs/certificates/retrieveProofOfPossessionNonce/action", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "Retrieves cert chain.", - "displayName": "Certificates_RetrieveCertChain", - "name": "Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "Create a Image", - "displayName": "Images_CreateOrUpdate", - "name": "Microsoft.AzureSphere/catalogs/images/write", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "Creates an image. Use this action when the image ID is unknown.", - "displayName": "Catalogs_UploadImage", - "name": "Microsoft.AzureSphere/catalogs/uploadImage/action", - "providerDisplayName": "Microsoft.AzureSphere", - "providerName": "Microsoft.AzureSphere" - }, - { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Read a resource diagnostic setting", - "displayName": "Read resource diagnostic setting", - "name": "Microsoft.Insights/DiagnosticSettings/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.AzureSphere/*/read", - "Microsoft.AzureSphere/catalogs/countDevices/action", - "Microsoft.AzureSphere/catalogs/listDeviceGroups/action", - "Microsoft.AzureSphere/catalogs/listDeviceInsights/action", - "Microsoft.AzureSphere/catalogs/listDevices/action", + "Microsoft.AzureSphere/catalogs/listDeployments/action", "Microsoft.AzureSphere/catalogs/products/countDevices/action", "Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action", - "Microsoft.AzureSphere/catalogs/certificates/retrieveProofOfPossessionNonce/action", "Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action", - "Microsoft.AzureSphere/catalogs/images/write", - "Microsoft.AzureSphere/catalogs/uploadImage/action", "Microsoft.Authorization/*/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Insights/DiagnosticSettings/Read" @@ -1134478,32 +1136761,373 @@ ] }, { - "description": "Can list workspace connection secrets", + "description": "Allows user to read and download Azure Sphere resources and upload images.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Machine Learning Workspace Connection Secrets Reader", + "name": "Azure Sphere Publisher", "permittedActions": [ { - "description": "Gets the Machine Learning Services connection with secret values", - "displayName": "Gets the Machine Learning Services connection with secret values", - "name": "Microsoft.MachineLearningServices/workspaces/connections/listsecrets/action", - "providerDisplayName": "Machine Learning Services Resource Provider", - "providerName": "Microsoft.MachineLearningServices" + "description": "read operations", + "displayName": "read_operations", + "name": "Microsoft.AzureSphere/operations/read", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" }, { - "description": "Gets secrets in Machine Learning Services Workspace(s)", - "displayName": "Gets secrets in Machine Learning Services Workspace(s)", - "name": "Microsoft.MachineLearningServices/workspaces/metadata/secrets/read", - "providerDisplayName": "Machine Learning Services Resource Provider", - "providerName": "Microsoft.MachineLearningServices" + "description": "read operationStatuses", + "displayName": "read_operationStatuses", + "name": "Microsoft.AzureSphere/locations/operationStatuses/read", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "List Catalog resources by subscription ID", + "displayName": "Catalogs_ListBySubscription", + "name": "Microsoft.AzureSphere/catalogs/read", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "Get a Catalog", + "displayName": "Catalogs_Get", + "name": "Microsoft.AzureSphere/catalogs/read", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "List Product resources by Catalog", + "displayName": "Products_ListByCatalog", + "name": "Microsoft.AzureSphere/catalogs/products/read", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "List Certificate resources by Catalog", + "displayName": "Certificates_ListByCatalog", + "name": "Microsoft.AzureSphere/catalogs/certificates/read", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "List Image resources by Catalog", + "displayName": "Images_ListByCatalog", + "name": "Microsoft.AzureSphere/catalogs/images/read", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "List DeviceGroup resources by Product. '.default' and '.unassigned' are system defined values and cannot be used for product name.", + "displayName": "DeviceGroups_ListByProduct", + "name": "Microsoft.AzureSphere/catalogs/products/deviceGroups/read", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "List Device resources by DeviceGroup. '.default' and '.unassigned' are system defined values and cannot be used for product or device group name.", + "displayName": "Devices_ListByDeviceGroup", + "name": "Microsoft.AzureSphere/catalogs/products/deviceGroups/devices/read", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "List Deployment resources by DeviceGroup. '.default' and '.unassigned' are system defined values and cannot be used for product or device group name.", + "displayName": "Deployments_ListByDeviceGroup", + "name": "Microsoft.AzureSphere/catalogs/products/deviceGroups/deployments/read", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "Counts devices in catalog.", + "displayName": "Catalogs_CountDevices", + "name": "Microsoft.AzureSphere/catalogs/countDevices/action", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "List the device groups for the catalog.", + "displayName": "Catalogs_ListDeviceGroups", + "name": "Microsoft.AzureSphere/catalogs/listDeviceGroups/action", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "Lists device insights for catalog.", + "displayName": "Catalogs_ListDeviceInsights", + "name": "Microsoft.AzureSphere/catalogs/listDeviceInsights/action", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "Lists devices for catalog.", + "displayName": "Catalogs_ListDevices", + "name": "Microsoft.AzureSphere/catalogs/listDevices/action", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "Counts devices in product. '.default' and '.unassigned' are system defined values and cannot be used for product name.", + "displayName": "Products_CountDevices", + "name": "Microsoft.AzureSphere/catalogs/products/countDevices/action", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "Counts devices in device group. '.default' and '.unassigned' are system defined values and cannot be used for product or device group name.", + "displayName": "DeviceGroups_CountDevices", + "name": "Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "Gets the proof of possession nonce.", + "displayName": "Certificates_RetrieveProofOfPossessionNonce", + "name": "Microsoft.AzureSphere/catalogs/certificates/retrieveProofOfPossessionNonce/action", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "Retrieves cert chain.", + "displayName": "Certificates_RetrieveCertChain", + "name": "Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "Create a Image", + "displayName": "Images_CreateOrUpdate", + "name": "Microsoft.AzureSphere/catalogs/images/write", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "Creates an image. Use this action when the image ID is unknown.", + "displayName": "Catalogs_UploadImage", + "name": "Microsoft.AzureSphere/catalogs/uploadImage/action", + "providerDisplayName": "Microsoft.AzureSphere", + "providerName": "Microsoft.AzureSphere" + }, + { + "description": "Reads the administrators for the subscription.", + "displayName": "Get administrator", + "name": "Microsoft.Authorization/classicAdministrators/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role assignment.", + "displayName": "Get role assignment", + "name": "Microsoft.Authorization/roleAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Lists all the permissions the caller has at a given scope.", + "displayName": "List permissions", + "name": "Microsoft.Authorization/permissions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets locks at the specified scope.", + "displayName": "Get management locks", + "name": "Microsoft.Authorization/locks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role definition.", + "displayName": "Get role definition", + "name": "Microsoft.Authorization/roleDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get operations for all resource providers which can be used in role definitions.", + "displayName": "Get operations for resource providers", + "name": "Microsoft.Authorization/providerOperations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy set definition.", + "displayName": "Get policy set definition", + "name": "Microsoft.Authorization/policySetDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy definition.", + "displayName": "Get policy definition", + "name": "Microsoft.Authorization/policyDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy assignment.", + "displayName": "Get policy assignment", + "name": "Microsoft.Authorization/policyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the list of operations", + "displayName": "Get operations", + "name": "Microsoft.Authorization/operations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the administrator opreation statuses of the subscription.", + "displayName": "Get administrator operation statuses", + "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a deny assignment.", + "displayName": "Get deny assignment", + "name": "Microsoft.Authorization/denyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about resource management private link.", + "displayName": "Get Resource Management Private Link", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection proxy.", + "displayName": "Get Private Endpoint Connection Proxy", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private link association.", + "displayName": "Get Private Link Association", + "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy exemption.", + "displayName": "Get policy exemption", + "name": "Microsoft.Authorization/policyExemptions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule requests at given scope.", + "displayName": "Get Role assignment schedule request", + "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule requests at given scope.", + "displayName": "Get Role eligibility schedule request", + "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedules at given scope.", + "displayName": "Get Role assignment schedule", + "name": "Microsoft.Authorization/roleAssignmentSchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedules at given scope.", + "displayName": "Get Role eligibility schedule", + "name": "Microsoft.Authorization/roleEligibilitySchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule instances at given scope.", + "displayName": "Get Role assignment schedule instance", + "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule instances at given scope.", + "displayName": "Get Role eligibility schedule instance", + "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get Role management policies", + "displayName": "Get Role management policy", + "name": "Microsoft.Authorization/roleManagementPolicies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get role management policy assignments", + "displayName": "Get Role management policy assignment", + "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Read the information about diagnostics settings", + "displayName": "Get information about diagnostics settings", + "name": "Microsoft.Authorization/diagnosticSettings/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get the information about diagnostic settings categories", + "displayName": "Read the information about diagnostic settings categories", + "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Read a resource diagnostic setting", + "displayName": "Read resource diagnostic setting", + "name": "Microsoft.Insights/DiagnosticSettings/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.MachineLearningServices/workspaces/connections/listsecrets/action", - "Microsoft.MachineLearningServices/workspaces/metadata/secrets/read" + "Microsoft.AzureSphere/*/read", + "Microsoft.AzureSphere/catalogs/countDevices/action", + "Microsoft.AzureSphere/catalogs/listDeviceGroups/action", + "Microsoft.AzureSphere/catalogs/listDeviceInsights/action", + "Microsoft.AzureSphere/catalogs/listDevices/action", + "Microsoft.AzureSphere/catalogs/products/countDevices/action", + "Microsoft.AzureSphere/catalogs/products/deviceGroups/countDevices/action", + "Microsoft.AzureSphere/catalogs/certificates/retrieveProofOfPossessionNonce/action", + "Microsoft.AzureSphere/catalogs/certificates/retrieveCertChain/action", + "Microsoft.AzureSphere/catalogs/images/write", + "Microsoft.AzureSphere/catalogs/uploadImage/action", + "Microsoft.Authorization/*/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Insights/DiagnosticSettings/Read" ], "condition": null, "conditionVersion": null, @@ -1134700,11 +1137324,47 @@ } ] }, + { + "description": "Can list workspace connection secrets", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Machine Learning Workspace Connection Secrets Reader", + "permittedActions": [ + { + "description": "Gets the Machine Learning Services connection with secret values", + "displayName": "Gets the Machine Learning Services connection with secret values", + "name": "Microsoft.MachineLearningServices/workspaces/connections/listsecrets/action", + "providerDisplayName": "Machine Learning Services Resource Provider", + "providerName": "Microsoft.MachineLearningServices" + }, + { + "description": "Gets secrets in Machine Learning Services Workspace(s)", + "displayName": "Gets secrets in Machine Learning Services Workspace(s)", + "name": "Microsoft.MachineLearningServices/workspaces/metadata/secrets/read", + "providerDisplayName": "Machine Learning Services Resource Provider", + "providerName": "Microsoft.MachineLearningServices" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.MachineLearningServices/workspaces/connections/listsecrets/action", + "Microsoft.MachineLearningServices/workspaces/metadata/secrets/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "This role has been deprecated", "hasExternal": false, "hasUnknown": true, - "name": "Cognitive Search Serverless Data Contributor (Deprecated)", + "name": "Cognitive Search Serverless Data Reader (Deprecated)", "permittedActions": [], "permittedDataActions": [], "rawPermissions": [ @@ -1134713,8 +1137373,8 @@ "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.CognitiveSearch/indexes/schema/*", - "Microsoft.CognitiveSearch/indexes/documents/*" + "Microsoft.CognitiveSearch/indexes/schema/read", + "Microsoft.CognitiveSearch/indexes/documents/read" ], "notActions": [], "notDataActions": [] @@ -1134725,7 +1137385,7 @@ "description": "This role has been deprecated", "hasExternal": false, "hasUnknown": true, - "name": "Cognitive Search Serverless Data Reader (Deprecated)", + "name": "Cognitive Search Serverless Data Contributor (Deprecated)", "permittedActions": [], "permittedDataActions": [], "rawPermissions": [ @@ -1134734,8 +1137394,8 @@ "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.CognitiveSearch/indexes/schema/read", - "Microsoft.CognitiveSearch/indexes/documents/read" + "Microsoft.CognitiveSearch/indexes/schema/*", + "Microsoft.CognitiveSearch/indexes/documents/*" ], "notActions": [], "notDataActions": [] @@ -1137563,10 +1140223,10 @@ ] }, { - "description": "You can create and edit workflows, connections, and settings for a Standard logic app. You can't make changes outside the workflow scope.", + "description": "You have read-only access to all resources in a Standard logic app and workflows, including the workflow runs and their history.", "hasExternal": false, "hasUnknown": false, - "name": "Logic Apps Standard Developer (Preview)", + "name": "Logic Apps Standard Reader (Preview)", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1139933,293 +1142593,6 @@ "name": "Microsoft.Web/freeTrialStaticWebApps/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" - }, - { - "description": "Get the list of Connections.", - "displayName": "Get Connections", - "name": "Microsoft.Web/connections/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Creates or updates a Connection.", - "displayName": "Add or Update Connection", - "name": "Microsoft.Web/connections/Write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Deletes a Connection.", - "displayName": "Delete Connection", - "name": "Microsoft.Web/connections/Delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Moves a Connection.", - "displayName": "Move Connection", - "name": "Microsoft.Web/connections/Move/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Joins a Connection.", - "displayName": "Join Connection", - "name": "Microsoft.Web/connections/Join/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Confirm Connections Consent Code.", - "displayName": "Confirm Connections Consent Code", - "name": "microsoft.web/connections/confirmconsentcode/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List Consent Links for Connections.", - "displayName": "List Consent Links for Connections", - "name": "microsoft.web/connections/listconsentlinks/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Lists API Connections Keys.", - "displayName": "List API Connections Keys", - "name": "microsoft.web/connections/listConnectionKeys/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Revokes API Connections Keys.", - "displayName": "Revokes API Connections Keys", - "name": "microsoft.web/connections/revokeConnectionKeys/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Dynamic Invoke a Connection.", - "displayName": "Dynamic Invoke Connection.", - "name": "microsoft.web/connections/dynamicInvoke/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Gets the available metrics for API Connections", - "displayName": "Read API Connections metric definitions", - "name": "Microsoft.Web/connections/providers/Microsoft.Insights/metricDefinitions/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get the list of Custom API.", - "displayName": "Get Custom API", - "name": "Microsoft.Web/customApis/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Creates or updates a Custom API.", - "displayName": "Add or Update Custom API", - "name": "Microsoft.Web/customApis/Write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Deletes a Custom API.", - "displayName": "Delete Custom API", - "name": "Microsoft.Web/customApis/Delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Moves a Custom API.", - "displayName": "Move Custom API", - "name": "Microsoft.Web/customApis/Move/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Joins a Custom API.", - "displayName": "Join Custom API", - "name": "Microsoft.Web/customApis/Join/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Extracts API definition from a WSDL.", - "displayName": "Extract API definition from WSDL", - "name": "Microsoft.Web/customApis/extractApiDefinitionFromWsdl/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Lists WSDL interfaces for a Custom API.", - "displayName": "List Custom API WSDL interfaces", - "name": "Microsoft.Web/customApis/listWsdlInterfaces/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List Web App's security sensitive settings, such as publishing credentials, app settings and connection strings", - "displayName": "List Web App Security Sensitive Settings", - "name": "Microsoft.Web/sites/config/list/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Update Web App's configuration settings", - "displayName": "Update Web App Configuration", - "name": "Microsoft.Web/sites/config/Write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps App Setting", - "displayName": "Delete Web Apps App Setting", - "name": "microsoft.web/sites/config/web/appsettings/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Create or Update Web App Single App setting", - "displayName": "Create or Update Web App Single App setting", - "name": "microsoft.web/sites/config/web/appsettings/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Create the artifacts in a Logic App.", - "displayName": "Create the artifacts in a Logic App", - "name": "microsoft.web/sites/deployWorkflowArtifacts/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Function App's master key for admin operations", - "displayName": "Get Function App master key", - "name": "Microsoft.Web/sites/hostruntime/host/_master/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Perform Function App runtime action like sync triggers, add functions, invoke functions, delete functions etc.", - "displayName": "Perform Function App runtime action", - "name": "Microsoft.Web/sites/hostruntime/host/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web Apps Hostruntime Functions Keys.", - "displayName": "Get Web Apps Hostruntime Functions Keys", - "name": "microsoft.web/sites/hostruntime/functions/keys/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web Apps Hostruntime Host.", - "displayName": "Get Web Apps Hostruntime Host", - "name": "microsoft.web/sites/hostruntime/host/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List Web Apps Hostruntime Workflow Triggers.", - "displayName": "List Web Apps Hostruntime Workflow Triggers", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web Apps Hostruntime Workflow Trigger Uri.", - "displayName": "Get Web Apps Hostruntime Workflow Trigger Uri", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Run Web Apps Hostruntime Workflow Trigger.", - "displayName": "Run Web Apps Hostruntime Workflow Trigger", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/run/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List Web Apps Hostruntime Workflow Runs.", - "displayName": "List Web Apps Hostruntime Workflow Runs", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/runs/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List logic app's connections by its ID in a Logic App.", - "displayName": "List logic app's connections by its ID in a Logic App", - "name": "microsoft.web/sites/listworkflowsconnections/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Publish a Web App", - "displayName": "Publish Web App", - "name": "Microsoft.Web/sites/publish/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Create or Update Web App Slot's Single App setting", - "displayName": "Create or Update Web App Slot's Single App setting", - "name": "microsoft.web/sites/slots/config/appsettings/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List Web App Slot's security sensitive settings, such as publishing credentials, app settings and connection strings", - "displayName": "List Web App Slot Security Sensitive Settings", - "name": "Microsoft.Web/sites/slots/config/list/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web App Slot's App Setting", - "displayName": "Delete Web App Slot's App Setting", - "name": "microsoft.web/sites/slots/config/web/appsettings/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Create the artifacts in a deployment slot in a Logic App.", - "displayName": "Create the artifacts in a deployment slot in a Logic App", - "name": "microsoft.web/sites/slots/deployWorkflowArtifacts/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List logic app's connections by its ID in a deployment slot in a Logic App.", - "displayName": "List logic app's connections by its ID in a deployment slot in a Logic App", - "name": "microsoft.web/sites/slots/listworkflowsconnections/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Publish a Web App Slot", - "displayName": "Publish Web App Slot", - "name": "Microsoft.Web/sites/slots/publish/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List the workflows in a Logic App.", - "displayName": "List the workflows in a Logic App", - "name": "microsoft.web/sites/workflows/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get logic app's configuration information by its ID in a Logic App.", - "displayName": "Get logic app's configuration information by its ID in a Logic App", - "name": "microsoft.web/sites/workflowsconfiguration/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" } ], "permittedDataActions": [], @@ -1140232,25 +1142605,7 @@ "Microsoft.Resources/subscriptions/operationresults/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Support/*", - "Microsoft.Web/*/read", - "Microsoft.Web/connections/*", - "Microsoft.Web/customApis/*", - "Microsoft.Web/sites/config/list/Action", - "microsoft.web/sites/config/Write", - "microsoft.web/sites/config/web/appsettings/delete", - "microsoft.web/sites/config/web/appsettings/write", - "microsoft.web/sites/deployWorkflowArtifacts/action", - "microsoft.web/sites/hostruntime/*", - "microsoft.web/sites/listworkflowsconnections/action", - "Microsoft.Web/sites/publish/Action", - "microsoft.web/sites/slots/config/appsettings/write", - "Microsoft.Web/sites/slots/config/list/Action", - "microsoft.web/sites/slots/config/web/appsettings/delete", - "microsoft.web/sites/slots/deployWorkflowArtifacts/action", - "microsoft.web/sites/slots/listworkflowsconnections/action", - "Microsoft.Web/sites/slots/publish/Action", - "microsoft.web/sites/workflows/*", - "microsoft.web/sites/workflowsconfiguration/*" + "Microsoft.Web/*/read" ], "condition": null, "conditionVersion": null, @@ -1140261,10 +1142616,10 @@ ] }, { - "description": "You can manage all aspects of a Standard logic app and workflows. You can't change access or ownership.", + "description": "You can create and edit workflows, connections, and settings for a Standard logic app. You can't make changes outside the workflow scope.", "hasExternal": false, "hasUnknown": false, - "name": "Logic Apps Standard Contributor (Preview)", + "name": "Logic Apps Standard Developer (Preview)", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1142632,83 +1144987,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Get the list of certificates.", - "displayName": "Get Certificates", - "name": "Microsoft.Web/certificates/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Add a new certificate or update an existing one.", - "displayName": "Add or Update Certificate", - "name": "Microsoft.Web/certificates/Write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete an existing certificate.", - "displayName": "Delete Certificate", - "name": "Microsoft.Web/certificates/Delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Certificates Operation Results.", - "displayName": "Get Certificates Operation Results", - "name": "microsoft.web/certificates/operationresults/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get the list of Connection Gateways.", - "displayName": "Get Connection Gateways", - "name": "Microsoft.Web/connectionGateways/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Creates or updates a Connection Gateway.", - "displayName": "Add or Update Connection Gateways", - "name": "Microsoft.Web/connectionGateways/Write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Deletes a Connection Gateway.", - "displayName": "Delete Connection Gateway", - "name": "Microsoft.Web/connectionGateways/Delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Moves a Connection Gateway.", - "displayName": "Move Connection Gateway", - "name": "Microsoft.Web/connectionGateways/Move/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Joins a Connection Gateway.", - "displayName": "Join Connection Gateway", - "name": "Microsoft.Web/connectionGateways/Join/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Associates with a Connection Gateway.", - "displayName": "Associate with Connection Gateway", - "name": "Microsoft.Web/connectionGateways/Associate/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Lists status of a Connection Gateway.", - "displayName": "List Connection Gateway Status", - "name": "Microsoft.Web/connectionGateways/ListStatus/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get the list of Connections.", "displayName": "Get Connections", @@ -1142836,856 +1145114,964 @@ "providerName": "microsoft.web" }, { - "description": "Get the properties on an App Service Plan", - "displayName": "Get App Service Plan", - "name": "Microsoft.Web/serverfarms/Read", + "description": "List Web App's security sensitive settings, such as publishing credentials, app settings and connection strings", + "displayName": "List Web App Security Sensitive Settings", + "name": "Microsoft.Web/sites/config/list/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Create a new App Service Plan or update an existing one", - "displayName": "Create or Update App Service Plan", - "name": "Microsoft.Web/serverfarms/Write", + "description": "Update Web App's configuration settings", + "displayName": "Update Web App Configuration", + "name": "Microsoft.Web/sites/config/Write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete an existing App Service Plan", - "displayName": "Delete App Service Plan", - "name": "Microsoft.Web/serverfarms/Delete", + "description": "Delete Web Apps App Setting", + "displayName": "Delete Web Apps App Setting", + "name": "microsoft.web/sites/config/web/appsettings/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Joins an App Service Plan", - "displayName": "Join App Service Plan", - "name": "Microsoft.Web/serverfarms/Join/Action", + "description": "Create or Update Web App Single App setting", + "displayName": "Create or Update Web App Single App setting", + "name": "microsoft.web/sites/config/web/appsettings/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Restart all Web Apps in an App Service Plan", - "displayName": "Restart Web Apps", - "name": "Microsoft.Web/serverfarms/restartSites/Action", + "description": "Create the artifacts in a Logic App.", + "displayName": "Create the artifacts in a Logic App", + "name": "microsoft.web/sites/deployWorkflowArtifacts/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Capabilities.", - "displayName": "Get App Service Plans Capabilities", - "name": "microsoft.web/serverfarms/capabilities/read", + "description": "Get Function App's master key for admin operations", + "displayName": "Get Function App master key", + "name": "Microsoft.Web/sites/hostruntime/host/_master/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete App Service Plans First Party Apps Settings.", - "displayName": "Delete App Service Plans First Party Apps Settings", - "name": "microsoft.web/serverfarms/firstpartyapps/settings/delete", + "description": "Perform Function App runtime action like sync triggers, add functions, invoke functions, delete functions etc.", + "displayName": "Perform Function App runtime action", + "name": "Microsoft.Web/sites/hostruntime/host/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans First Party Apps Settings.", - "displayName": "Get App Service Plans First Party Apps Settings", - "name": "microsoft.web/serverfarms/firstpartyapps/settings/read", + "description": "Get Web Apps Hostruntime Functions Keys.", + "displayName": "Get Web Apps Hostruntime Functions Keys", + "name": "microsoft.web/sites/hostruntime/functions/keys/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update App Service Plans First Party Apps Settings.", - "displayName": "Update App Service Plans First Party Apps Settings", - "name": "microsoft.web/serverfarms/firstpartyapps/settings/write", + "description": "Get Web Apps Hostruntime Host.", + "displayName": "Get Web Apps Hostruntime Host", + "name": "microsoft.web/sites/hostruntime/host/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Hybrid Connection Namespaces Relays Web Apps.", - "displayName": "Get App Service Plans Hybrid Connection Namespaces Relays Web Apps", - "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/sites/read", + "description": "List Web Apps Hostruntime Workflow Triggers.", + "displayName": "List Web Apps Hostruntime Workflow Triggers", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Hybrid Connection Plan Limits.", - "displayName": "Get App Service Plans Hybrid Connection Plan Limits", - "name": "microsoft.web/serverfarms/hybridconnectionplanlimits/read", + "description": "Get Web Apps Hostruntime Workflow Trigger Uri.", + "displayName": "Get Web Apps Hostruntime Workflow Trigger Uri", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Hybrid Connection Relays.", - "displayName": "Get App Service Plans Hybrid Connection Relays", - "name": "microsoft.web/serverfarms/hybridconnectionrelays/read", + "description": "Run Web Apps Hostruntime Workflow Trigger.", + "displayName": "Run Web Apps Hostruntime Workflow Trigger", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/run/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Metric Definitions.", - "displayName": "Get App Service Plans Metric Definitions", - "name": "microsoft.web/serverfarms/metricdefinitions/read", + "description": "List Web Apps Hostruntime Workflow Runs.", + "displayName": "List Web Apps Hostruntime Workflow Runs", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/runs/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Metrics.", - "displayName": "Get App Service Plans Metrics", - "name": "microsoft.web/serverfarms/metrics/read", + "description": "List logic app's connections by its ID in a Logic App.", + "displayName": "List logic app's connections by its ID in a Logic App", + "name": "microsoft.web/sites/listworkflowsconnections/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Operation Results.", - "displayName": "Get App Service Plans Operation Results", - "name": "microsoft.web/serverfarms/operationresults/read", + "description": "Publish a Web App", + "displayName": "Publish Web App", + "name": "Microsoft.Web/sites/publish/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Web Apps.", - "displayName": "Get App Service Plans Web Apps", - "name": "microsoft.web/serverfarms/sites/read", + "description": "Create or Update Web App Slot's Single App setting", + "displayName": "Create or Update Web App Slot's Single App setting", + "name": "microsoft.web/sites/slots/config/appsettings/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans SKUs.", - "displayName": "Get App Service Plans SKUs", - "name": "microsoft.web/serverfarms/skus/read", + "description": "List Web App Slot's security sensitive settings, such as publishing credentials, app settings and connection strings", + "displayName": "List Web App Slot Security Sensitive Settings", + "name": "Microsoft.Web/sites/slots/config/list/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Usages.", - "displayName": "Get App Service Plans Usages", - "name": "microsoft.web/serverfarms/usages/read", + "description": "Delete Web App Slot's App Setting", + "displayName": "Delete Web App Slot's App Setting", + "name": "microsoft.web/sites/slots/config/web/appsettings/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update App Service Plans Virtual Network Connections Gateways.", - "displayName": "Update App Service Plans Virtual Network Connections Gateways", - "name": "microsoft.web/serverfarms/virtualnetworkconnections/gateways/write", + "description": "Create the artifacts in a deployment slot in a Logic App.", + "displayName": "Create the artifacts in a deployment slot in a Logic App", + "name": "microsoft.web/sites/slots/deployWorkflowArtifacts/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Virtual Network Connections.", - "displayName": "Get App Service Plans Virtual Network Connections", - "name": "microsoft.web/serverfarms/virtualnetworkconnections/read", + "description": "List logic app's connections by its ID in a deployment slot in a Logic App.", + "displayName": "List logic app's connections by its ID in a deployment slot in a Logic App", + "name": "microsoft.web/sites/slots/listworkflowsconnections/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete App Service Plans Virtual Network Connections Routes.", - "displayName": "Delete App Service Plans Virtual Network Connections Routes", - "name": "microsoft.web/serverfarms/virtualnetworkconnections/routes/delete", + "description": "Publish a Web App Slot", + "displayName": "Publish Web App Slot", + "name": "Microsoft.Web/sites/slots/publish/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Virtual Network Connections Routes.", - "displayName": "Get App Service Plans Virtual Network Connections Routes", - "name": "microsoft.web/serverfarms/virtualnetworkconnections/routes/read", + "description": "List the workflows in a Logic App.", + "displayName": "List the workflows in a Logic App", + "name": "microsoft.web/sites/workflows/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get logic app's configuration information by its ID in a Logic App.", + "displayName": "Get logic app's configuration information by its ID in a Logic App", + "name": "microsoft.web/sites/workflowsconfiguration/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/operations/read", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Support/*", + "Microsoft.Web/*/read", + "Microsoft.Web/connections/*", + "Microsoft.Web/customApis/*", + "Microsoft.Web/sites/config/list/Action", + "microsoft.web/sites/config/Write", + "microsoft.web/sites/config/web/appsettings/delete", + "microsoft.web/sites/config/web/appsettings/write", + "microsoft.web/sites/deployWorkflowArtifacts/action", + "microsoft.web/sites/hostruntime/*", + "microsoft.web/sites/listworkflowsconnections/action", + "Microsoft.Web/sites/publish/Action", + "microsoft.web/sites/slots/config/appsettings/write", + "Microsoft.Web/sites/slots/config/list/Action", + "microsoft.web/sites/slots/config/web/appsettings/delete", + "microsoft.web/sites/slots/deployWorkflowArtifacts/action", + "microsoft.web/sites/slots/listworkflowsconnections/action", + "Microsoft.Web/sites/slots/publish/Action", + "microsoft.web/sites/workflows/*", + "microsoft.web/sites/workflowsconfiguration/*" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "You can manage all aspects of a Standard logic app and workflows. You can't change access or ownership.", + "hasExternal": false, + "hasUnknown": false, + "name": "Logic Apps Standard Contributor (Preview)", + "permittedActions": [ + { + "description": "Reads the administrators for the subscription.", + "displayName": "Get administrator", + "name": "Microsoft.Authorization/classicAdministrators/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role assignment.", + "displayName": "Get role assignment", + "name": "Microsoft.Authorization/roleAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Lists all the permissions the caller has at a given scope.", + "displayName": "List permissions", + "name": "Microsoft.Authorization/permissions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets locks at the specified scope.", + "displayName": "Get management locks", + "name": "Microsoft.Authorization/locks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role definition.", + "displayName": "Get role definition", + "name": "Microsoft.Authorization/roleDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get operations for all resource providers which can be used in role definitions.", + "displayName": "Get operations for resource providers", + "name": "Microsoft.Authorization/providerOperations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy set definition.", + "displayName": "Get policy set definition", + "name": "Microsoft.Authorization/policySetDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy definition.", + "displayName": "Get policy definition", + "name": "Microsoft.Authorization/policyDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Update App Service Plans Virtual Network Connections Routes.", - "displayName": "Update App Service Plans Virtual Network Connections Routes", - "name": "microsoft.web/serverfarms/virtualnetworkconnections/routes/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about a policy assignment.", + "displayName": "Get policy assignment", + "name": "Microsoft.Authorization/policyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Reboot App Service Plans Workers.", - "displayName": "Reboot App Service Plans Workers", - "name": "microsoft.web/serverfarms/workers/reboot/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the list of operations", + "displayName": "Get operations", + "name": "Microsoft.Authorization/operations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Get App Service Plans Hybrid Connection Namespaces Relays.", - "displayName": "Get App Service Plans Hybrid Connection Namespaces Relays", - "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the administrator opreation statuses of the subscription.", + "displayName": "Get administrator operation statuses", + "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Delete App Service Plans Hybrid Connection Namespaces Relays.", - "displayName": "Delete App Service Plans Hybrid Connection Namespaces Relays", - "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about a deny assignment.", + "displayName": "Get deny assignment", + "name": "Microsoft.Authorization/denyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Gets the diagnostic setting for the resource", - "displayName": "Read diagnostic setting", - "name": "microsoft.web/serverfarms/providers/Microsoft.Insights/diagnosticSettings/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about resource management private link.", + "displayName": "Get Resource Management Private Link", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Creates or updates the diagnostic setting for the resource", - "displayName": "Write diagnostic setting", - "name": "microsoft.web/serverfarms/providers/Microsoft.Insights/diagnosticSettings/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about private endpoint connection proxy.", + "displayName": "Get Private Endpoint Connection Proxy", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Gets the available metrics for App Service Plan", - "displayName": "Read App Service Plan metric definitions", - "name": "Microsoft.Web/serverfarms/providers/Microsoft.Insights/metricDefinitions/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about private endpoint connection.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Delete Event Grid Filter on server farm.", - "displayName": "Delete Event Grid Filter on server farm", - "name": "Microsoft.Web/serverfarms/eventGridFilters/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about private link association.", + "displayName": "Get Private Link Association", + "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Get Event Grid Filter on server farm.", - "displayName": "Get Event Grid Filter on server farm", - "name": "Microsoft.Web/serverfarms/eventGridFilters/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get information about a policy exemption.", + "displayName": "Get policy exemption", + "name": "Microsoft.Authorization/policyExemptions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Put Event Grid Filter on server farm.", - "displayName": "Put Event Grid Filter on server farm", - "name": "Microsoft.Web/serverfarms/eventGridFilters/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the role assignment schedule requests at given scope.", + "displayName": "Get Role assignment schedule request", + "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Get the list of recommendations for App Service Plan.", - "displayName": "Get recommendations for App Service Plan", - "name": "Microsoft.Web/serverfarms/recommendations/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the role eligibility schedule requests at given scope.", + "displayName": "Get Role eligibility schedule request", + "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Get first party Azure Key vault referenced settings for App Service Plan.", - "displayName": "Get App Service Plan Key Vault first party settings", - "name": "microsoft.web/serverfarms/firstpartyapps/keyvaultsettings/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the role assignment schedules at given scope.", + "displayName": "Get Role assignment schedule", + "name": "Microsoft.Authorization/roleAssignmentSchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Create or Update first party Azure Key vault referenced settings for App Service Plan.", - "displayName": "Create or Update App Service Plan Key Vault first party settings", - "name": "microsoft.web/serverfarms/firstpartyapps/keyvaultsettings/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the role eligibility schedules at given scope.", + "displayName": "Get Role eligibility schedule", + "name": "Microsoft.Authorization/roleEligibilitySchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Get the properties of a Web App", - "displayName": "Get Web App", - "name": "Microsoft.Web/sites/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the role assignment schedule instances at given scope.", + "displayName": "Get Role assignment schedule instance", + "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Create a new Web App or update an existing one", - "displayName": "Create or Update Web App", - "name": "Microsoft.Web/sites/Write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the role eligibility schedule instances at given scope.", + "displayName": "Get Role eligibility schedule instance", + "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Delete an existing Web App", - "displayName": "Delete Web App", - "name": "Microsoft.Web/sites/Delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get Role management policies", + "displayName": "Get Role management policy", + "name": "Microsoft.Authorization/roleManagementPolicies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Create a new web app backup", - "displayName": "Create Web App Backup", - "name": "Microsoft.Web/sites/backup/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get role management policy assignments", + "displayName": "Get Role management policy assignment", + "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Get publishing profile xml for a Web App", - "displayName": "Get Web App Publishing Profile", - "name": "Microsoft.Web/sites/publishxml/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Read the information about diagnostics settings", + "displayName": "Get information about diagnostics settings", + "name": "Microsoft.Authorization/diagnosticSettings/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Publish a Web App", - "displayName": "Publish Web App", - "name": "Microsoft.Web/sites/publish/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get the information about diagnostic settings categories", + "displayName": "Read the information about diagnostic settings categories", + "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" }, { - "description": "Restart a Web App", - "displayName": "Restart Web App", - "name": "Microsoft.Web/sites/restart/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Create or update a classic metric alert", + "displayName": "Create or update classic metric alert", + "name": "Microsoft.Insights/AlertRules/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" }, { - "description": "Start a Web App", - "displayName": "Start Web App", - "name": "Microsoft.Web/sites/start/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Delete a classic metric alert", + "displayName": "Delete classic metric alert", + "name": "Microsoft.Insights/AlertRules/Delete", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" }, { - "description": "Start Dev Session for a Web App", - "displayName": "Start Dev Session for a Web App", - "name": "Microsoft.Web/sites/startDevSession/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Read a classic metric alert", + "displayName": "Read classic metric alert", + "name": "Microsoft.Insights/AlertRules/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" }, { - "description": "Stop a Web App", - "displayName": "Stop Web App", - "name": "Microsoft.Web/sites/stop/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Classic metric alert activated", + "displayName": "Classic metric alert activated", + "name": "Microsoft.Insights/AlertRules/Activated/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" }, { - "description": "Swap Web App deployment slots", - "displayName": "Swap Web App Slots", - "name": "Microsoft.Web/sites/slotsswap/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Classic metric alert resolved", + "displayName": "Classic metric alert resolved", + "name": "Microsoft.Insights/AlertRules/Resolved/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" }, { - "description": "Get differences in configuration between web app and slots", - "displayName": "Get Web App Slots Differences", - "name": "Microsoft.Web/sites/slotsdiffs/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Classic metric alert rule throttled", + "displayName": "Classic metric alert rule throttled", + "name": "Microsoft.Insights/AlertRules/Throttled/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" }, { - "description": "Apply web app slot configuration from target slot to the current web app", - "displayName": "Apply Web App Configuration", - "name": "Microsoft.Web/sites/applySlotConfig/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Read a classic metric alert incident", + "displayName": "Read classic metric alert incidents", + "name": "Microsoft.Insights/AlertRules/Incidents/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" }, { - "description": "Reset web app configuration", - "displayName": "Reset Web App Configuration", - "name": "Microsoft.Web/sites/resetSlotConfig/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Approve Private Endpoint Connections", - "displayName": "Approve Private Endpoint Connections", - "name": "Microsoft.Web/sites/PrivateEndpointConnectionsApproval/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Get the subscription operation results.", + "displayName": "Get Subscription Operation Results", + "name": "Microsoft.Resources/subscriptions/operationresults/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Create the artifacts in a Logic App.", - "displayName": "Create the artifacts in a Logic App", - "name": "microsoft.web/sites/deployWorkflowArtifacts/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "List logic app's connections by its ID in a Logic App.", - "displayName": "List logic app's connections by its ID in a Logic App", - "name": "microsoft.web/sites/listworkflowsconnections/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Registers Support Resource Provider", + "displayName": "Registers Support Resource Provider", + "name": "Microsoft.Support/register/action", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Functions Web Apps.", - "displayName": "Functions Web Apps", - "name": "microsoft.web/sites/functions/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Looks up resource Id for resource type", + "displayName": "Look Up Resource Id", + "name": "Microsoft.Support/lookUpResourceId/action", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "List Sync Function Trigger Status.", - "displayName": "List Web Apps Sync Function Trigger Status", - "name": "microsoft.web/sites/listsyncfunctiontriggerstatus/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Checks that name is valid and not in use for resource type", + "displayName": "Check Name Availability", + "name": "Microsoft.Support/checkNameAvailability/action", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Network Trace Web Apps.", - "displayName": "Network Trace Web Apps", - "name": "microsoft.web/sites/networktrace/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Lists one or all support tickets", + "displayName": "Reads Support Ticket", + "name": "Microsoft.Support/supportTickets/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Newpassword Web Apps.", - "displayName": "Newpassword Web Apps", - "name": "microsoft.web/sites/newpassword/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Allows creating and updating a support ticket", + "displayName": "Writes Support Ticket", + "name": "Microsoft.Support/supportTickets/write", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Sync Web Apps.", - "displayName": "Sync Web Apps", - "name": "microsoft.web/sites/sync/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Lists one or all Azure services available for support", + "displayName": "Reads Services", + "name": "Microsoft.Support/services/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Migrate MySql Web Apps.", - "displayName": "Migrate MySql Web Apps", - "name": "microsoft.web/sites/migratemysql/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Lists one or all problem classifications for an Azure service", + "displayName": "Reads Problem Classifications", + "name": "Microsoft.Support/services/problemClassifications/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Recover Web Apps.", - "displayName": "Recover Web Apps", - "name": "microsoft.web/sites/recover/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the result of the asynchronous operation", + "displayName": "Get Operation Result", + "name": "Microsoft.Support/operationresults/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Restore Web Apps Snapshots.", - "displayName": "Restore Web Apps Snapshots", - "name": "microsoft.web/sites/restoresnapshot/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Gets the status of the asynchronous operation", + "displayName": "Get Operation Status", + "name": "Microsoft.Support/operationsstatus/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Restore Web Apps From Deleted App.", - "displayName": "Restore Web Apps From Deleted App", - "name": "microsoft.web/sites/restorefromdeletedapp/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" + "description": "Lists all operations available on Microsoft.Support resource provider", + "displayName": "Lists operations", + "name": "Microsoft.Support/operations/read", + "providerDisplayName": "Microsoft Support", + "providerName": "Microsoft.Support" }, { - "description": "Sync Function Triggers.", - "displayName": "Sync Web Apps Function Triggers", - "name": "microsoft.web/sites/syncfunctiontriggers/action", + "description": "Get the properties of a Web App", + "displayName": "Get Web App", + "name": "Microsoft.Web/sites/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Discovers an existing app backup that can be restored from a blob in Azure storage.", - "displayName": "Discovers an existing app backup", - "name": "microsoft.web/sites/backups/action", + "description": "Get the properties of a Web App deployment slot", + "displayName": "Get Web App Deployment Slot", + "name": "Microsoft.Web/sites/slots/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Zipped Container Logs for Web App.", - "displayName": "Get Zipped Container Logs for Web App", - "name": "microsoft.web/sites/containerlogs/action", + "description": "Get Web App Slot's configuration settings", + "displayName": "Get Web App Slot Configuration", + "name": "Microsoft.Web/sites/slots/config/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Restore Web App From Backup Blob.", - "displayName": "Restore Web App From Backup Blob", - "name": "microsoft.web/sites/restorefrombackupblob/action", + "description": "Get Web App configuration settings", + "displayName": "Get Web App Configuration", + "name": "Microsoft.Web/sites/config/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web App backups.", - "displayName": "List Web App backups", - "name": "microsoft.web/sites/listbackups/action", + "description": "Get Web App's source control configuration settings", + "displayName": "Get Web App Source Control Configuration", + "name": "Microsoft.Web/sites/sourcecontrols/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Copy content from deployment slot.", - "displayName": "Copy content from deployment slot", - "name": "microsoft.web/sites/slotcopy/action", + "description": "Get Web App Slot's source control configuration settings", + "displayName": "Get Web App Slot Source Control Configuration", + "name": "Microsoft.Web/sites/slots/sourcecontrols/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Create a new Web App Slot or update an existing one", - "displayName": "Create or Update Web App Slot", - "name": "Microsoft.Web/sites/slots/Write", + "description": "Get the properties of a web app's backup", + "displayName": "Get Web App Backup", + "name": "Microsoft.Web/sites/backups/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete an existing Web App Slot", - "displayName": "Delete Web App Slot", - "name": "Microsoft.Web/sites/slots/Delete", + "description": "Get the properties of a web app slots' backup", + "displayName": "List Web App Slot Backups", + "name": "Microsoft.Web/sites/slots/backups/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Create new Web App Slot backup.", - "displayName": "Create Web App Slot Backup", - "name": "Microsoft.Web/sites/slots/backup/Action", + "description": "Get the properties on an App Service Plan", + "displayName": "Get App Service Plan", + "name": "Microsoft.Web/serverfarms/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get publishing profile xml for Web App Slot", - "displayName": "Get Web App Slot Publishing Profile", - "name": "Microsoft.Web/sites/slots/publishxml/Action", + "description": "Get the list of certificates.", + "displayName": "Get Certificates", + "name": "Microsoft.Web/certificates/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Publish a Web App Slot", - "displayName": "Publish Web App Slot", - "name": "Microsoft.Web/sites/slots/publish/Action", + "description": "Get the list of Geo regions.", + "displayName": "Get Geo Regions", + "name": "Microsoft.Web/geoRegions/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Restart a Web App Slot", - "displayName": "Restart Web App Slot", - "name": "Microsoft.Web/sites/slots/restart/Action", + "description": "Get names of sites assigned to hostname.", + "displayName": "Get sites assigned to hostname", + "name": "Microsoft.Web/listSitesAssignedToHostName/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Start a Web App Slot", - "displayName": "Start Web App Slot", - "name": "Microsoft.Web/sites/slots/start/Action", + "description": "Get the properties of an App Service Environment", + "displayName": "Get App Service Environment", + "name": "Microsoft.Web/hostingEnvironments/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Start Dev Session for Web App Slot", - "displayName": "Start Dev Session for Web App Slot", - "name": "Microsoft.Web/sites/slots/startDevSession/Action", + "description": "Get the properties of a FrontEnd Pool in an App Service Environment", + "displayName": "Get FrontEnd Pool", + "name": "Microsoft.Web/hostingEnvironments/multiRolePools/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Stop a Web App Slot", - "displayName": "Stop Web App Slot", - "name": "Microsoft.Web/sites/slots/stop/Action", + "description": "Get the properties of a Worker Pool in an App Service Environment", + "displayName": "Get Worker Pool", + "name": "Microsoft.Web/hostingEnvironments/workerPools/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Swap Web App deployment slots", - "displayName": "Swap Web App Slots", - "name": "Microsoft.Web/sites/slots/slotsswap/Action", + "description": "Get the list of Connections.", + "displayName": "Get Connections", + "name": "Microsoft.Web/connections/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get differences in configuration between web app and slots", - "displayName": "Get Web App Slots Differences", - "name": "Microsoft.Web/sites/slots/slotsdiffs/Action", + "description": "Get the list of Custom API.", + "displayName": "Get Custom API", + "name": "Microsoft.Web/customApis/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Apply web app slot configuration from target slot to the current slot.", - "displayName": "Apply Web App Slot Configuration", - "name": "Microsoft.Web/sites/slots/applySlotConfig/Action", + "description": "Get the list of Connection Gateways.", + "displayName": "Get Connection Gateways", + "name": "Microsoft.Web/connectionGateways/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Reset web app slot configuration", - "displayName": "Reset Web App Slot Configuration", - "name": "Microsoft.Web/sites/slots/resetSlotConfig/Action", + "description": "Get the list of recommendations for subscriptions.", + "displayName": "Get recommendations", + "name": "Microsoft.Web/recommendations/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of a Web App deployment slot", - "displayName": "Get Web App Deployment Slot", - "name": "Microsoft.Web/sites/slots/Read", + "description": "Get the list of recommendations for web app.", + "displayName": "Get recommendations for web app", + "name": "Microsoft.Web/sites/recommendations/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Create the artifacts in a deployment slot in a Logic App.", - "displayName": "Create the artifacts in a deployment slot in a Logic App", - "name": "microsoft.web/sites/slots/deployWorkflowArtifacts/action", + "description": "Get Available Stacks.", + "displayName": "Get Available Stacks", + "name": "microsoft.web/availablestacks/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List logic app's connections by its ID in a deployment slot in a Logic App.", - "displayName": "List logic app's connections by its ID in a deployment slot in a Logic App", - "name": "microsoft.web/sites/slots/listworkflowsconnections/action", + "description": "Check if resource name is available.", + "displayName": "Get Check Name Availability", + "name": "microsoft.web/checknameavailability/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Sync Function Trigger Status for deployment slot.", - "displayName": "List Web Apps Sync Function Trigger Status for deployment slot", - "name": "microsoft.web/sites/slots/listsyncfunctiontriggerstatus/action", + "description": "Get Classic Mobile Services.", + "displayName": "Get Classic Mobile Services", + "name": "microsoft.web/classicmobileservices/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Newpassword Web Apps Slots.", - "displayName": "Newpassword Web Apps Slots", - "name": "microsoft.web/sites/slots/newpassword/action", + "description": "Get Deployment Locations.", + "displayName": "Get Deployment Locations", + "name": "microsoft.web/deploymentlocations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Sync Web Apps Slots.", - "displayName": "Sync Web Apps Slots", - "name": "microsoft.web/sites/slots/sync/action", + "description": "Get Hosting Environments Capacities.", + "displayName": "Get Hosting Environments Capacities", + "name": "microsoft.web/hostingenvironments/capacities/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Sync Function Triggers for deployment slot.", - "displayName": "Sync Web Apps Function Triggers for deployment slot", - "name": "microsoft.web/sites/slots/syncfunctiontriggers/action", + "description": "Get Hosting Environments Diagnostics.", + "displayName": "Get Hosting Environments Diagnostics", + "name": "microsoft.web/hostingenvironments/diagnostics/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Network Trace Web Apps Slots.", - "displayName": "Network Trace Web Apps Slots", - "name": "microsoft.web/sites/slots/networktrace/action", + "description": "Get Hosting Environments Metric Definitions.", + "displayName": "Get Hosting Environments Metric Definitions", + "name": "microsoft.web/hostingenvironments/metricdefinitions/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Recover Web Apps Slots.", - "displayName": "Recover Web Apps Slots", - "name": "microsoft.web/sites/slots/recover/action", + "description": "Get Hosting Environments MultiRole Pools Metric Definitions.", + "displayName": "Get Hosting Environments MultiRole Pools Metric Definitions", + "name": "microsoft.web/hostingenvironments/multirolepools/metricdefinitions/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Restore Web Apps Slots Snapshots.", - "displayName": "Restore Web Apps Slots Snapshots", - "name": "microsoft.web/sites/slots/restoresnapshot/action", + "description": "Get Hosting Environments MultiRole Pools Metrics.", + "displayName": "Get Hosting Environments MultiRole Pools Metrics", + "name": "microsoft.web/hostingenvironments/multirolepools/metrics/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Restore Web App Slots From Deleted App.", - "displayName": "Restore Web App Slots From Deleted App", - "name": "microsoft.web/sites/slots/restorefromdeletedapp/action", + "description": "Get Hosting Environments MultiRole Pools SKUs.", + "displayName": "Get Hosting Environments MultiRole Pools SKUs", + "name": "microsoft.web/hostingenvironments/multirolepools/skus/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Discover Web Apps Slots Backups.", - "displayName": "Discover Web Apps Slots Backups", - "name": "microsoft.web/sites/slots/backups/action", + "description": "Get Hosting Environments MultiRole Pools Usages.", + "displayName": "Get Hosting Environments MultiRole Pools Usages", + "name": "microsoft.web/hostingenvironments/multirolepools/usages/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Zipped Container Logs for Web App Slot.", - "displayName": "Get Zipped Container Logs for Web App Slot", - "name": "microsoft.web/sites/slots/containerlogs/action", + "description": "Get Hosting Environments Operations.", + "displayName": "Get Hosting Environments Operations", + "name": "microsoft.web/hostingenvironments/operations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Restore Web Apps Slot From Backup Blob.", - "displayName": "Restore Web Apps Slot From Backup Blob", - "name": "microsoft.web/sites/slots/restorefrombackupblob/action", + "description": "Get Hosting Environments App Service Plans.", + "displayName": "Get Hosting Environments App Service Plans", + "name": "microsoft.web/hostingenvironments/serverfarms/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web App Slot backups.", - "displayName": "List Web App Slot backups", - "name": "microsoft.web/sites/slots/listbackups/action", + "description": "Get Hosting Environments Web Apps.", + "displayName": "Get Hosting Environments Web Apps", + "name": "microsoft.web/hostingenvironments/sites/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Copy content from one deployment slot to another.", - "displayName": "Copy content from one deployment slot to another", - "name": "microsoft.web/sites/slots/slotcopy/action", + "description": "Get Hosting Environments Usages.", + "displayName": "Get Hosting Environments Usages", + "name": "microsoft.web/hostingenvironments/usages/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Slot's configuration settings", - "displayName": "Get Web App Slot Configuration", - "name": "Microsoft.Web/sites/slots/config/Read", + "description": "Get Hosting Environments Workerpools Metric Definitions.", + "displayName": "Get Hosting Environments Workerpools Metric Definitions", + "name": "microsoft.web/hostingenvironments/workerpools/metricdefinitions/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web App Slot's security sensitive settings, such as publishing credentials, app settings and connection strings", - "displayName": "List Web App Slot Security Sensitive Settings", - "name": "Microsoft.Web/sites/slots/config/list/Action", + "description": "Get Hosting Environments Workerpools Metrics.", + "displayName": "Get Hosting Environments Workerpools Metrics", + "name": "microsoft.web/hostingenvironments/workerpools/metrics/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Web App Slot's configuration settings", - "displayName": "Update Web App Slot Configuration", - "name": "Microsoft.Web/sites/slots/config/Write", + "description": "Get Hosting Environments Workerpools SKUs.", + "displayName": "Get Hosting Environments Workerpools SKUs", + "name": "microsoft.web/hostingenvironments/workerpools/skus/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web Apps Slots Config.", - "displayName": "Delete Web Apps Slots Config", - "name": "microsoft.web/sites/slots/config/delete", + "description": "Get Hosting Environments Workerpools Usages.", + "displayName": "Get Hosting Environments Workerpools Usages", + "name": "microsoft.web/hostingenvironments/workerpools/usages/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Validate upgrade path for Web App.", - "displayName": "Validate upgrade path for Web App", - "name": "microsoft.web/sites/slots/config/validateupgradepath/action", + "description": "Get if Hosting Environment Name is available.", + "displayName": "Check if Hosting Environment Name is available", + "name": "microsoft.web/ishostingenvironmentnameavailable/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App configuration settings", - "displayName": "Get Web App Configuration", - "name": "Microsoft.Web/sites/config/Read", + "description": "Check if Hostname is Available.", + "displayName": "Check if Hostname is Available", + "name": "microsoft.web/ishostnameavailable/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web App's security sensitive settings, such as publishing credentials, app settings and connection strings", - "displayName": "List Web App Security Sensitive Settings", - "name": "Microsoft.Web/sites/config/list/Action", + "description": "Check if Username is available.", + "displayName": "Check if Username is available", + "name": "microsoft.web/isusernameavailable/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Web App's configuration settings", - "displayName": "Update Web App Configuration", - "name": "Microsoft.Web/sites/config/Write", + "description": "Get Locations API Operations.", + "displayName": "Get Locations API Operations", + "name": "microsoft.web/locations/apioperations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web Apps Config.", - "displayName": "Delete Web Apps Config", - "name": "microsoft.web/sites/config/delete", + "description": "Get Locations Connection Gateway Installations.", + "displayName": "Get Locations Connection Gateway Installations", + "name": "microsoft.web/locations/connectiongatewayinstallations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App's source control configuration settings", - "displayName": "Get Web App Source Control Configuration", - "name": "Microsoft.Web/sites/sourcecontrols/Read", + "description": "Get Locations Managed APIs.", + "displayName": "Get Locations Managed APIs", + "name": "microsoft.web/locations/managedapis/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Web App's source control configuration settings", - "displayName": "Update Web App Source Control Configuration", - "name": "Microsoft.Web/sites/sourcecontrols/Write", + "description": "Get Locations Managed API Operations.", + "displayName": "Get Locations Managed API Operations", + "name": "microsoft.web/locations/managedapis/apioperations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web App's source control configuration settings", - "displayName": "Delete Web App Source Control Configuration", - "name": "Microsoft.Web/sites/sourcecontrols/Delete", + "description": "Get Operations.", + "displayName": "Get Operations", + "name": "microsoft.web/operations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Slot's source control configuration settings", - "displayName": "Get Web App Slot Source Control Configuration", - "name": "Microsoft.Web/sites/slots/sourcecontrols/Read", + "description": "Get Publishing Users.", + "displayName": "Get Publishing Users", + "name": "microsoft.web/publishingusers/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Web App Slot's source control configuration settings", - "displayName": "Update Web App Slot Source Control Configuration", - "name": "Microsoft.Web/sites/slots/sourcecontrols/Write", + "description": "Get App Service Plans Capabilities.", + "displayName": "Get App Service Plans Capabilities", + "name": "microsoft.web/serverfarms/capabilities/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web App Slot's source control configuration settings", - "displayName": "Delete Web App Slot Source Control Configuration", - "name": "Microsoft.Web/sites/slots/sourcecontrols/Delete", + "description": "Get App Service Plans First Party Apps Settings.", + "displayName": "Get App Service Plans First Party Apps Settings", + "name": "microsoft.web/serverfarms/firstpartyapps/settings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of a web app's backup", - "displayName": "Get Web App Backup", - "name": "Microsoft.Web/sites/backups/Read", + "description": "Get App Service Plans Hybrid Connection Namespaces Relays Web Apps.", + "displayName": "Get App Service Plans Hybrid Connection Namespaces Relays Web Apps", + "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/sites/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web Apps Backups.", - "displayName": "List Web Apps Backups", - "name": "microsoft.web/sites/backups/list/action", + "description": "Get App Service Plans Hybrid Connection Plan Limits.", + "displayName": "Get App Service Plans Hybrid Connection Plan Limits", + "name": "microsoft.web/serverfarms/hybridconnectionplanlimits/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Restore Web Apps Backups.", - "displayName": "Restore Web Apps Backups", - "name": "microsoft.web/sites/backups/restore/action", + "description": "Get App Service Plans Hybrid Connection Relays.", + "displayName": "Get App Service Plans Hybrid Connection Relays", + "name": "microsoft.web/serverfarms/hybridconnectionrelays/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web Apps Backups.", - "displayName": "Delete Web Apps Backups", - "name": "microsoft.web/sites/backups/delete", + "description": "Get App Service Plans Metric Definitions.", + "displayName": "Get App Service Plans Metric Definitions", + "name": "microsoft.web/serverfarms/metricdefinitions/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Web Apps Backups.", - "displayName": "Update Web Apps Backups", - "name": "microsoft.web/sites/backups/write", + "description": "Get App Service Plans Metrics.", + "displayName": "Get App Service Plans Metrics", + "name": "microsoft.web/serverfarms/metrics/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of a web app slots' backup", - "displayName": "List Web App Slot Backups", - "name": "Microsoft.Web/sites/slots/backups/Read", + "description": "Get App Service Plans Operation Results.", + "displayName": "Get App Service Plans Operation Results", + "name": "microsoft.web/serverfarms/operationresults/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web Apps Slots Backups.", - "displayName": "List Web Apps Slots Backups", - "name": "microsoft.web/sites/slots/backups/list/action", + "description": "Get App Service Plans Web Apps.", + "displayName": "Get App Service Plans Web Apps", + "name": "microsoft.web/serverfarms/sites/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Restore Web Apps Slots Backups.", - "displayName": "Restore Web Apps Slots Backups", - "name": "microsoft.web/sites/slots/backups/restore/action", + "description": "Get App Service Plans SKUs.", + "displayName": "Get App Service Plans SKUs", + "name": "microsoft.web/serverfarms/skus/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web Apps Slots Backups.", - "displayName": "Delete Web Apps Slots Backups", - "name": "microsoft.web/sites/slots/backups/delete", + "description": "Get App Service Plans Usages.", + "displayName": "Get App Service Plans Usages", + "name": "microsoft.web/serverfarms/usages/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the list of recommendations for web app.", - "displayName": "Get recommendations for web app", - "name": "Microsoft.Web/sites/recommendations/Read", + "description": "Get App Service Plans Virtual Network Connections.", + "displayName": "Get App Service Plans Virtual Network Connections", + "name": "microsoft.web/serverfarms/virtualnetworkconnections/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Disable Web Apps Recommendations.", - "displayName": "Disable Web Apps Recommendations", - "name": "microsoft.web/sites/recommendations/disable/action", + "description": "Get App Service Plans Virtual Network Connections Routes.", + "displayName": "Get App Service Plans Virtual Network Connections Routes", + "name": "microsoft.web/serverfarms/virtualnetworkconnections/routes/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1143703,20 +1146089,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Backup.", - "displayName": "Update Web Apps Backup", - "name": "microsoft.web/sites/backup/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Continuous Web Jobs.", - "displayName": "Delete Web Apps Continuous Web Jobs", - "name": "microsoft.web/sites/continuouswebjobs/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Continuous Web Jobs.", "displayName": "Get Web Apps Continuous Web Jobs", @@ -1143724,27 +1146096,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Start Web Apps Continuous Web Jobs.", - "displayName": "Start Web Apps Continuous Web Jobs", - "name": "microsoft.web/sites/continuouswebjobs/start/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Stop Web Apps Continuous Web Jobs.", - "displayName": "Stop Web Apps Continuous Web Jobs", - "name": "microsoft.web/sites/continuouswebjobs/stop/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Deployments.", - "displayName": "Delete Web Apps Deployments", - "name": "microsoft.web/sites/deployments/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Deployments.", "displayName": "Get Web Apps Deployments", @@ -1143752,13 +1146103,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Deployments.", - "displayName": "Update Web Apps Deployments", - "name": "microsoft.web/sites/deployments/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Deployments Log.", "displayName": "Get Web Apps Deployments Log", @@ -1143850,41 +1146194,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Domain Ownership Identifiers.", - "displayName": "Update Web Apps Domain Ownership Identifiers", - "name": "microsoft.web/sites/domainownershipidentifiers/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Domain Ownership Identifiers.", - "displayName": "Delete Web Apps Domain Ownership Identifiers", - "name": "microsoft.web/sites/domainownershipidentifiers/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Functions.", - "displayName": "Delete Web Apps Functions", - "name": "microsoft.web/sites/functions/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List Function secrets.", - "displayName": "List Web Apps Functions Secrets", - "name": "microsoft.web/sites/functions/listsecrets/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List Function keys.", - "displayName": "List Web Apps Functions Keys", - "name": "microsoft.web/sites/functions/listkeys/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Functions.", "displayName": "Get Web Apps Functions", @@ -1143892,20 +1146201,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Functions.", - "displayName": "Update Web Apps Functions", - "name": "microsoft.web/sites/functions/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Hostname Bindings.", - "displayName": "Delete Web Apps Hostname Bindings", - "name": "microsoft.web/sites/hostnamebindings/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Hostname Bindings.", "displayName": "Get Web Apps Hostname Bindings", @@ -1143913,20 +1146208,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Hostname Bindings.", - "displayName": "Update Web Apps Hostname Bindings", - "name": "microsoft.web/sites/hostnamebindings/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Hybrid Connection.", - "displayName": "Delete Web Apps Hybrid Connection", - "name": "microsoft.web/sites/hybridconnection/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Hybrid Connection.", "displayName": "Get Web Apps Hybrid Connection", @@ -1143934,13 +1146215,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Hybrid Connection.", - "displayName": "Update Web Apps Hybrid Connection", - "name": "microsoft.web/sites/hybridconnection/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Hybrid Connection Relays.", "displayName": "Get Web Apps Hybrid Connection Relays", @@ -1143955,20 +1146229,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Instances Deployments.", - "displayName": "Delete Web Apps Instances Deployments", - "name": "microsoft.web/sites/instances/deployments/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Instances Processes.", - "displayName": "Delete Web Apps Instances Processes", - "name": "microsoft.web/sites/instances/processes/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Instances Processes.", "displayName": "Get Web Apps Instances Processes", @@ -1144011,13 +1146271,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Premier Addons.", - "displayName": "Delete Web Apps Premier Addons", - "name": "microsoft.web/sites/premieraddons/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Premier Addons.", "displayName": "Get Web Apps Premier Addons", @@ -1144025,13 +1146278,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Premier Addons.", - "displayName": "Update Web Apps Premier Addons", - "name": "microsoft.web/sites/premieraddons/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Publishing XML.", "displayName": "Get Web Apps Publishing XML", @@ -1144053,13 +1146299,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Restore Web Apps.", - "displayName": "Restore Web Apps", - "name": "microsoft.web/sites/restore/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Analyze Custom Hostname.", "displayName": "Get Web Apps Slots Analyze Custom Hostname", @@ -1144067,13 +1146306,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Slots Backup.", - "displayName": "Update Web Apps Slots Backup", - "name": "microsoft.web/sites/slots/backup/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Backup.", "displayName": "Get Web Apps Slots Backup", @@ -1144081,13 +1146313,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Slots Continuous Web Jobs.", - "displayName": "Delete Web Apps Slots Continuous Web Jobs", - "name": "microsoft.web/sites/slots/continuouswebjobs/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Continuous Web Jobs.", "displayName": "Get Web Apps Slots Continuous Web Jobs", @@ -1144095,27 +1146320,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Start Web Apps Slots Continuous Web Jobs.", - "displayName": "Start Web Apps Slots Continuous Web Jobs", - "name": "microsoft.web/sites/slots/continuouswebjobs/start/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Stop Web Apps Slots Continuous Web Jobs.", - "displayName": "Stop Web Apps Slots Continuous Web Jobs", - "name": "microsoft.web/sites/slots/continuouswebjobs/stop/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Slots Deployments.", - "displayName": "Delete Web Apps Slots Deployments", - "name": "microsoft.web/sites/slots/deployments/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Deployments.", "displayName": "Get Web Apps Slots Deployments", @@ -1144123,13 +1146327,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Slots Deployments.", - "displayName": "Update Web Apps Slots Deployments", - "name": "microsoft.web/sites/slots/deployments/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Deployments Log.", "displayName": "Get Web Apps Slots Deployments Log", @@ -1144137,13 +1146334,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Slots Hostname Bindings.", - "displayName": "Delete Web Apps Slots Hostname Bindings", - "name": "microsoft.web/sites/slots/hostnamebindings/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Hostname Bindings.", "displayName": "Get Web Apps Slots Hostname Bindings", @@ -1144151,20 +1146341,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Slots Hostname Bindings.", - "displayName": "Update Web Apps Slots Hostname Bindings", - "name": "microsoft.web/sites/slots/hostnamebindings/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Slots Hybrid Connection.", - "displayName": "Delete Web Apps Slots Hybrid Connection", - "name": "microsoft.web/sites/slots/hybridconnection/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Hybrid Connection.", "displayName": "Get Web Apps Slots Hybrid Connection", @@ -1144172,13 +1146348,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Slots Hybrid Connection.", - "displayName": "Update Web Apps Slots Hybrid Connection", - "name": "microsoft.web/sites/slots/hybridconnection/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Instances Deployments.", "displayName": "Get Web Apps Slots Instances Deployments", @@ -1144193,13 +1146362,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Slots Instances Processes.", - "displayName": "Delete Web Apps Slots Instances Processes", - "name": "microsoft.web/sites/slots/instances/processes/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Instances.", "displayName": "Get Web Apps Slots Instances", @@ -1144235,13 +1146397,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Slots Premier Addons.", - "displayName": "Delete Web Apps Slots Premier Addons", - "name": "microsoft.web/sites/slots/premieraddons/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Premier Addons.", "displayName": "Get Web Apps Slots Premier Addons", @@ -1144249,13 +1146404,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Slots Premier Addons.", - "displayName": "Update Web Apps Slots Premier Addons", - "name": "microsoft.web/sites/slots/premieraddons/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Restore.", "displayName": "Get Web Apps Slots Restore", @@ -1144263,20 +1146411,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Restore Web Apps Slots.", - "displayName": "Restore Web Apps Slots", - "name": "microsoft.web/sites/slots/restore/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Delete Web Apps Slots Triggered WebJobs.", - "displayName": "Delete Web Apps Slots Triggered WebJobs", - "name": "microsoft.web/sites/slots/triggeredwebjobs/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Triggered WebJobs.", "displayName": "Get Web Apps Slots Triggered WebJobs", @@ -1144284,13 +1146418,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Run Web Apps Slots Triggered WebJobs.", - "displayName": "Run Web Apps Slots Triggered WebJobs", - "name": "microsoft.web/sites/slots/triggeredwebjobs/run/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Usages.", "displayName": "Get Web Apps Slots Usages", @@ -1144298,13 +1146425,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Slots Virtual Network Connections.", - "displayName": "Delete Web Apps Slots Virtual Network Connections", - "name": "microsoft.web/sites/slots/virtualnetworkconnections/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Virtual Network Connections.", "displayName": "Get Web Apps Slots Virtual Network Connections", @@ -1144312,20 +1146432,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Slots Virtual Network Connections.", - "displayName": "Update Web Apps Slots Virtual Network Connections", - "name": "microsoft.web/sites/slots/virtualnetworkconnections/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Update Web Apps Slots Virtual Network Connections Gateways.", - "displayName": "Update Web Apps Slots Virtual Network Connections Gateways", - "name": "microsoft.web/sites/slots/virtualnetworkconnections/gateways/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots WebJobs.", "displayName": "Get Web Apps Slots WebJobs", @@ -1144340,13 +1146446,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Triggered WebJobs.", - "displayName": "Delete Web Apps Triggered WebJobs", - "name": "microsoft.web/sites/triggeredwebjobs/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Triggered WebJobs.", "displayName": "Get Web Apps Triggered WebJobs", @@ -1144354,13 +1146453,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Run Web Apps Triggered WebJobs.", - "displayName": "Run Web Apps Triggered WebJobs", - "name": "microsoft.web/sites/triggeredwebjobs/run/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Usages.", "displayName": "Get Web Apps Usages", @@ -1144368,13 +1146460,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Virtual Network Connections.", - "displayName": "Delete Web Apps Virtual Network Connections", - "name": "microsoft.web/sites/virtualnetworkconnections/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Virtual Network Connections.", "displayName": "Get Web Apps Virtual Network Connections", @@ -1144382,13 +1146467,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Virtual Network Connections.", - "displayName": "Update Web Apps Virtual Network Connections", - "name": "microsoft.web/sites/virtualnetworkconnections/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Virtual Network Connections Gateways.", "displayName": "Get Web Apps Virtual Network Connections Gateways", @@ -1144396,13 +1146474,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Virtual Network Connections Gateways.", - "displayName": "Update Web Apps Virtual Network Connections Gateways", - "name": "microsoft.web/sites/virtualnetworkconnections/gateways/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps WebJobs.", "displayName": "Get Web Apps WebJobs", @@ -1144411,23 +1146482,23 @@ "providerName": "microsoft.web" }, { - "description": "Delete Web Apps Hybrid Connection Namespaces Relays.", - "displayName": "Delete Web Apps Hybrid Connection Namespaces Relays", - "name": "microsoft.web/sites/hybridconnectionnamespaces/relays/delete", + "description": "Get SKUs.", + "displayName": "Get SKUs", + "name": "microsoft.web/skus/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Keys Web Apps Hybrid Connection Namespaces Relays.", - "displayName": "List Keys Web Apps Hybrid Connection Namespaces Relays", - "name": "microsoft.web/sites/hybridconnectionnamespaces/relays/listkeys/action", + "description": "Get Source Controls.", + "displayName": "Get Source Controls", + "name": "microsoft.web/sourcecontrols/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Web Apps Hybrid Connection Namespaces Relays.", - "displayName": "Update Web Apps Hybrid Connection Namespaces Relays", - "name": "microsoft.web/sites/hybridconnectionnamespaces/relays/write", + "description": "Get App Service Plans Hybrid Connection Namespaces Relays.", + "displayName": "Get App Service Plans Hybrid Connection Namespaces Relays", + "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1144453,9 +1146524,9 @@ "providerName": "microsoft.web" }, { - "description": "Delete Web Apps Site Extensions.", - "displayName": "Delete Web Apps Site Extensions", - "name": "microsoft.web/sites/siteextensions/delete", + "description": "Get the properties of a Deleted Web App", + "displayName": "Get Deleted Web App", + "name": "Microsoft.Web/deletedSites/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1144466,13 +1146537,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Site Extensions.", - "displayName": "Update Web Apps Site Extensions", - "name": "microsoft.web/sites/siteextensions/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Hybrid Connection Relays.", "displayName": "Get Web Apps Slots Hybrid Connection Relays", @@ -1144480,13 +1146544,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Slots Site Extensions.", - "displayName": "Delete Web Apps Slots Site Extensions", - "name": "microsoft.web/sites/slots/siteextensions/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Site Extensions.", "displayName": "Get Web Apps Slots Site Extensions", @@ -1144494,13 +1146551,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Slots Site Extensions.", - "displayName": "Update Web Apps Slots Site Extensions", - "name": "microsoft.web/sites/slots/siteextensions/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Snapshots.", "displayName": "Get Web Apps Slots Snapshots", @@ -1144614,51 +1146664,79 @@ "providerName": "microsoft.web" }, { - "description": "Update Web App Slots Domain Ownership Identifiers.", - "displayName": "Update Web App Slots Domain Ownership Identifiers", - "name": "microsoft.web/sites/slots/domainownershipidentifiers/write", + "description": "Get Web Apps Slots Operations.", + "displayName": "Get Web Apps Slots Operations", + "name": "microsoft.web/sites/slots/operations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web App Slots Domain Ownership Identifiers.", - "displayName": "Delete Web App Slots Ownership Identifiers", - "name": "microsoft.web/sites/slots/domainownershipidentifiers/delete", + "description": "Get Web Apps Slots Performance Counters.", + "displayName": "Get Web Apps Slots Performance Counters", + "name": "microsoft.web/sites/slots/perfcounters/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web Apps Slots Hybrid Connection Namespaces Relays.", - "displayName": "Delete Web Apps Slots Hybrid Connection Namespaces Relays", - "name": "microsoft.web/sites/slots/hybridconnectionnamespaces/relays/delete", + "description": "Get Web Apps Slots Resource Health Metadata.", + "displayName": "Get Web Apps Slots Resource Health Metadata", + "name": "microsoft.web/sites/slots/resourcehealthmetadata/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Web Apps Slots Hybrid Connection Namespaces Relays.", - "displayName": "Update Web Apps Slots Hybrid Connection Namespaces Relays", - "name": "microsoft.web/sites/slots/hybridconnectionnamespaces/relays/write", + "description": "Get Api Management Accounts Apiacls.", + "displayName": "Get Api Management Accounts Apiacls", + "name": "microsoft.web/apimanagementaccounts/apiacls/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web Apps Slots Operations.", - "displayName": "Get Web Apps Slots Operations", - "name": "microsoft.web/sites/slots/operations/read", + "description": "Get Api Management Accounts APIs Connections.", + "displayName": "Get Api Management Accounts APIs Connections", + "name": "microsoft.web/apimanagementaccounts/apis/connections/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web Apps Slots Performance Counters.", - "displayName": "Get Web Apps Slots Performance Counters", - "name": "microsoft.web/sites/slots/perfcounters/read", + "description": "Get Api Management Accounts APIs.", + "displayName": "Get Api Management Accounts APIs", + "name": "microsoft.web/apimanagementaccounts/apis/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web Apps Slots Resource Health Metadata.", - "displayName": "Get Web Apps Slots Resource Health Metadata", - "name": "microsoft.web/sites/slots/resourcehealthmetadata/read", + "description": "Get Api Management Accounts Connectionacls.", + "displayName": "Get Api Management Accounts Connectionacls", + "name": "microsoft.web/apimanagementaccounts/connectionacls/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Api Management Accounts APIs Apiacls.", + "displayName": "Get Api Management Accounts APIs Apiacls", + "name": "microsoft.web/apimanagementaccounts/apis/apiacls/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Api Management Accounts APIs Connectionacls.", + "displayName": "Get Api Management Accounts APIs Connectionacls", + "name": "microsoft.web/apimanagementaccounts/apis/connectionacls/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Api Management Accounts APIs Connections Connectionacls.", + "displayName": "Get Api Management Accounts APIs Connections Connectionacls", + "name": "microsoft.web/apimanagementaccounts/apis/connections/connectionacls/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Api Management Accounts APIs Localized Definitions.", + "displayName": "Get Api Management Accounts APIs Localized Definitions", + "name": "microsoft.web/apimanagementaccounts/apis/localizeddefinitions/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1144760,13 +1146838,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Public Certificates.", - "displayName": "Delete Web Apps Public Certificates", - "name": "microsoft.web/sites/publiccertificates/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Public Certificates.", "displayName": "Get Web Apps Public Certificates", @@ -1144774,13 +1146845,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Public Certificates.", - "displayName": "Update Web Apps Public Certificates", - "name": "microsoft.web/sites/publiccertificates/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Diagnostics Autoheal.", "displayName": "Get Web Apps Diagnostics Autoheal", @@ -1144831,23 +1146895,30 @@ "providerName": "microsoft.web" }, { - "description": "Creates or updates the diagnostic setting for the resource", - "displayName": "Write diagnostic setting", - "name": "microsoft.web/sites/providers/Microsoft.Insights/diagnosticSettings/write", + "description": "Gets the diagnostic setting for the resource", + "displayName": "Read diagnostic setting", + "name": "microsoft.web/sites/slots/providers/Microsoft.Insights/diagnosticSettings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { "description": "Gets the diagnostic setting for the resource", "displayName": "Read diagnostic setting", - "name": "microsoft.web/sites/slots/providers/Microsoft.Insights/diagnosticSettings/read", + "name": "microsoft.web/serverfarms/providers/Microsoft.Insights/diagnosticSettings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Creates or updates the diagnostic setting for the resource", - "displayName": "Write diagnostic setting", - "name": "microsoft.web/sites/slots/providers/Microsoft.Insights/diagnosticSettings/write", + "description": "Gets the diagnostic setting for the resource", + "displayName": "Read diagnostic setting", + "name": "microsoft.web/hostingenvironments/providers/Microsoft.Insights/diagnosticSettings/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get list of billing meters.", + "displayName": "Read billing meters", + "name": "microsoft.web/billingmeters/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1144865,13 +1146936,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Run Web Apps Diagnostics Detector.", - "displayName": "Run Web Apps Diagnostics Detector", - "name": "microsoft.web/sites/diagnostics/detectors/execute/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Diagnostics Analysis.", "displayName": "Get Web Apps Diagnostics Analysis", @@ -1144879,13 +1146943,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Run Web Apps Diagnostics Analysis.", - "displayName": "Run Web Apps Diagnostics Analysis", - "name": "microsoft.web/sites/diagnostics/analyses/execute/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Diagnostics Analysis.", "displayName": "Get Web Apps Slots Diagnostics Analysis", @@ -1144893,13 +1146950,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Run Web Apps Slots Diagnostics Analysis.", - "displayName": "Run Web Apps Slots Diagnostics Analysis", - "name": "microsoft.web/sites/slots/diagnostics/analyses/execute/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Diagnostics Detector.", "displayName": "Get Web Apps Slots Diagnostics Detector", @@ -1144908,9 +1146958,9 @@ "providerName": "microsoft.web" }, { - "description": "Run Web Apps Slots Diagnostics Detector.", - "displayName": "Run Web Apps Slots Diagnostics Detector", - "name": "microsoft.web/sites/slots/diagnostics/detectors/execute/Action", + "description": "Get Resource Health Metadata.", + "displayName": "Get Resource Health Metadata", + "name": "microsoft.web/resourcehealthmetadata/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1144922,16 +1146972,16 @@ "providerName": "microsoft.web" }, { - "description": "Create or Update Web Apps Slots Public Certificates.", - "displayName": "Write Web Apps Slots Public Certificates", - "name": "microsoft.web/sites/slots/publiccertificates/write", + "description": "Get the network endpoints of all inbound dependencies.", + "displayName": "Get the network endpoints of all inbound dependencies", + "name": "microsoft.web/hostingenvironments/inboundnetworkdependenciesendpoints/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web Apps Slots Public Certificates.", - "displayName": "Delete Web Apps Slots Public Certificates", - "name": "microsoft.web/sites/slots/publiccertificates/delete", + "description": "Get the network endpoints of all outbound dependencies.", + "displayName": "Get the network endpoints of all outbound dependencies", + "name": "microsoft.web/hostingenvironments/outboundnetworkdependenciesendpoints/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1144949,6 +1146999,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Get Hosting Environments Detectors.", + "displayName": "Get Hosting Environments Detectors", + "name": "microsoft.web/hostingenvironments/detectors/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Detectors.", "displayName": "Get Web Apps Detectors", @@ -1144956,6 +1147013,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Gets the available metrics for App Service Plan", + "displayName": "Read App Service Plan metric definitions", + "name": "Microsoft.Web/serverfarms/providers/Microsoft.Insights/metricDefinitions/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Gets the available metrics for Web App", "displayName": "Read Web App metric definitions", @@ -1144970,6 +1147034,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Gets the available metrics for App Service Environment MultiRole", + "displayName": "Read App Service Environment MultiRole metric definitions", + "name": "Microsoft.Web/hostingEnvironments/multiRolePools/providers/Microsoft.Insights/metricDefinitions/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Gets the available metrics for App Service Environment WorkerPool", + "displayName": "Read App Service Environment WorkerPool metric definitions", + "name": "Microsoft.Web/hostingEnvironments/workerPools/providers/Microsoft.Insights/metricDefinitions/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Instances Processes Threads.", "displayName": "Get Web Apps Instances Processes Threads", @@ -1144998,13 +1147076,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Perform Function App runtime action like sync triggers, add functions, invoke functions, delete functions etc.", - "displayName": "Perform Function App runtime action", - "name": "Microsoft.Web/sites/hostruntime/host/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Config Snapshots.", "displayName": "Get Web Apps Config Snapshots", @@ -1145012,20 +1147083,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Web Apps List Secrets From Snapshot.", - "displayName": "Web Apps List Secrets From Snapshot", - "name": "microsoft.web/sites/config/snapshots/listsecrets/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List Function keys.", - "displayName": "List Web Apps Functions Keys", - "name": "microsoft.web/sites/slots/functions/listkeys/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Functions.", "displayName": "Get Web Apps Slots Functions", @@ -1145033,20 +1147090,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "List Secrets Web Apps Slots Functions.", - "displayName": "List Secrets Web Apps Slots Functions", - "name": "microsoft.web/sites/slots/functions/listsecrets/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Download Web Apps Container Logs.", - "displayName": "Download Web Apps Container Logs", - "name": "microsoft.web/sites/containerlogs/download/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Hostruntime Functions Keys.", "displayName": "Get Web Apps Hostruntime Functions Keys", @@ -1145068,13 +1147111,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Download Web Apps Slots Container Logs.", - "displayName": "Download Web Apps Slots Container Logs", - "name": "microsoft.web/sites/slots/containerlogs/download/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Slots Processes.", "displayName": "Get Web Apps Slots Processes", @@ -1145110,13 +1147146,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Delete Web Apps Site Extensions.", - "displayName": "Delete Web Apps Site Extensions", - "name": "microsoft.web/sites/extensions/delete", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Site Extensions.", "displayName": "Get Web Apps Site Extensions", @@ -1145124,20 +1147153,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Update Web Apps Site Extensions.", - "displayName": "Update Web Apps Site Extensions", - "name": "microsoft.web/sites/extensions/write", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Invoke App Service Extensions APIs.", - "displayName": "Invoke App Service Extensions APIs", - "name": "microsoft.web/sites/extensions/api/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Instances Extensions.", "displayName": "Get Web Apps Instances Extensions", @@ -1145159,6 +1147174,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Read hosting environments log definitions", + "displayName": "Read hosting environments log definitions", + "name": "microsoft.web/hostingenvironments/providers/Microsoft.Insights/logDefinitions/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Read Private Endpoint Connection Proxies", "displayName": "Read Private Endpoint Connection Proxies", @@ -1145167,37 +1147189,37 @@ "providerName": "microsoft.web" }, { - "description": "Create or Update Private Endpoint Connection Proxies", - "displayName": "Create or Update Private Endpoint Connection Proxies", - "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/Write", + "description": "Read Private Endpoint Connection Proxies", + "displayName": "Read Private Endpoint Connection Proxies", + "name": "Microsoft.Web/hostingEnvironments/privateEndpointConnectionProxies/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Private Endpoint Connection Proxies", - "displayName": "Delete Private Endpoint Connection Proxies", - "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/Delete", + "description": "Read Private Endpoint Connection Proxy Operations", + "displayName": "Read Private Endpoint Connection Proxy Operations", + "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/operations/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Validate Private Endpoint Connection Proxies", - "displayName": "Validate Private Endpoint Connection Proxies", - "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/validate/action", + "description": "Read Private Endpoint Connection Proxy Operations", + "displayName": "Read Private Endpoint Connection Proxy Operations", + "name": "Microsoft.Web/hostingEnvironments/privateEndpointConnectionProxies/operations/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Read Private Endpoint Connection Proxy Operations", - "displayName": "Read Private Endpoint Connection Proxy Operations", - "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/operations/Read", + "description": "Get Operations.", + "displayName": "Get Operations", + "name": "microsoft.web/locations/operationResults/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Event Grid Filter on web app.", - "displayName": "Delete Event Grid Filter on web app", - "name": "Microsoft.Web/sites/eventGridFilters/delete", + "description": "Get Operations.", + "displayName": "Get Operations", + "name": "microsoft.web/locations/operations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1145209,289 +1147231,289 @@ "providerName": "microsoft.web" }, { - "description": "Put Event Grid Filter on web app.", - "displayName": "Put Event Grid Filter on web app", - "name": "Microsoft.Web/sites/eventGridFilters/write", + "description": "Get Event Grid Filter on server farm.", + "displayName": "Get Event Grid Filter on server farm", + "name": "Microsoft.Web/serverfarms/eventGridFilters/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Function keys.", - "displayName": "Update Web Apps Functions Keys", - "name": "microsoft.web/sites/functions/keys/write", + "description": "Get Event Grid Filter on hosting environment.", + "displayName": "Get Event Grid Filter on hosting environment", + "name": "Microsoft.Web/hostingEnvironments/eventGridFilters/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Function keys.", - "displayName": "Delete Web Apps Functions Keys", - "name": "microsoft.web/sites/functions/keys/delete", + "description": "Get Web Apps Slots Extensions.", + "displayName": "Get Web Apps Slots Extensions", + "name": "microsoft.web/sites/slots/extensions/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Functions Host keys.", - "displayName": "List Web Apps Functions Host Keys", - "name": "microsoft.web/sites/host/listkeys/action", + "description": "Get the health details of an App Service Environment.", + "displayName": "Get the health details of an App Service Environment", + "name": "microsoft.web/hostingenvironments/health/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Sync Function Triggers.", - "displayName": "Sync Web Apps Function Triggers", - "name": "microsoft.web/sites/host/sync/action", + "description": "Get the properties of a Static Site", + "displayName": "Get Static Site", + "name": "Microsoft.Web/staticSites/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Sync Function Triggers Status.", - "displayName": "List Web Apps Sync Function Triggers Status", - "name": "microsoft.web/sites/host/listsyncstatus/action", + "description": "List the custom domains for a Static Site", + "displayName": "List Static Site Custom Domains", + "name": "Microsoft.Web/staticSites/customdomains/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Functions Host Function keys.", - "displayName": "Update Web Apps Functions Host Function Keys", - "name": "microsoft.web/sites/host/functionkeys/write", + "description": "Get a build for a Static Site", + "displayName": "Get Static Site Build", + "name": "Microsoft.Web/staticSites/build/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Functions Host Function keys.", - "displayName": "Delete Web Apps Functions Host Function Keys", - "name": "microsoft.web/sites/host/functionkeys/delete", + "description": "List the functions for a Static Site", + "displayName": "List Static Site Functions", + "name": "Microsoft.Web/staticSites/functions/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Functions Host System keys.", - "displayName": "Update Web Apps Functions Host System Keys", - "name": "microsoft.web/sites/host/systemkeys/write", + "description": "Get App Service Network Configuration.", + "displayName": "Get App Service Network Configuration", + "name": "microsoft.web/sites/networkConfig/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Functions Host System keys.", - "displayName": "Delete Web Apps Functions Host System Keys", - "name": "microsoft.web/sites/host/systemkeys/delete", + "description": "List which publishing methods are allowed for a Web App", + "displayName": "List Web App Publishing Credentials Policies", + "name": "Microsoft.Web/sites/basicPublishingCredentialsPolicies/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web Apps Slots Extensions.", - "displayName": "Get Web Apps Slots Extensions", - "name": "microsoft.web/sites/slots/extensions/read", + "description": "List which publishing credentials are allowed for a Web App Slot", + "displayName": "List Web App Slot Publishing Credentials Policies", + "name": "Microsoft.Web/sites/slots/basicPublishingCredentialsPolicies/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Web Apps Slots Extensions.", - "displayName": "Update Web Apps Slots Extensions", - "name": "microsoft.web/sites/slots/extensions/write", + "description": "Get a Private Endpoint Connection or the list of Private Endpoint Connections.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Web/sites/privateEndpointConnections/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Invoke App Service Slots Extensions APIs.", - "displayName": "Invoke App Service Slots Extensions APIs.", - "name": "microsoft.web/sites/slots/extensions/api/action", + "description": "Get Private Link Resources.", + "displayName": "Get Private Link Resources", + "name": "Microsoft.Web/sites/privateLinkResources/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Function keys.", - "displayName": "Update Web Apps Functions Keys", - "name": "microsoft.web/sites/slots/functions/keys/write", + "description": "Gets the available metrics for Static Site", + "displayName": "Read Static Site metric definitions", + "name": "Microsoft.Web/staticSites/providers/Microsoft.Insights/metricDefinitions/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Function keys.", - "displayName": "Delete Web Apps Functions Keys", - "name": "microsoft.web/sites/slots/functions/keys/delete", + "description": "Get Private Endpoint Connection Proxies for a Static Site", + "displayName": "Get Private Endpoint Connection Proxies", + "name": "Microsoft.Web/staticSites/privateEndpointConnectionProxies/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Functions Host keys.", - "displayName": "List Web Apps Functions Host Keys", - "name": "microsoft.web/sites/slots/host/listkeys/action", + "description": "Read Private Endpoint Connection Proxy Operations for a Static Site", + "displayName": "Read Private Endpoint Connection Proxy Operations", + "name": "Microsoft.Web/staticSites/privateEndpointConnectionProxies/operations/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Sync Function Triggers.", - "displayName": "Sync Web Apps Function Triggers", - "name": "microsoft.web/sites/slots/host/sync/action", + "description": "Get a private endpoint connection or the list of private endpoint connections for a static site", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Web/staticSites/privateEndpointConnections/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Functions Host Function keys.", - "displayName": "Update Web Apps Functions Host Function Keys", - "name": "microsoft.web/sites/slots/host/functionkeys/write", + "description": "Get Private Link Resources", + "displayName": "Get Private Link Resources", + "name": "Microsoft.Web/staticSites/privateLinkResources/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Functions Host Function keys.", - "displayName": "Delete Web Apps Functions Host Function Keys", - "name": "microsoft.web/sites/slots/host/functionkeys/delete", + "description": "Get a private endpoint connection or the list of private endpoint connections.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Web/hostingEnvironments/privateEndpointConnections/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update Functions Host System keys.", - "displayName": "Update Web Apps Functions Host System Keys", - "name": "microsoft.web/sites/slots/host/systemkeys/write", + "description": "Get Private Link Resources.", + "displayName": "Get Private Link Resources", + "name": "Microsoft.Web/hostingEnvironments/privateLinkResources/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Functions Host System keys.", - "displayName": "Delete Web Apps Functions Host System Keys", - "name": "microsoft.web/sites/slots/host/systemkeys/delete", + "description": "Get the properties of a Kubernetes Environment", + "displayName": "Get Kubernetes Environment", + "name": "Microsoft.Web/kubeEnvironments/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Network Configuration.", - "displayName": "Get App Service Network Configuration", - "name": "microsoft.web/sites/networkConfig/read", + "description": "Get the operations for a Kubernetes Environment", + "displayName": "Get Kubernetes Environment Operations", + "name": "Microsoft.Web/kubeEnvironments/operations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update App Service Network Configuration.", - "displayName": "Update App Service Network Configuration", - "name": "microsoft.web/sites/networkConfig/write", + "description": "Get networking configuration of an App Service Environment", + "displayName": "Get Networking Configuration", + "name": "Microsoft.Web/hostingEnvironments/configurations/networking/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete App Service Network Configuration.", - "displayName": "Delete App Service Network Configuration", - "name": "microsoft.web/sites/networkConfig/delete", + "description": "Get Static Site User Provided Function Apps", + "displayName": "Get Static Site User Provided Function Apps", + "name": "Microsoft.Web/staticSites/userProvidedFunctionApps/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List which publishing methods are allowed for a Web App", - "displayName": "List Web App Publishing Credentials Policies", - "name": "Microsoft.Web/sites/basicPublishingCredentialsPolicies/Read", + "description": "Get Static Site Build User Provided Function Apps", + "displayName": "Get Static Site Build User Provided Function Apps", + "name": "Microsoft.Web/staticSites/builds/userProvidedFunctionApps/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List which publishing methods are allowed for a Web App", - "displayName": "List Web App Publishing Credentials Policies", - "name": "Microsoft.Web/sites/basicPublishingCredentialsPolicies/Write", + "description": "Get Web App Slots Config Snapshots.", + "displayName": "Get Web App Slots Config Snapshots", + "name": "microsoft.web/sites/slots/config/snapshots/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List which publishing credentials are allowed for a Web App Slot", - "displayName": "List Web App Slot Publishing Credentials Policies", - "name": "Microsoft.Web/sites/slots/basicPublishingCredentialsPolicies/Read", + "description": "Gets the available metrics for App Service Environment", + "displayName": "Read App Service Environment metric definitions", + "name": "Microsoft.Web/hostingEnvironments/providers/Microsoft.Insights/metricDefinitions/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List which publishing credentials are allowed for a Web App Slot", - "displayName": "List Web App Slot Publishing Credentials Policies", - "name": "Microsoft.Web/sites/slots/basicPublishingCredentialsPolicies/Write", + "description": "List the functions for a Static Site Build", + "displayName": "List Static Site Build Functions", + "name": "Microsoft.Web/staticSites/builds/functions/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Approve or Reject a private endpoint connection.", - "displayName": "Approve or Reject Private Endpoint Connection", - "name": "Microsoft.Web/sites/privateEndpointConnections/Write", + "description": "Get the properties for a Worker App", + "displayName": "Get Worker App", + "name": "Microsoft.Web/workerApps/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get a Private Endpoint Connection or the list of Private Endpoint Connections.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Web/sites/privateEndpointConnections/Read", + "description": "Get the results of a Worker App operation", + "displayName": "Get Worker App Operation", + "name": "Microsoft.Web/workerApps/operationResults/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete a Private Endpoint Connection.", - "displayName": "Delete Private Endpoint Connection", - "name": "Microsoft.Web/sites/privateEndpointConnections/Delete", + "description": "Get App Service Slots Network Configuration.", + "displayName": "Get App Service Slots Network Configuration", + "name": "microsoft.web/sites/slots/networkConfig/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Private Link Resources.", - "displayName": "Get Private Link Resources", - "name": "Microsoft.Web/sites/privateLinkResources/Read", + "description": "Gets the available metrics for API Connections", + "displayName": "Read API Connections metric definitions", + "name": "Microsoft.Web/connections/providers/Microsoft.Insights/metricDefinitions/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Slots Config Snapshots.", - "displayName": "Get Web App Slots Config Snapshots", - "name": "microsoft.web/sites/slots/config/snapshots/read", + "description": "Get the properties for a Container App", + "displayName": "Get container App", + "name": "Microsoft.Web/containerApps/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Web Apps List Slot Secrets From Snapshot.", - "displayName": "Web Apps List Slot Secrets From Snapshot", - "name": "microsoft.web/sites/slots/config/snapshots/listsecrets/action", + "description": "Get the results of a Container App operation", + "displayName": "Get Container App Operation", + "name": "Microsoft.Web/containerApps/operationResults/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Slots Network Configuration.", - "displayName": "Get App Service Slots Network Configuration", - "name": "microsoft.web/sites/slots/networkConfig/read", + "description": "Get a Container App Revision", + "displayName": "Get Container App Revision", + "name": "Microsoft.Web/containerApps/revisions/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Update App Service Slots Network Configuration.", - "displayName": "Update App Service Slots Network Configuration", - "name": "microsoft.web/sites/slots/networkConfig/write", + "description": "Get a Container App Source Control", + "displayName": "Get Container App Source Control", + "name": "Microsoft.Web/containerApps/sourcecontrols/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete App Service Slots Network Configuration.", - "displayName": "Delete App Service Slots Network Configuration", - "name": "microsoft.web/sites/slots/networkConfig/delete", + "description": "List Web Apps Hostruntime Workflow Triggers.", + "displayName": "List Web Apps Hostruntime Workflow Triggers", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web Apps Hostruntime Workflow Triggers.", - "displayName": "List Web Apps Hostruntime Workflow Triggers", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/read", + "description": "List Web Apps Hostruntime Workflow Runs.", + "displayName": "List Web Apps Hostruntime Workflow Runs", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/runs/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web Apps Hostruntime Workflow Trigger Uri.", - "displayName": "Get Web Apps Hostruntime Workflow Trigger Uri", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action", + "description": "Get info about custom hostnames under subscription.", + "displayName": "Get custom hostnames under subscription", + "name": "Microsoft.Web/customhostnameSites/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Run Web Apps Hostruntime Workflow Trigger.", - "displayName": "Run Web Apps Hostruntime Workflow Trigger", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/run/action", + "description": "Get the list of recommendations for App Service Plan.", + "displayName": "Get recommendations for App Service Plan", + "name": "Microsoft.Web/serverfarms/recommendations/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web Apps Hostruntime Workflow Runs.", - "displayName": "List Web Apps Hostruntime Workflow Runs", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/runs/read", + "description": "Get the properties of a Deleted Web App at location", + "displayName": "Get Deleted Web App at location", + "name": "Microsoft.Web/locations/deletedSites/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1145502,6 +1147524,69 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Get Static Site Linked Backends", + "displayName": "Get Static Site Linked Backends", + "name": "Microsoft.Web/staticSites/linkedBackends/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Static Site Build Linked Backends", + "displayName": "Get Static Site Build Linked Backends", + "name": "Microsoft.Web/staticSites/builds/linkedBackends/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Certificates Operation Results.", + "displayName": "Get Certificates Operation Results", + "name": "microsoft.web/certificates/operationresults/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Function App Stacks.", + "displayName": "Get Function App Stacks", + "name": "microsoft.web/functionappstacks/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Function App Stacks for location.", + "displayName": "Get Function App Stacks for location", + "name": "microsoft.web/locations/functionappstacks/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Hosting Environment Configurations.", + "displayName": "Get Hosting Environment Configurations", + "name": "microsoft.web/hostingenvironments/configurations/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get first party Azure Key vault referenced settings for App Service Plan.", + "displayName": "Get App Service Plan Key Vault first party settings", + "name": "microsoft.web/serverfarms/firstpartyapps/keyvaultsettings/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Web App Stacks.", + "displayName": "Get Web App Stacks", + "name": "microsoft.web/webappstacks/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Web App Stacks for location.", + "displayName": "Get Web App Stacks for location", + "name": "microsoft.web/locations/webappstacks/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web App settings.", "displayName": "Get Web App settings", @@ -1145531,917 +1147616,1185 @@ "providerName": "microsoft.web" }, { - "description": "Create or Update Web App Slot's Single App setting", - "displayName": "Create or Update Web App Slot's Single App setting", - "name": "microsoft.web/sites/slots/config/appsettings/write", + "description": "Get Web App Single App setting.", + "displayName": "Get Web App Single App setting", + "name": "microsoft.web/sites/config/web/appsettings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Single App setting.", - "displayName": "Get Web App Single App setting", - "name": "microsoft.web/sites/config/web/appsettings/read", + "description": "Get Web App single connectionstring", + "displayName": "Get Web App single connection string", + "name": "microsoft.web/sites/config/web/connectionstrings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Create or Update Web App Single App setting", - "displayName": "Create or Update Web App Single App setting", - "name": "microsoft.web/sites/config/web/appsettings/write", + "description": "Get Web App Slot's single connection string", + "displayName": "Get Web App Slot's single connection string", + "name": "microsoft.web/sites/slots/config/web/connectionstrings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web Apps App Setting", - "displayName": "Delete Web Apps App Setting", - "name": "microsoft.web/sites/config/web/appsettings/delete", + "description": "List the workflows in a Logic App.", + "displayName": "List the workflows in a Logic App", + "name": "microsoft.web/sites/workflows/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web App Slot's App Setting", - "displayName": "Delete Web App Slot's App Setting", - "name": "microsoft.web/sites/slots/config/web/appsettings/delete", + "description": "List the workflows in a deployment slot in a Logic App.", + "displayName": "List the workflows in a deployment slot in a Logic App", + "name": "microsoft.web/sites/slots/workflows/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App single connectionstring", - "displayName": "Get Web App single connection string", - "name": "microsoft.web/sites/config/web/connectionstrings/read", + "description": "Get logic app's configuration information by its ID in a Logic App.", + "displayName": "Get logic app's configuration information by its ID in a Logic App", + "name": "microsoft.web/sites/workflowsconfiguration/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App single App setting.", - "displayName": "Create or Update Web App single sonnection string", - "name": "microsoft.web/sites/config/web/connectionstrings/write", + "description": "Get logic app's configuration information by its ID in a deployment slot in a Logic App.", + "displayName": "Get logic app's configuration information by its ID in a deployment slot in a Logic App", + "name": "microsoft.web/sites/slots/workflowsconfiguration/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Static Site Database Connection", + "displayName": "Get Static Site Database Connections", + "name": "Microsoft.Web/staticSites/databaseConnections/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Static Site Build Database Connections", + "displayName": "Get Static Site Build Database Connections", + "name": "Microsoft.Web/staticSites/builds/databaseConnections/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Lists free trial static web apps.", + "displayName": "List free trial static web apps", + "name": "Microsoft.Web/freeTrialStaticWebApps/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get the list of certificates.", + "displayName": "Get Certificates", + "name": "Microsoft.Web/certificates/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Add a new certificate or update an existing one.", + "displayName": "Add or Update Certificate", + "name": "Microsoft.Web/certificates/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete an existing certificate.", + "displayName": "Delete Certificate", + "name": "Microsoft.Web/certificates/Delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Certificates Operation Results.", + "displayName": "Get Certificates Operation Results", + "name": "microsoft.web/certificates/operationresults/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get the list of Connection Gateways.", + "displayName": "Get Connection Gateways", + "name": "Microsoft.Web/connectionGateways/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Creates or updates a Connection Gateway.", + "displayName": "Add or Update Connection Gateways", + "name": "Microsoft.Web/connectionGateways/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Deletes a Connection Gateway.", + "displayName": "Delete Connection Gateway", + "name": "Microsoft.Web/connectionGateways/Delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Moves a Connection Gateway.", + "displayName": "Move Connection Gateway", + "name": "Microsoft.Web/connectionGateways/Move/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Joins a Connection Gateway.", + "displayName": "Join Connection Gateway", + "name": "Microsoft.Web/connectionGateways/Join/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Associates with a Connection Gateway.", + "displayName": "Associate with Connection Gateway", + "name": "Microsoft.Web/connectionGateways/Associate/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Lists status of a Connection Gateway.", + "displayName": "List Connection Gateway Status", + "name": "Microsoft.Web/connectionGateways/ListStatus/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get the list of Connections.", + "displayName": "Get Connections", + "name": "Microsoft.Web/connections/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Creates or updates a Connection.", + "displayName": "Add or Update Connection", + "name": "Microsoft.Web/connections/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Deletes a Connection.", + "displayName": "Delete Connection", + "name": "Microsoft.Web/connections/Delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Moves a Connection.", + "displayName": "Move Connection", + "name": "Microsoft.Web/connections/Move/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Joins a Connection.", + "displayName": "Join Connection", + "name": "Microsoft.Web/connections/Join/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Confirm Connections Consent Code.", + "displayName": "Confirm Connections Consent Code", + "name": "microsoft.web/connections/confirmconsentcode/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Consent Links for Connections.", + "displayName": "List Consent Links for Connections", + "name": "microsoft.web/connections/listconsentlinks/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Lists API Connections Keys.", + "displayName": "List API Connections Keys", + "name": "microsoft.web/connections/listConnectionKeys/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Revokes API Connections Keys.", + "displayName": "Revokes API Connections Keys", + "name": "microsoft.web/connections/revokeConnectionKeys/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Dynamic Invoke a Connection.", + "displayName": "Dynamic Invoke Connection.", + "name": "microsoft.web/connections/dynamicInvoke/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Gets the available metrics for API Connections", + "displayName": "Read API Connections metric definitions", + "name": "Microsoft.Web/connections/providers/Microsoft.Insights/metricDefinitions/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get the list of Custom API.", + "displayName": "Get Custom API", + "name": "Microsoft.Web/customApis/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Creates or updates a Custom API.", + "displayName": "Add or Update Custom API", + "name": "Microsoft.Web/customApis/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Deletes a Custom API.", + "displayName": "Delete Custom API", + "name": "Microsoft.Web/customApis/Delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Moves a Custom API.", + "displayName": "Move Custom API", + "name": "Microsoft.Web/customApis/Move/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Joins a Custom API.", + "displayName": "Join Custom API", + "name": "Microsoft.Web/customApis/Join/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Extracts API definition from a WSDL.", + "displayName": "Extract API definition from WSDL", + "name": "Microsoft.Web/customApis/extractApiDefinitionFromWsdl/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Lists WSDL interfaces for a Custom API.", + "displayName": "List Custom API WSDL interfaces", + "name": "Microsoft.Web/customApis/listWsdlInterfaces/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get the properties on an App Service Plan", + "displayName": "Get App Service Plan", + "name": "Microsoft.Web/serverfarms/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Create a new App Service Plan or update an existing one", + "displayName": "Create or Update App Service Plan", + "name": "Microsoft.Web/serverfarms/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete an existing App Service Plan", + "displayName": "Delete App Service Plan", + "name": "Microsoft.Web/serverfarms/Delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Joins an App Service Plan", + "displayName": "Join App Service Plan", + "name": "Microsoft.Web/serverfarms/Join/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Restart all Web Apps in an App Service Plan", + "displayName": "Restart Web Apps", + "name": "Microsoft.Web/serverfarms/restartSites/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get App Service Plans Capabilities.", + "displayName": "Get App Service Plans Capabilities", + "name": "microsoft.web/serverfarms/capabilities/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete App Service Plans First Party Apps Settings.", + "displayName": "Delete App Service Plans First Party Apps Settings", + "name": "microsoft.web/serverfarms/firstpartyapps/settings/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get App Service Plans First Party Apps Settings.", + "displayName": "Get App Service Plans First Party Apps Settings", + "name": "microsoft.web/serverfarms/firstpartyapps/settings/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Update App Service Plans First Party Apps Settings.", + "displayName": "Update App Service Plans First Party Apps Settings", + "name": "microsoft.web/serverfarms/firstpartyapps/settings/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get App Service Plans Hybrid Connection Namespaces Relays Web Apps.", + "displayName": "Get App Service Plans Hybrid Connection Namespaces Relays Web Apps", + "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/sites/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get App Service Plans Hybrid Connection Plan Limits.", + "displayName": "Get App Service Plans Hybrid Connection Plan Limits", + "name": "microsoft.web/serverfarms/hybridconnectionplanlimits/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get App Service Plans Hybrid Connection Relays.", + "displayName": "Get App Service Plans Hybrid Connection Relays", + "name": "microsoft.web/serverfarms/hybridconnectionrelays/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web App single connection string", - "displayName": "Delete Web App single connection string", - "name": "microsoft.web/sites/config/web/connectionstrings/delete", + "description": "Get App Service Plans Metric Definitions.", + "displayName": "Get App Service Plans Metric Definitions", + "name": "microsoft.web/serverfarms/metricdefinitions/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Slot's single connection string", - "displayName": "Get Web App Slot's single connection string", - "name": "microsoft.web/sites/slots/config/web/connectionstrings/read", + "description": "Get App Service Plans Metrics.", + "displayName": "Get App Service Plans Metrics", + "name": "microsoft.web/serverfarms/metrics/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Create or Update Web App Slot's single sonnection string", - "displayName": "Create or Update Web App Slot's single sonnection string", - "name": "microsoft.web/sites/slots/config/web/connectionstrings/write", + "description": "Get App Service Plans Operation Results.", + "displayName": "Get App Service Plans Operation Results", + "name": "microsoft.web/serverfarms/operationresults/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Delete Web App slot's single connection string", - "displayName": "Delete Web App slot's single connection string", - "name": "microsoft.web/sites/slots/config/web/connectionstrings/delete", + "description": "Get App Service Plans Web Apps.", + "displayName": "Get App Service Plans Web Apps", + "name": "microsoft.web/serverfarms/sites/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List the workflows in a Logic App.", - "displayName": "List the workflows in a Logic App", - "name": "microsoft.web/sites/workflows/read", + "description": "Get App Service Plans SKUs.", + "displayName": "Get App Service Plans SKUs", + "name": "microsoft.web/serverfarms/skus/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List the workflows in a deployment slot in a Logic App.", - "displayName": "List the workflows in a deployment slot in a Logic App", - "name": "microsoft.web/sites/slots/workflows/read", + "description": "Get App Service Plans Usages.", + "displayName": "Get App Service Plans Usages", + "name": "microsoft.web/serverfarms/usages/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get logic app's configuration information by its ID in a Logic App.", - "displayName": "Get logic app's configuration information by its ID in a Logic App", - "name": "microsoft.web/sites/workflowsconfiguration/read", + "description": "Update App Service Plans Virtual Network Connections Gateways.", + "displayName": "Update App Service Plans Virtual Network Connections Gateways", + "name": "microsoft.web/serverfarms/virtualnetworkconnections/gateways/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get logic app's configuration information by its ID in a deployment slot in a Logic App.", - "displayName": "Get logic app's configuration information by its ID in a deployment slot in a Logic App", - "name": "microsoft.web/sites/slots/workflowsconfiguration/read", + "description": "Get App Service Plans Virtual Network Connections.", + "displayName": "Get App Service Plans Virtual Network Connections", + "name": "microsoft.web/serverfarms/virtualnetworkconnections/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/operations/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Support/*", - "Microsoft.Web/*/read", - "Microsoft.Web/certificates/*", - "Microsoft.Web/connectionGateways/*", - "Microsoft.Web/connections/*", - "Microsoft.Web/customApis/*", - "Microsoft.Web/serverFarms/*", - "Microsoft.Web/sites/*" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "You can enable and disable the logic app, resubmit workflow runs, as well as create connections. You can't edit workflows or settings.", - "hasExternal": false, - "hasUnknown": false, - "name": "Logic Apps Standard Operator (Preview)", - "permittedActions": [ - { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" }, { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Delete App Service Plans Virtual Network Connections Routes.", + "displayName": "Delete App Service Plans Virtual Network Connections Routes", + "name": "microsoft.web/serverfarms/virtualnetworkconnections/routes/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Get App Service Plans Virtual Network Connections Routes.", + "displayName": "Get App Service Plans Virtual Network Connections Routes", + "name": "microsoft.web/serverfarms/virtualnetworkconnections/routes/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Update App Service Plans Virtual Network Connections Routes.", + "displayName": "Update App Service Plans Virtual Network Connections Routes", + "name": "microsoft.web/serverfarms/virtualnetworkconnections/routes/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Reboot App Service Plans Workers.", + "displayName": "Reboot App Service Plans Workers", + "name": "microsoft.web/serverfarms/workers/reboot/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Get App Service Plans Hybrid Connection Namespaces Relays.", + "displayName": "Get App Service Plans Hybrid Connection Namespaces Relays", + "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Delete App Service Plans Hybrid Connection Namespaces Relays.", + "displayName": "Delete App Service Plans Hybrid Connection Namespaces Relays", + "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Gets the diagnostic setting for the resource", + "displayName": "Read diagnostic setting", + "name": "microsoft.web/serverfarms/providers/Microsoft.Insights/diagnosticSettings/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Creates or updates the diagnostic setting for the resource", + "displayName": "Write diagnostic setting", + "name": "microsoft.web/serverfarms/providers/Microsoft.Insights/diagnosticSettings/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Gets the available metrics for App Service Plan", + "displayName": "Read App Service Plan metric definitions", + "name": "Microsoft.Web/serverfarms/providers/Microsoft.Insights/metricDefinitions/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Delete Event Grid Filter on server farm.", + "displayName": "Delete Event Grid Filter on server farm", + "name": "Microsoft.Web/serverfarms/eventGridFilters/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Get Event Grid Filter on server farm.", + "displayName": "Get Event Grid Filter on server farm", + "name": "Microsoft.Web/serverfarms/eventGridFilters/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Put Event Grid Filter on server farm.", + "displayName": "Put Event Grid Filter on server farm", + "name": "Microsoft.Web/serverfarms/eventGridFilters/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Get the list of recommendations for App Service Plan.", + "displayName": "Get recommendations for App Service Plan", + "name": "Microsoft.Web/serverfarms/recommendations/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Get first party Azure Key vault referenced settings for App Service Plan.", + "displayName": "Get App Service Plan Key Vault first party settings", + "name": "microsoft.web/serverfarms/firstpartyapps/keyvaultsettings/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Create or Update first party Azure Key vault referenced settings for App Service Plan.", + "displayName": "Create or Update App Service Plan Key Vault first party settings", + "name": "microsoft.web/serverfarms/firstpartyapps/keyvaultsettings/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Get the properties of a Web App", + "displayName": "Get Web App", + "name": "Microsoft.Web/sites/Read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Create a new Web App or update an existing one", + "displayName": "Create or Update Web App", + "name": "Microsoft.Web/sites/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Delete an existing Web App", + "displayName": "Delete Web App", + "name": "Microsoft.Web/sites/Delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Create a new web app backup", + "displayName": "Create Web App Backup", + "name": "Microsoft.Web/sites/backup/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Get publishing profile xml for a Web App", + "displayName": "Get Web App Publishing Profile", + "name": "Microsoft.Web/sites/publishxml/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Publish a Web App", + "displayName": "Publish Web App", + "name": "Microsoft.Web/sites/publish/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Restart a Web App", + "displayName": "Restart Web App", + "name": "Microsoft.Web/sites/restart/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Start a Web App", + "displayName": "Start Web App", + "name": "Microsoft.Web/sites/start/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Start Dev Session for a Web App", + "displayName": "Start Dev Session for a Web App", + "name": "Microsoft.Web/sites/startDevSession/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Stop a Web App", + "displayName": "Stop Web App", + "name": "Microsoft.Web/sites/stop/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Swap Web App deployment slots", + "displayName": "Swap Web App Slots", + "name": "Microsoft.Web/sites/slotsswap/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Create or update a classic metric alert", - "displayName": "Create or update classic metric alert", - "name": "Microsoft.Insights/AlertRules/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Get differences in configuration between web app and slots", + "displayName": "Get Web App Slots Differences", + "name": "Microsoft.Web/sites/slotsdiffs/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Delete a classic metric alert", - "displayName": "Delete classic metric alert", - "name": "Microsoft.Insights/AlertRules/Delete", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Apply web app slot configuration from target slot to the current web app", + "displayName": "Apply Web App Configuration", + "name": "Microsoft.Web/sites/applySlotConfig/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Read a classic metric alert", - "displayName": "Read classic metric alert", - "name": "Microsoft.Insights/AlertRules/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Reset web app configuration", + "displayName": "Reset Web App Configuration", + "name": "Microsoft.Web/sites/resetSlotConfig/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Classic metric alert activated", - "displayName": "Classic metric alert activated", - "name": "Microsoft.Insights/AlertRules/Activated/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Approve Private Endpoint Connections", + "displayName": "Approve Private Endpoint Connections", + "name": "Microsoft.Web/sites/PrivateEndpointConnectionsApproval/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Classic metric alert resolved", - "displayName": "Classic metric alert resolved", - "name": "Microsoft.Insights/AlertRules/Resolved/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Create the artifacts in a Logic App.", + "displayName": "Create the artifacts in a Logic App", + "name": "microsoft.web/sites/deployWorkflowArtifacts/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Classic metric alert rule throttled", - "displayName": "Classic metric alert rule throttled", - "name": "Microsoft.Insights/AlertRules/Throttled/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "List logic app's connections by its ID in a Logic App.", + "displayName": "List logic app's connections by its ID in a Logic App", + "name": "microsoft.web/sites/listworkflowsconnections/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Read a classic metric alert incident", - "displayName": "Read classic metric alert incidents", - "name": "Microsoft.Insights/AlertRules/Incidents/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Functions Web Apps.", + "displayName": "Functions Web Apps", + "name": "microsoft.web/sites/functions/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "List Sync Function Trigger Status.", + "displayName": "List Web Apps Sync Function Trigger Status", + "name": "microsoft.web/sites/listsyncfunctiontriggerstatus/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Get the subscription operation results.", - "displayName": "Get Subscription Operation Results", - "name": "Microsoft.Resources/subscriptions/operationresults/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Network Trace Web Apps.", + "displayName": "Network Trace Web Apps", + "name": "microsoft.web/sites/networktrace/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Newpassword Web Apps.", + "displayName": "Newpassword Web Apps", + "name": "microsoft.web/sites/newpassword/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Registers Support Resource Provider", - "displayName": "Registers Support Resource Provider", - "name": "Microsoft.Support/register/action", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" + "description": "Sync Web Apps.", + "displayName": "Sync Web Apps", + "name": "microsoft.web/sites/sync/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Looks up resource Id for resource type", - "displayName": "Look Up Resource Id", - "name": "Microsoft.Support/lookUpResourceId/action", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" + "description": "Migrate MySql Web Apps.", + "displayName": "Migrate MySql Web Apps", + "name": "microsoft.web/sites/migratemysql/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Checks that name is valid and not in use for resource type", - "displayName": "Check Name Availability", - "name": "Microsoft.Support/checkNameAvailability/action", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" + "description": "Recover Web Apps.", + "displayName": "Recover Web Apps", + "name": "microsoft.web/sites/recover/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Lists one or all support tickets", - "displayName": "Reads Support Ticket", - "name": "Microsoft.Support/supportTickets/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" + "description": "Restore Web Apps Snapshots.", + "displayName": "Restore Web Apps Snapshots", + "name": "microsoft.web/sites/restoresnapshot/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Allows creating and updating a support ticket", - "displayName": "Writes Support Ticket", - "name": "Microsoft.Support/supportTickets/write", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" + "description": "Restore Web Apps From Deleted App.", + "displayName": "Restore Web Apps From Deleted App", + "name": "microsoft.web/sites/restorefromdeletedapp/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Lists one or all Azure services available for support", - "displayName": "Reads Services", - "name": "Microsoft.Support/services/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" + "description": "Sync Function Triggers.", + "displayName": "Sync Web Apps Function Triggers", + "name": "microsoft.web/sites/syncfunctiontriggers/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Lists one or all problem classifications for an Azure service", - "displayName": "Reads Problem Classifications", - "name": "Microsoft.Support/services/problemClassifications/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" + "description": "Discovers an existing app backup that can be restored from a blob in Azure storage.", + "displayName": "Discovers an existing app backup", + "name": "microsoft.web/sites/backups/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Gets the result of the asynchronous operation", - "displayName": "Get Operation Result", - "name": "Microsoft.Support/operationresults/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" + "description": "Get Zipped Container Logs for Web App.", + "displayName": "Get Zipped Container Logs for Web App", + "name": "microsoft.web/sites/containerlogs/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Gets the status of the asynchronous operation", - "displayName": "Get Operation Status", - "name": "Microsoft.Support/operationsstatus/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" + "description": "Restore Web App From Backup Blob.", + "displayName": "Restore Web App From Backup Blob", + "name": "microsoft.web/sites/restorefrombackupblob/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Lists all operations available on Microsoft.Support resource provider", - "displayName": "Lists operations", - "name": "Microsoft.Support/operations/read", - "providerDisplayName": "Microsoft Support", - "providerName": "Microsoft.Support" + "description": "List Web App backups.", + "displayName": "List Web App backups", + "name": "microsoft.web/sites/listbackups/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" }, { - "description": "Get the properties of a Web App", - "displayName": "Get Web App", - "name": "Microsoft.Web/sites/Read", + "description": "Copy content from deployment slot.", + "displayName": "Copy content from deployment slot", + "name": "microsoft.web/sites/slotcopy/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of a Web App deployment slot", - "displayName": "Get Web App Deployment Slot", - "name": "Microsoft.Web/sites/slots/Read", + "description": "Create a new Web App Slot or update an existing one", + "displayName": "Create or Update Web App Slot", + "name": "Microsoft.Web/sites/slots/Write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Slot's configuration settings", - "displayName": "Get Web App Slot Configuration", - "name": "Microsoft.Web/sites/slots/config/Read", + "description": "Delete an existing Web App Slot", + "displayName": "Delete Web App Slot", + "name": "Microsoft.Web/sites/slots/Delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App configuration settings", - "displayName": "Get Web App Configuration", - "name": "Microsoft.Web/sites/config/Read", + "description": "Create new Web App Slot backup.", + "displayName": "Create Web App Slot Backup", + "name": "Microsoft.Web/sites/slots/backup/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App's source control configuration settings", - "displayName": "Get Web App Source Control Configuration", - "name": "Microsoft.Web/sites/sourcecontrols/Read", + "description": "Get publishing profile xml for Web App Slot", + "displayName": "Get Web App Slot Publishing Profile", + "name": "Microsoft.Web/sites/slots/publishxml/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Slot's source control configuration settings", - "displayName": "Get Web App Slot Source Control Configuration", - "name": "Microsoft.Web/sites/slots/sourcecontrols/Read", + "description": "Publish a Web App Slot", + "displayName": "Publish Web App Slot", + "name": "Microsoft.Web/sites/slots/publish/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of a web app's backup", - "displayName": "Get Web App Backup", - "name": "Microsoft.Web/sites/backups/Read", + "description": "Restart a Web App Slot", + "displayName": "Restart Web App Slot", + "name": "Microsoft.Web/sites/slots/restart/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of a web app slots' backup", - "displayName": "List Web App Slot Backups", - "name": "Microsoft.Web/sites/slots/backups/Read", + "description": "Start a Web App Slot", + "displayName": "Start Web App Slot", + "name": "Microsoft.Web/sites/slots/start/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties on an App Service Plan", - "displayName": "Get App Service Plan", - "name": "Microsoft.Web/serverfarms/Read", + "description": "Start Dev Session for Web App Slot", + "displayName": "Start Dev Session for Web App Slot", + "name": "Microsoft.Web/sites/slots/startDevSession/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the list of certificates.", - "displayName": "Get Certificates", - "name": "Microsoft.Web/certificates/Read", + "description": "Stop a Web App Slot", + "displayName": "Stop Web App Slot", + "name": "Microsoft.Web/sites/slots/stop/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the list of Geo regions.", - "displayName": "Get Geo Regions", - "name": "Microsoft.Web/geoRegions/Read", + "description": "Swap Web App deployment slots", + "displayName": "Swap Web App Slots", + "name": "Microsoft.Web/sites/slots/slotsswap/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get names of sites assigned to hostname.", - "displayName": "Get sites assigned to hostname", - "name": "Microsoft.Web/listSitesAssignedToHostName/Read", + "description": "Get differences in configuration between web app and slots", + "displayName": "Get Web App Slots Differences", + "name": "Microsoft.Web/sites/slots/slotsdiffs/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of an App Service Environment", - "displayName": "Get App Service Environment", - "name": "Microsoft.Web/hostingEnvironments/Read", + "description": "Apply web app slot configuration from target slot to the current slot.", + "displayName": "Apply Web App Slot Configuration", + "name": "Microsoft.Web/sites/slots/applySlotConfig/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of a FrontEnd Pool in an App Service Environment", - "displayName": "Get FrontEnd Pool", - "name": "Microsoft.Web/hostingEnvironments/multiRolePools/Read", + "description": "Reset web app slot configuration", + "displayName": "Reset Web App Slot Configuration", + "name": "Microsoft.Web/sites/slots/resetSlotConfig/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of a Worker Pool in an App Service Environment", - "displayName": "Get Worker Pool", - "name": "Microsoft.Web/hostingEnvironments/workerPools/Read", + "description": "Get the properties of a Web App deployment slot", + "displayName": "Get Web App Deployment Slot", + "name": "Microsoft.Web/sites/slots/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the list of Connections.", - "displayName": "Get Connections", - "name": "Microsoft.Web/connections/Read", + "description": "Create the artifacts in a deployment slot in a Logic App.", + "displayName": "Create the artifacts in a deployment slot in a Logic App", + "name": "microsoft.web/sites/slots/deployWorkflowArtifacts/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the list of Custom API.", - "displayName": "Get Custom API", - "name": "Microsoft.Web/customApis/Read", + "description": "List logic app's connections by its ID in a deployment slot in a Logic App.", + "displayName": "List logic app's connections by its ID in a deployment slot in a Logic App", + "name": "microsoft.web/sites/slots/listworkflowsconnections/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the list of Connection Gateways.", - "displayName": "Get Connection Gateways", - "name": "Microsoft.Web/connectionGateways/Read", + "description": "List Sync Function Trigger Status for deployment slot.", + "displayName": "List Web Apps Sync Function Trigger Status for deployment slot", + "name": "microsoft.web/sites/slots/listsyncfunctiontriggerstatus/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the list of recommendations for subscriptions.", - "displayName": "Get recommendations", - "name": "Microsoft.Web/recommendations/Read", + "description": "Newpassword Web Apps Slots.", + "displayName": "Newpassword Web Apps Slots", + "name": "microsoft.web/sites/slots/newpassword/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the list of recommendations for web app.", - "displayName": "Get recommendations for web app", - "name": "Microsoft.Web/sites/recommendations/Read", + "description": "Sync Web Apps Slots.", + "displayName": "Sync Web Apps Slots", + "name": "microsoft.web/sites/slots/sync/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Available Stacks.", - "displayName": "Get Available Stacks", - "name": "microsoft.web/availablestacks/read", + "description": "Sync Function Triggers for deployment slot.", + "displayName": "Sync Web Apps Function Triggers for deployment slot", + "name": "microsoft.web/sites/slots/syncfunctiontriggers/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Check if resource name is available.", - "displayName": "Get Check Name Availability", - "name": "microsoft.web/checknameavailability/read", + "description": "Network Trace Web Apps Slots.", + "displayName": "Network Trace Web Apps Slots", + "name": "microsoft.web/sites/slots/networktrace/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Classic Mobile Services.", - "displayName": "Get Classic Mobile Services", - "name": "microsoft.web/classicmobileservices/read", + "description": "Recover Web Apps Slots.", + "displayName": "Recover Web Apps Slots", + "name": "microsoft.web/sites/slots/recover/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Deployment Locations.", - "displayName": "Get Deployment Locations", - "name": "microsoft.web/deploymentlocations/read", + "description": "Restore Web Apps Slots Snapshots.", + "displayName": "Restore Web Apps Slots Snapshots", + "name": "microsoft.web/sites/slots/restoresnapshot/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Hosting Environments Capacities.", - "displayName": "Get Hosting Environments Capacities", - "name": "microsoft.web/hostingenvironments/capacities/read", + "description": "Restore Web App Slots From Deleted App.", + "displayName": "Restore Web App Slots From Deleted App", + "name": "microsoft.web/sites/slots/restorefromdeletedapp/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Hosting Environments Diagnostics.", - "displayName": "Get Hosting Environments Diagnostics", - "name": "microsoft.web/hostingenvironments/diagnostics/read", + "description": "Discover Web Apps Slots Backups.", + "displayName": "Discover Web Apps Slots Backups", + "name": "microsoft.web/sites/slots/backups/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Hosting Environments Metric Definitions.", - "displayName": "Get Hosting Environments Metric Definitions", - "name": "microsoft.web/hostingenvironments/metricdefinitions/read", + "description": "Get Zipped Container Logs for Web App Slot.", + "displayName": "Get Zipped Container Logs for Web App Slot", + "name": "microsoft.web/sites/slots/containerlogs/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Hosting Environments MultiRole Pools Metric Definitions.", - "displayName": "Get Hosting Environments MultiRole Pools Metric Definitions", - "name": "microsoft.web/hostingenvironments/multirolepools/metricdefinitions/read", + "description": "Restore Web Apps Slot From Backup Blob.", + "displayName": "Restore Web Apps Slot From Backup Blob", + "name": "microsoft.web/sites/slots/restorefrombackupblob/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Hosting Environments MultiRole Pools Metrics.", - "displayName": "Get Hosting Environments MultiRole Pools Metrics", - "name": "microsoft.web/hostingenvironments/multirolepools/metrics/read", + "description": "List Web App Slot backups.", + "displayName": "List Web App Slot backups", + "name": "microsoft.web/sites/slots/listbackups/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Hosting Environments MultiRole Pools SKUs.", - "displayName": "Get Hosting Environments MultiRole Pools SKUs", - "name": "microsoft.web/hostingenvironments/multirolepools/skus/read", + "description": "Copy content from one deployment slot to another.", + "displayName": "Copy content from one deployment slot to another", + "name": "microsoft.web/sites/slots/slotcopy/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Hosting Environments MultiRole Pools Usages.", - "displayName": "Get Hosting Environments MultiRole Pools Usages", - "name": "microsoft.web/hostingenvironments/multirolepools/usages/read", + "description": "Get Web App Slot's configuration settings", + "displayName": "Get Web App Slot Configuration", + "name": "Microsoft.Web/sites/slots/config/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Hosting Environments Operations.", - "displayName": "Get Hosting Environments Operations", - "name": "microsoft.web/hostingenvironments/operations/read", + "description": "List Web App Slot's security sensitive settings, such as publishing credentials, app settings and connection strings", + "displayName": "List Web App Slot Security Sensitive Settings", + "name": "Microsoft.Web/sites/slots/config/list/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Hosting Environments App Service Plans.", - "displayName": "Get Hosting Environments App Service Plans", - "name": "microsoft.web/hostingenvironments/serverfarms/read", + "description": "Update Web App Slot's configuration settings", + "displayName": "Update Web App Slot Configuration", + "name": "Microsoft.Web/sites/slots/config/Write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Hosting Environments Web Apps.", - "displayName": "Get Hosting Environments Web Apps", - "name": "microsoft.web/hostingenvironments/sites/read", + "description": "Delete Web Apps Slots Config.", + "displayName": "Delete Web Apps Slots Config", + "name": "microsoft.web/sites/slots/config/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Hosting Environments Usages.", - "displayName": "Get Hosting Environments Usages", - "name": "microsoft.web/hostingenvironments/usages/read", + "description": "Validate upgrade path for Web App.", + "displayName": "Validate upgrade path for Web App", + "name": "microsoft.web/sites/slots/config/validateupgradepath/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Hosting Environments Workerpools Metric Definitions.", - "displayName": "Get Hosting Environments Workerpools Metric Definitions", - "name": "microsoft.web/hostingenvironments/workerpools/metricdefinitions/read", + "description": "Get Web App configuration settings", + "displayName": "Get Web App Configuration", + "name": "Microsoft.Web/sites/config/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Hosting Environments Workerpools Metrics.", - "displayName": "Get Hosting Environments Workerpools Metrics", - "name": "microsoft.web/hostingenvironments/workerpools/metrics/read", + "description": "List Web App's security sensitive settings, such as publishing credentials, app settings and connection strings", + "displayName": "List Web App Security Sensitive Settings", + "name": "Microsoft.Web/sites/config/list/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Hosting Environments Workerpools SKUs.", - "displayName": "Get Hosting Environments Workerpools SKUs", - "name": "microsoft.web/hostingenvironments/workerpools/skus/read", + "description": "Update Web App's configuration settings", + "displayName": "Update Web App Configuration", + "name": "Microsoft.Web/sites/config/Write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Hosting Environments Workerpools Usages.", - "displayName": "Get Hosting Environments Workerpools Usages", - "name": "microsoft.web/hostingenvironments/workerpools/usages/read", + "description": "Delete Web Apps Config.", + "displayName": "Delete Web Apps Config", + "name": "microsoft.web/sites/config/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get if Hosting Environment Name is available.", - "displayName": "Check if Hosting Environment Name is available", - "name": "microsoft.web/ishostingenvironmentnameavailable/read", + "description": "Get Web App's source control configuration settings", + "displayName": "Get Web App Source Control Configuration", + "name": "Microsoft.Web/sites/sourcecontrols/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Check if Hostname is Available.", - "displayName": "Check if Hostname is Available", - "name": "microsoft.web/ishostnameavailable/read", + "description": "Update Web App's source control configuration settings", + "displayName": "Update Web App Source Control Configuration", + "name": "Microsoft.Web/sites/sourcecontrols/Write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Check if Username is available.", - "displayName": "Check if Username is available", - "name": "microsoft.web/isusernameavailable/read", + "description": "Delete Web App's source control configuration settings", + "displayName": "Delete Web App Source Control Configuration", + "name": "Microsoft.Web/sites/sourcecontrols/Delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Locations API Operations.", - "displayName": "Get Locations API Operations", - "name": "microsoft.web/locations/apioperations/read", + "description": "Get Web App Slot's source control configuration settings", + "displayName": "Get Web App Slot Source Control Configuration", + "name": "Microsoft.Web/sites/slots/sourcecontrols/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Locations Connection Gateway Installations.", - "displayName": "Get Locations Connection Gateway Installations", - "name": "microsoft.web/locations/connectiongatewayinstallations/read", + "description": "Update Web App Slot's source control configuration settings", + "displayName": "Update Web App Slot Source Control Configuration", + "name": "Microsoft.Web/sites/slots/sourcecontrols/Write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Locations Managed APIs.", - "displayName": "Get Locations Managed APIs", - "name": "microsoft.web/locations/managedapis/read", + "description": "Delete Web App Slot's source control configuration settings", + "displayName": "Delete Web App Slot Source Control Configuration", + "name": "Microsoft.Web/sites/slots/sourcecontrols/Delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Locations Managed API Operations.", - "displayName": "Get Locations Managed API Operations", - "name": "microsoft.web/locations/managedapis/apioperations/read", + "description": "Get the properties of a web app's backup", + "displayName": "Get Web App Backup", + "name": "Microsoft.Web/sites/backups/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Operations.", - "displayName": "Get Operations", - "name": "microsoft.web/operations/read", + "description": "List Web Apps Backups.", + "displayName": "List Web Apps Backups", + "name": "microsoft.web/sites/backups/list/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Publishing Users.", - "displayName": "Get Publishing Users", - "name": "microsoft.web/publishingusers/read", + "description": "Restore Web Apps Backups.", + "displayName": "Restore Web Apps Backups", + "name": "microsoft.web/sites/backups/restore/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Capabilities.", - "displayName": "Get App Service Plans Capabilities", - "name": "microsoft.web/serverfarms/capabilities/read", + "description": "Delete Web Apps Backups.", + "displayName": "Delete Web Apps Backups", + "name": "microsoft.web/sites/backups/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans First Party Apps Settings.", - "displayName": "Get App Service Plans First Party Apps Settings", - "name": "microsoft.web/serverfarms/firstpartyapps/settings/read", + "description": "Update Web Apps Backups.", + "displayName": "Update Web Apps Backups", + "name": "microsoft.web/sites/backups/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Hybrid Connection Namespaces Relays Web Apps.", - "displayName": "Get App Service Plans Hybrid Connection Namespaces Relays Web Apps", - "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/sites/read", + "description": "Get the properties of a web app slots' backup", + "displayName": "List Web App Slot Backups", + "name": "Microsoft.Web/sites/slots/backups/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Hybrid Connection Plan Limits.", - "displayName": "Get App Service Plans Hybrid Connection Plan Limits", - "name": "microsoft.web/serverfarms/hybridconnectionplanlimits/read", + "description": "List Web Apps Slots Backups.", + "displayName": "List Web Apps Slots Backups", + "name": "microsoft.web/sites/slots/backups/list/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Hybrid Connection Relays.", - "displayName": "Get App Service Plans Hybrid Connection Relays", - "name": "microsoft.web/serverfarms/hybridconnectionrelays/read", + "description": "Restore Web Apps Slots Backups.", + "displayName": "Restore Web Apps Slots Backups", + "name": "microsoft.web/sites/slots/backups/restore/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Metric Definitions.", - "displayName": "Get App Service Plans Metric Definitions", - "name": "microsoft.web/serverfarms/metricdefinitions/read", + "description": "Delete Web Apps Slots Backups.", + "displayName": "Delete Web Apps Slots Backups", + "name": "microsoft.web/sites/slots/backups/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Metrics.", - "displayName": "Get App Service Plans Metrics", - "name": "microsoft.web/serverfarms/metrics/read", + "description": "Get the list of recommendations for web app.", + "displayName": "Get recommendations for web app", + "name": "Microsoft.Web/sites/recommendations/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Operation Results.", - "displayName": "Get App Service Plans Operation Results", - "name": "microsoft.web/serverfarms/operationresults/read", + "description": "Disable Web Apps Recommendations.", + "displayName": "Disable Web Apps Recommendations", + "name": "microsoft.web/sites/recommendations/disable/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Web Apps.", - "displayName": "Get App Service Plans Web Apps", - "name": "microsoft.web/serverfarms/sites/read", + "description": "Analyze Custom Hostname.", + "displayName": "Analyze Custom Hostname", + "name": "microsoft.web/sites/analyzecustomhostname/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans SKUs.", - "displayName": "Get App Service Plans SKUs", - "name": "microsoft.web/serverfarms/skus/read", + "description": "Get Web Apps Backup.", + "displayName": "Get Web Apps Backup", + "name": "microsoft.web/sites/backup/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Usages.", - "displayName": "Get App Service Plans Usages", - "name": "microsoft.web/serverfarms/usages/read", + "description": "Update Web Apps Backup.", + "displayName": "Update Web Apps Backup", + "name": "microsoft.web/sites/backup/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Virtual Network Connections.", - "displayName": "Get App Service Plans Virtual Network Connections", - "name": "microsoft.web/serverfarms/virtualnetworkconnections/read", + "description": "Delete Web Apps Continuous Web Jobs.", + "displayName": "Delete Web Apps Continuous Web Jobs", + "name": "microsoft.web/sites/continuouswebjobs/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Virtual Network Connections Routes.", - "displayName": "Get App Service Plans Virtual Network Connections Routes", - "name": "microsoft.web/serverfarms/virtualnetworkconnections/routes/read", + "description": "Get Web Apps Continuous Web Jobs.", + "displayName": "Get Web Apps Continuous Web Jobs", + "name": "microsoft.web/sites/continuouswebjobs/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Analyze Custom Hostname.", - "displayName": "Analyze Custom Hostname", - "name": "microsoft.web/sites/analyzecustomhostname/read", + "description": "Start Web Apps Continuous Web Jobs.", + "displayName": "Start Web Apps Continuous Web Jobs", + "name": "microsoft.web/sites/continuouswebjobs/start/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web Apps Backup.", - "displayName": "Get Web Apps Backup", - "name": "microsoft.web/sites/backup/read", + "description": "Stop Web Apps Continuous Web Jobs.", + "displayName": "Stop Web Apps Continuous Web Jobs", + "name": "microsoft.web/sites/continuouswebjobs/stop/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web Apps Continuous Web Jobs.", - "displayName": "Get Web Apps Continuous Web Jobs", - "name": "microsoft.web/sites/continuouswebjobs/read", + "description": "Delete Web Apps Deployments.", + "displayName": "Delete Web Apps Deployments", + "name": "microsoft.web/sites/deployments/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1146452,6 +1148805,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Deployments.", + "displayName": "Update Web Apps Deployments", + "name": "microsoft.web/sites/deployments/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Deployments Log.", "displayName": "Get Web Apps Deployments Log", @@ -1146543,6 +1148903,41 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Domain Ownership Identifiers.", + "displayName": "Update Web Apps Domain Ownership Identifiers", + "name": "microsoft.web/sites/domainownershipidentifiers/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Domain Ownership Identifiers.", + "displayName": "Delete Web Apps Domain Ownership Identifiers", + "name": "microsoft.web/sites/domainownershipidentifiers/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Functions.", + "displayName": "Delete Web Apps Functions", + "name": "microsoft.web/sites/functions/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Function secrets.", + "displayName": "List Web Apps Functions Secrets", + "name": "microsoft.web/sites/functions/listsecrets/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Function keys.", + "displayName": "List Web Apps Functions Keys", + "name": "microsoft.web/sites/functions/listkeys/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Functions.", "displayName": "Get Web Apps Functions", @@ -1146550,6 +1148945,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Functions.", + "displayName": "Update Web Apps Functions", + "name": "microsoft.web/sites/functions/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Hostname Bindings.", + "displayName": "Delete Web Apps Hostname Bindings", + "name": "microsoft.web/sites/hostnamebindings/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Hostname Bindings.", "displayName": "Get Web Apps Hostname Bindings", @@ -1146557,6 +1148966,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Hostname Bindings.", + "displayName": "Update Web Apps Hostname Bindings", + "name": "microsoft.web/sites/hostnamebindings/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Hybrid Connection.", + "displayName": "Delete Web Apps Hybrid Connection", + "name": "microsoft.web/sites/hybridconnection/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Hybrid Connection.", "displayName": "Get Web Apps Hybrid Connection", @@ -1146564,6 +1148987,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Hybrid Connection.", + "displayName": "Update Web Apps Hybrid Connection", + "name": "microsoft.web/sites/hybridconnection/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Hybrid Connection Relays.", "displayName": "Get Web Apps Hybrid Connection Relays", @@ -1146578,6 +1149008,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Instances Deployments.", + "displayName": "Delete Web Apps Instances Deployments", + "name": "microsoft.web/sites/instances/deployments/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Instances Processes.", + "displayName": "Delete Web Apps Instances Processes", + "name": "microsoft.web/sites/instances/processes/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Instances Processes.", "displayName": "Get Web Apps Instances Processes", @@ -1146620,6 +1149064,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Premier Addons.", + "displayName": "Delete Web Apps Premier Addons", + "name": "microsoft.web/sites/premieraddons/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Premier Addons.", "displayName": "Get Web Apps Premier Addons", @@ -1146627,6 +1149078,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Premier Addons.", + "displayName": "Update Web Apps Premier Addons", + "name": "microsoft.web/sites/premieraddons/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Publishing XML.", "displayName": "Get Web Apps Publishing XML", @@ -1146648,6 +1149106,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Restore Web Apps.", + "displayName": "Restore Web Apps", + "name": "microsoft.web/sites/restore/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Analyze Custom Hostname.", "displayName": "Get Web Apps Slots Analyze Custom Hostname", @@ -1146655,6 +1149120,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Slots Backup.", + "displayName": "Update Web Apps Slots Backup", + "name": "microsoft.web/sites/slots/backup/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Backup.", "displayName": "Get Web Apps Slots Backup", @@ -1146662,6 +1149134,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Slots Continuous Web Jobs.", + "displayName": "Delete Web Apps Slots Continuous Web Jobs", + "name": "microsoft.web/sites/slots/continuouswebjobs/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Continuous Web Jobs.", "displayName": "Get Web Apps Slots Continuous Web Jobs", @@ -1146669,6 +1149148,27 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Start Web Apps Slots Continuous Web Jobs.", + "displayName": "Start Web Apps Slots Continuous Web Jobs", + "name": "microsoft.web/sites/slots/continuouswebjobs/start/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Stop Web Apps Slots Continuous Web Jobs.", + "displayName": "Stop Web Apps Slots Continuous Web Jobs", + "name": "microsoft.web/sites/slots/continuouswebjobs/stop/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Slots Deployments.", + "displayName": "Delete Web Apps Slots Deployments", + "name": "microsoft.web/sites/slots/deployments/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Deployments.", "displayName": "Get Web Apps Slots Deployments", @@ -1146676,6 +1149176,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Slots Deployments.", + "displayName": "Update Web Apps Slots Deployments", + "name": "microsoft.web/sites/slots/deployments/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Deployments Log.", "displayName": "Get Web Apps Slots Deployments Log", @@ -1146683,6 +1149190,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Slots Hostname Bindings.", + "displayName": "Delete Web Apps Slots Hostname Bindings", + "name": "microsoft.web/sites/slots/hostnamebindings/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Hostname Bindings.", "displayName": "Get Web Apps Slots Hostname Bindings", @@ -1146690,6 +1149204,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Slots Hostname Bindings.", + "displayName": "Update Web Apps Slots Hostname Bindings", + "name": "microsoft.web/sites/slots/hostnamebindings/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Slots Hybrid Connection.", + "displayName": "Delete Web Apps Slots Hybrid Connection", + "name": "microsoft.web/sites/slots/hybridconnection/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Hybrid Connection.", "displayName": "Get Web Apps Slots Hybrid Connection", @@ -1146697,6 +1149225,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Slots Hybrid Connection.", + "displayName": "Update Web Apps Slots Hybrid Connection", + "name": "microsoft.web/sites/slots/hybridconnection/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Instances Deployments.", "displayName": "Get Web Apps Slots Instances Deployments", @@ -1146711,6 +1149246,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Slots Instances Processes.", + "displayName": "Delete Web Apps Slots Instances Processes", + "name": "microsoft.web/sites/slots/instances/processes/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Instances.", "displayName": "Get Web Apps Slots Instances", @@ -1146746,6 +1149288,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Slots Premier Addons.", + "displayName": "Delete Web Apps Slots Premier Addons", + "name": "microsoft.web/sites/slots/premieraddons/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Premier Addons.", "displayName": "Get Web Apps Slots Premier Addons", @@ -1146753,6 +1149302,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Slots Premier Addons.", + "displayName": "Update Web Apps Slots Premier Addons", + "name": "microsoft.web/sites/slots/premieraddons/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Restore.", "displayName": "Get Web Apps Slots Restore", @@ -1146760,6 +1149316,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Restore Web Apps Slots.", + "displayName": "Restore Web Apps Slots", + "name": "microsoft.web/sites/slots/restore/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Delete Web Apps Slots Triggered WebJobs.", + "displayName": "Delete Web Apps Slots Triggered WebJobs", + "name": "microsoft.web/sites/slots/triggeredwebjobs/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Triggered WebJobs.", "displayName": "Get Web Apps Slots Triggered WebJobs", @@ -1146767,6 +1149337,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Run Web Apps Slots Triggered WebJobs.", + "displayName": "Run Web Apps Slots Triggered WebJobs", + "name": "microsoft.web/sites/slots/triggeredwebjobs/run/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Usages.", "displayName": "Get Web Apps Slots Usages", @@ -1146774,6 +1149351,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Slots Virtual Network Connections.", + "displayName": "Delete Web Apps Slots Virtual Network Connections", + "name": "microsoft.web/sites/slots/virtualnetworkconnections/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Virtual Network Connections.", "displayName": "Get Web Apps Slots Virtual Network Connections", @@ -1146781,6 +1149365,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Slots Virtual Network Connections.", + "displayName": "Update Web Apps Slots Virtual Network Connections", + "name": "microsoft.web/sites/slots/virtualnetworkconnections/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Update Web Apps Slots Virtual Network Connections Gateways.", + "displayName": "Update Web Apps Slots Virtual Network Connections Gateways", + "name": "microsoft.web/sites/slots/virtualnetworkconnections/gateways/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots WebJobs.", "displayName": "Get Web Apps Slots WebJobs", @@ -1146795,6 +1149393,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Triggered WebJobs.", + "displayName": "Delete Web Apps Triggered WebJobs", + "name": "microsoft.web/sites/triggeredwebjobs/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Triggered WebJobs.", "displayName": "Get Web Apps Triggered WebJobs", @@ -1146802,6 +1149407,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Run Web Apps Triggered WebJobs.", + "displayName": "Run Web Apps Triggered WebJobs", + "name": "microsoft.web/sites/triggeredwebjobs/run/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Usages.", "displayName": "Get Web Apps Usages", @@ -1146809,6 +1149421,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Virtual Network Connections.", + "displayName": "Delete Web Apps Virtual Network Connections", + "name": "microsoft.web/sites/virtualnetworkconnections/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Virtual Network Connections.", "displayName": "Get Web Apps Virtual Network Connections", @@ -1146816,6 +1149435,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Virtual Network Connections.", + "displayName": "Update Web Apps Virtual Network Connections", + "name": "microsoft.web/sites/virtualnetworkconnections/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Virtual Network Connections Gateways.", "displayName": "Get Web Apps Virtual Network Connections Gateways", @@ -1146823,6 +1149449,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Virtual Network Connections Gateways.", + "displayName": "Update Web Apps Virtual Network Connections Gateways", + "name": "microsoft.web/sites/virtualnetworkconnections/gateways/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps WebJobs.", "displayName": "Get Web Apps WebJobs", @@ -1146831,23 +1149464,23 @@ "providerName": "microsoft.web" }, { - "description": "Get SKUs.", - "displayName": "Get SKUs", - "name": "microsoft.web/skus/read", + "description": "Delete Web Apps Hybrid Connection Namespaces Relays.", + "displayName": "Delete Web Apps Hybrid Connection Namespaces Relays", + "name": "microsoft.web/sites/hybridconnectionnamespaces/relays/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Source Controls.", - "displayName": "Get Source Controls", - "name": "microsoft.web/sourcecontrols/read", + "description": "List Keys Web Apps Hybrid Connection Namespaces Relays.", + "displayName": "List Keys Web Apps Hybrid Connection Namespaces Relays", + "name": "microsoft.web/sites/hybridconnectionnamespaces/relays/listkeys/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Plans Hybrid Connection Namespaces Relays.", - "displayName": "Get App Service Plans Hybrid Connection Namespaces Relays", - "name": "microsoft.web/serverfarms/hybridconnectionnamespaces/relays/read", + "description": "Update Web Apps Hybrid Connection Namespaces Relays.", + "displayName": "Update Web Apps Hybrid Connection Namespaces Relays", + "name": "microsoft.web/sites/hybridconnectionnamespaces/relays/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1146873,9 +1149506,9 @@ "providerName": "microsoft.web" }, { - "description": "Get the properties of a Deleted Web App", - "displayName": "Get Deleted Web App", - "name": "Microsoft.Web/deletedSites/Read", + "description": "Delete Web Apps Site Extensions.", + "displayName": "Delete Web Apps Site Extensions", + "name": "microsoft.web/sites/siteextensions/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1146886,6 +1149519,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Site Extensions.", + "displayName": "Update Web Apps Site Extensions", + "name": "microsoft.web/sites/siteextensions/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Hybrid Connection Relays.", "displayName": "Get Web Apps Slots Hybrid Connection Relays", @@ -1146893,6 +1149533,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Slots Site Extensions.", + "displayName": "Delete Web Apps Slots Site Extensions", + "name": "microsoft.web/sites/slots/siteextensions/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Site Extensions.", "displayName": "Get Web Apps Slots Site Extensions", @@ -1146900,6 +1149547,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Slots Site Extensions.", + "displayName": "Update Web Apps Slots Site Extensions", + "name": "microsoft.web/sites/slots/siteextensions/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Snapshots.", "displayName": "Get Web Apps Slots Snapshots", @@ -1147013,79 +1149667,51 @@ "providerName": "microsoft.web" }, { - "description": "Get Web Apps Slots Operations.", - "displayName": "Get Web Apps Slots Operations", - "name": "microsoft.web/sites/slots/operations/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web Apps Slots Performance Counters.", - "displayName": "Get Web Apps Slots Performance Counters", - "name": "microsoft.web/sites/slots/perfcounters/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web Apps Slots Resource Health Metadata.", - "displayName": "Get Web Apps Slots Resource Health Metadata", - "name": "microsoft.web/sites/slots/resourcehealthmetadata/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Api Management Accounts Apiacls.", - "displayName": "Get Api Management Accounts Apiacls", - "name": "microsoft.web/apimanagementaccounts/apiacls/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Api Management Accounts APIs Connections.", - "displayName": "Get Api Management Accounts APIs Connections", - "name": "microsoft.web/apimanagementaccounts/apis/connections/read", + "description": "Update Web App Slots Domain Ownership Identifiers.", + "displayName": "Update Web App Slots Domain Ownership Identifiers", + "name": "microsoft.web/sites/slots/domainownershipidentifiers/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Api Management Accounts APIs.", - "displayName": "Get Api Management Accounts APIs", - "name": "microsoft.web/apimanagementaccounts/apis/read", + "description": "Delete Web App Slots Domain Ownership Identifiers.", + "displayName": "Delete Web App Slots Ownership Identifiers", + "name": "microsoft.web/sites/slots/domainownershipidentifiers/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Api Management Accounts Connectionacls.", - "displayName": "Get Api Management Accounts Connectionacls", - "name": "microsoft.web/apimanagementaccounts/connectionacls/read", + "description": "Delete Web Apps Slots Hybrid Connection Namespaces Relays.", + "displayName": "Delete Web Apps Slots Hybrid Connection Namespaces Relays", + "name": "microsoft.web/sites/slots/hybridconnectionnamespaces/relays/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Api Management Accounts APIs Apiacls.", - "displayName": "Get Api Management Accounts APIs Apiacls", - "name": "microsoft.web/apimanagementaccounts/apis/apiacls/read", + "description": "Update Web Apps Slots Hybrid Connection Namespaces Relays.", + "displayName": "Update Web Apps Slots Hybrid Connection Namespaces Relays", + "name": "microsoft.web/sites/slots/hybridconnectionnamespaces/relays/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Api Management Accounts APIs Connectionacls.", - "displayName": "Get Api Management Accounts APIs Connectionacls", - "name": "microsoft.web/apimanagementaccounts/apis/connectionacls/read", + "description": "Get Web Apps Slots Operations.", + "displayName": "Get Web Apps Slots Operations", + "name": "microsoft.web/sites/slots/operations/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Api Management Accounts APIs Connections Connectionacls.", - "displayName": "Get Api Management Accounts APIs Connections Connectionacls", - "name": "microsoft.web/apimanagementaccounts/apis/connections/connectionacls/read", + "description": "Get Web Apps Slots Performance Counters.", + "displayName": "Get Web Apps Slots Performance Counters", + "name": "microsoft.web/sites/slots/perfcounters/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Api Management Accounts APIs Localized Definitions.", - "displayName": "Get Api Management Accounts APIs Localized Definitions", - "name": "microsoft.web/apimanagementaccounts/apis/localizeddefinitions/read", + "description": "Get Web Apps Slots Resource Health Metadata.", + "displayName": "Get Web Apps Slots Resource Health Metadata", + "name": "microsoft.web/sites/slots/resourcehealthmetadata/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1147187,6 +1149813,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Public Certificates.", + "displayName": "Delete Web Apps Public Certificates", + "name": "microsoft.web/sites/publiccertificates/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Public Certificates.", "displayName": "Get Web Apps Public Certificates", @@ -1147194,6 +1149827,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Public Certificates.", + "displayName": "Update Web Apps Public Certificates", + "name": "microsoft.web/sites/publiccertificates/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Diagnostics Autoheal.", "displayName": "Get Web Apps Diagnostics Autoheal", @@ -1147244,30 +1149884,23 @@ "providerName": "microsoft.web" }, { - "description": "Gets the diagnostic setting for the resource", - "displayName": "Read diagnostic setting", - "name": "microsoft.web/sites/slots/providers/Microsoft.Insights/diagnosticSettings/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Gets the diagnostic setting for the resource", - "displayName": "Read diagnostic setting", - "name": "microsoft.web/serverfarms/providers/Microsoft.Insights/diagnosticSettings/read", + "description": "Creates or updates the diagnostic setting for the resource", + "displayName": "Write diagnostic setting", + "name": "microsoft.web/sites/providers/Microsoft.Insights/diagnosticSettings/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { "description": "Gets the diagnostic setting for the resource", "displayName": "Read diagnostic setting", - "name": "microsoft.web/hostingenvironments/providers/Microsoft.Insights/diagnosticSettings/read", + "name": "microsoft.web/sites/slots/providers/Microsoft.Insights/diagnosticSettings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get list of billing meters.", - "displayName": "Read billing meters", - "name": "microsoft.web/billingmeters/read", + "description": "Creates or updates the diagnostic setting for the resource", + "displayName": "Write diagnostic setting", + "name": "microsoft.web/sites/slots/providers/Microsoft.Insights/diagnosticSettings/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1147285,6 +1149918,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Run Web Apps Diagnostics Detector.", + "displayName": "Run Web Apps Diagnostics Detector", + "name": "microsoft.web/sites/diagnostics/detectors/execute/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Diagnostics Analysis.", "displayName": "Get Web Apps Diagnostics Analysis", @@ -1147292,6 +1149932,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Run Web Apps Diagnostics Analysis.", + "displayName": "Run Web Apps Diagnostics Analysis", + "name": "microsoft.web/sites/diagnostics/analyses/execute/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Diagnostics Analysis.", "displayName": "Get Web Apps Slots Diagnostics Analysis", @@ -1147299,6 +1149946,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Run Web Apps Slots Diagnostics Analysis.", + "displayName": "Run Web Apps Slots Diagnostics Analysis", + "name": "microsoft.web/sites/slots/diagnostics/analyses/execute/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Diagnostics Detector.", "displayName": "Get Web Apps Slots Diagnostics Detector", @@ -1147307,9 +1149961,9 @@ "providerName": "microsoft.web" }, { - "description": "Get Resource Health Metadata.", - "displayName": "Get Resource Health Metadata", - "name": "microsoft.web/resourcehealthmetadata/read", + "description": "Run Web Apps Slots Diagnostics Detector.", + "displayName": "Run Web Apps Slots Diagnostics Detector", + "name": "microsoft.web/sites/slots/diagnostics/detectors/execute/Action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1147321,16 +1149975,16 @@ "providerName": "microsoft.web" }, { - "description": "Get the network endpoints of all inbound dependencies.", - "displayName": "Get the network endpoints of all inbound dependencies", - "name": "microsoft.web/hostingenvironments/inboundnetworkdependenciesendpoints/read", + "description": "Create or Update Web Apps Slots Public Certificates.", + "displayName": "Write Web Apps Slots Public Certificates", + "name": "microsoft.web/sites/slots/publiccertificates/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the network endpoints of all outbound dependencies.", - "displayName": "Get the network endpoints of all outbound dependencies", - "name": "microsoft.web/hostingenvironments/outboundnetworkdependenciesendpoints/read", + "description": "Delete Web Apps Slots Public Certificates.", + "displayName": "Delete Web Apps Slots Public Certificates", + "name": "microsoft.web/sites/slots/publiccertificates/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1147348,13 +1150002,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Get Hosting Environments Detectors.", - "displayName": "Get Hosting Environments Detectors", - "name": "microsoft.web/hostingenvironments/detectors/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Detectors.", "displayName": "Get Web Apps Detectors", @@ -1147362,13 +1150009,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Gets the available metrics for App Service Plan", - "displayName": "Read App Service Plan metric definitions", - "name": "Microsoft.Web/serverfarms/providers/Microsoft.Insights/metricDefinitions/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Gets the available metrics for Web App", "displayName": "Read Web App metric definitions", @@ -1147383,20 +1150023,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Gets the available metrics for App Service Environment MultiRole", - "displayName": "Read App Service Environment MultiRole metric definitions", - "name": "Microsoft.Web/hostingEnvironments/multiRolePools/providers/Microsoft.Insights/metricDefinitions/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Gets the available metrics for App Service Environment WorkerPool", - "displayName": "Read App Service Environment WorkerPool metric definitions", - "name": "Microsoft.Web/hostingEnvironments/workerPools/providers/Microsoft.Insights/metricDefinitions/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web Apps Instances Processes Threads.", "displayName": "Get Web Apps Instances Processes Threads", @@ -1147425,6 +1150051,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Perform Function App runtime action like sync triggers, add functions, invoke functions, delete functions etc.", + "displayName": "Perform Function App runtime action", + "name": "Microsoft.Web/sites/hostruntime/host/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Config Snapshots.", "displayName": "Get Web Apps Config Snapshots", @@ -1147432,6 +1150065,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Web Apps List Secrets From Snapshot.", + "displayName": "Web Apps List Secrets From Snapshot", + "name": "microsoft.web/sites/config/snapshots/listsecrets/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Function keys.", + "displayName": "List Web Apps Functions Keys", + "name": "microsoft.web/sites/slots/functions/listkeys/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Functions.", "displayName": "Get Web Apps Slots Functions", @@ -1147439,6 +1150086,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "List Secrets Web Apps Slots Functions.", + "displayName": "List Secrets Web Apps Slots Functions", + "name": "microsoft.web/sites/slots/functions/listsecrets/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Download Web Apps Container Logs.", + "displayName": "Download Web Apps Container Logs", + "name": "microsoft.web/sites/containerlogs/download/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Hostruntime Functions Keys.", "displayName": "Get Web Apps Hostruntime Functions Keys", @@ -1147460,6 +1150121,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Download Web Apps Slots Container Logs.", + "displayName": "Download Web Apps Slots Container Logs", + "name": "microsoft.web/sites/slots/containerlogs/download/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Slots Processes.", "displayName": "Get Web Apps Slots Processes", @@ -1147495,6 +1150163,13 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Delete Web Apps Site Extensions.", + "displayName": "Delete Web Apps Site Extensions", + "name": "microsoft.web/sites/extensions/delete", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Site Extensions.", "displayName": "Get Web Apps Site Extensions", @@ -1147502,6 +1150177,20 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, + { + "description": "Update Web Apps Site Extensions.", + "displayName": "Update Web Apps Site Extensions", + "name": "microsoft.web/sites/extensions/write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Invoke App Service Extensions APIs.", + "displayName": "Invoke App Service Extensions APIs", + "name": "microsoft.web/sites/extensions/api/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, { "description": "Get Web Apps Instances Extensions.", "displayName": "Get Web Apps Instances Extensions", @@ -1147523,13 +1150212,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Read hosting environments log definitions", - "displayName": "Read hosting environments log definitions", - "name": "microsoft.web/hostingenvironments/providers/Microsoft.Insights/logDefinitions/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Read Private Endpoint Connection Proxies", "displayName": "Read Private Endpoint Connection Proxies", @@ -1147538,37 +1150220,37 @@ "providerName": "microsoft.web" }, { - "description": "Read Private Endpoint Connection Proxies", - "displayName": "Read Private Endpoint Connection Proxies", - "name": "Microsoft.Web/hostingEnvironments/privateEndpointConnectionProxies/Read", + "description": "Create or Update Private Endpoint Connection Proxies", + "displayName": "Create or Update Private Endpoint Connection Proxies", + "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/Write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Read Private Endpoint Connection Proxy Operations", - "displayName": "Read Private Endpoint Connection Proxy Operations", - "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/operations/Read", + "description": "Delete Private Endpoint Connection Proxies", + "displayName": "Delete Private Endpoint Connection Proxies", + "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/Delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Read Private Endpoint Connection Proxy Operations", - "displayName": "Read Private Endpoint Connection Proxy Operations", - "name": "Microsoft.Web/hostingEnvironments/privateEndpointConnectionProxies/operations/Read", + "description": "Validate Private Endpoint Connection Proxies", + "displayName": "Validate Private Endpoint Connection Proxies", + "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/validate/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Operations.", - "displayName": "Get Operations", - "name": "microsoft.web/locations/operationResults/read", + "description": "Read Private Endpoint Connection Proxy Operations", + "displayName": "Read Private Endpoint Connection Proxy Operations", + "name": "Microsoft.Web/sites/privateEndpointConnectionProxies/operations/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Operations.", - "displayName": "Get Operations", - "name": "microsoft.web/locations/operations/read", + "description": "Delete Event Grid Filter on web app.", + "displayName": "Delete Event Grid Filter on web app", + "name": "Microsoft.Web/sites/eventGridFilters/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1147580,289 +1150262,289 @@ "providerName": "microsoft.web" }, { - "description": "Get Event Grid Filter on server farm.", - "displayName": "Get Event Grid Filter on server farm", - "name": "Microsoft.Web/serverfarms/eventGridFilters/read", + "description": "Put Event Grid Filter on web app.", + "displayName": "Put Event Grid Filter on web app", + "name": "Microsoft.Web/sites/eventGridFilters/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Event Grid Filter on hosting environment.", - "displayName": "Get Event Grid Filter on hosting environment", - "name": "Microsoft.Web/hostingEnvironments/eventGridFilters/read", + "description": "Update Function keys.", + "displayName": "Update Web Apps Functions Keys", + "name": "microsoft.web/sites/functions/keys/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web Apps Slots Extensions.", - "displayName": "Get Web Apps Slots Extensions", - "name": "microsoft.web/sites/slots/extensions/read", + "description": "Delete Function keys.", + "displayName": "Delete Web Apps Functions Keys", + "name": "microsoft.web/sites/functions/keys/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the health details of an App Service Environment.", - "displayName": "Get the health details of an App Service Environment", - "name": "microsoft.web/hostingenvironments/health/read", + "description": "List Functions Host keys.", + "displayName": "List Web Apps Functions Host Keys", + "name": "microsoft.web/sites/host/listkeys/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of a Static Site", - "displayName": "Get Static Site", - "name": "Microsoft.Web/staticSites/Read", + "description": "Sync Function Triggers.", + "displayName": "Sync Web Apps Function Triggers", + "name": "microsoft.web/sites/host/sync/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List the custom domains for a Static Site", - "displayName": "List Static Site Custom Domains", - "name": "Microsoft.Web/staticSites/customdomains/Read", + "description": "List Sync Function Triggers Status.", + "displayName": "List Web Apps Sync Function Triggers Status", + "name": "microsoft.web/sites/host/listsyncstatus/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get a build for a Static Site", - "displayName": "Get Static Site Build", - "name": "Microsoft.Web/staticSites/build/Read", + "description": "Update Functions Host Function keys.", + "displayName": "Update Web Apps Functions Host Function Keys", + "name": "microsoft.web/sites/host/functionkeys/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List the functions for a Static Site", - "displayName": "List Static Site Functions", - "name": "Microsoft.Web/staticSites/functions/Read", + "description": "Delete Functions Host Function keys.", + "displayName": "Delete Web Apps Functions Host Function Keys", + "name": "microsoft.web/sites/host/functionkeys/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Network Configuration.", - "displayName": "Get App Service Network Configuration", - "name": "microsoft.web/sites/networkConfig/read", + "description": "Update Functions Host System keys.", + "displayName": "Update Web Apps Functions Host System Keys", + "name": "microsoft.web/sites/host/systemkeys/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List which publishing methods are allowed for a Web App", - "displayName": "List Web App Publishing Credentials Policies", - "name": "Microsoft.Web/sites/basicPublishingCredentialsPolicies/Read", + "description": "Delete Functions Host System keys.", + "displayName": "Delete Web Apps Functions Host System Keys", + "name": "microsoft.web/sites/host/systemkeys/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List which publishing credentials are allowed for a Web App Slot", - "displayName": "List Web App Slot Publishing Credentials Policies", - "name": "Microsoft.Web/sites/slots/basicPublishingCredentialsPolicies/Read", + "description": "Get Web Apps Slots Extensions.", + "displayName": "Get Web Apps Slots Extensions", + "name": "microsoft.web/sites/slots/extensions/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get a Private Endpoint Connection or the list of Private Endpoint Connections.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Web/sites/privateEndpointConnections/Read", + "description": "Update Web Apps Slots Extensions.", + "displayName": "Update Web Apps Slots Extensions", + "name": "microsoft.web/sites/slots/extensions/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Private Link Resources.", - "displayName": "Get Private Link Resources", - "name": "Microsoft.Web/sites/privateLinkResources/Read", + "description": "Invoke App Service Slots Extensions APIs.", + "displayName": "Invoke App Service Slots Extensions APIs.", + "name": "microsoft.web/sites/slots/extensions/api/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Gets the available metrics for Static Site", - "displayName": "Read Static Site metric definitions", - "name": "Microsoft.Web/staticSites/providers/Microsoft.Insights/metricDefinitions/Read", + "description": "Update Function keys.", + "displayName": "Update Web Apps Functions Keys", + "name": "microsoft.web/sites/slots/functions/keys/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Private Endpoint Connection Proxies for a Static Site", - "displayName": "Get Private Endpoint Connection Proxies", - "name": "Microsoft.Web/staticSites/privateEndpointConnectionProxies/Read", + "description": "Delete Function keys.", + "displayName": "Delete Web Apps Functions Keys", + "name": "microsoft.web/sites/slots/functions/keys/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Read Private Endpoint Connection Proxy Operations for a Static Site", - "displayName": "Read Private Endpoint Connection Proxy Operations", - "name": "Microsoft.Web/staticSites/privateEndpointConnectionProxies/operations/Read", + "description": "List Functions Host keys.", + "displayName": "List Web Apps Functions Host Keys", + "name": "microsoft.web/sites/slots/host/listkeys/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get a private endpoint connection or the list of private endpoint connections for a static site", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Web/staticSites/privateEndpointConnections/Read", + "description": "Sync Function Triggers.", + "displayName": "Sync Web Apps Function Triggers", + "name": "microsoft.web/sites/slots/host/sync/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Private Link Resources", - "displayName": "Get Private Link Resources", - "name": "Microsoft.Web/staticSites/privateLinkResources/Read", + "description": "Update Functions Host Function keys.", + "displayName": "Update Web Apps Functions Host Function Keys", + "name": "microsoft.web/sites/slots/host/functionkeys/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get a private endpoint connection or the list of private endpoint connections.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Web/hostingEnvironments/privateEndpointConnections/Read", + "description": "Delete Functions Host Function keys.", + "displayName": "Delete Web Apps Functions Host Function Keys", + "name": "microsoft.web/sites/slots/host/functionkeys/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Private Link Resources.", - "displayName": "Get Private Link Resources", - "name": "Microsoft.Web/hostingEnvironments/privateLinkResources/Read", + "description": "Update Functions Host System keys.", + "displayName": "Update Web Apps Functions Host System Keys", + "name": "microsoft.web/sites/slots/host/systemkeys/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of a Kubernetes Environment", - "displayName": "Get Kubernetes Environment", - "name": "Microsoft.Web/kubeEnvironments/read", + "description": "Delete Functions Host System keys.", + "displayName": "Delete Web Apps Functions Host System Keys", + "name": "microsoft.web/sites/slots/host/systemkeys/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the operations for a Kubernetes Environment", - "displayName": "Get Kubernetes Environment Operations", - "name": "Microsoft.Web/kubeEnvironments/operations/read", + "description": "Get App Service Network Configuration.", + "displayName": "Get App Service Network Configuration", + "name": "microsoft.web/sites/networkConfig/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get networking configuration of an App Service Environment", - "displayName": "Get Networking Configuration", - "name": "Microsoft.Web/hostingEnvironments/configurations/networking/Read", + "description": "Update App Service Network Configuration.", + "displayName": "Update App Service Network Configuration", + "name": "microsoft.web/sites/networkConfig/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Static Site User Provided Function Apps", - "displayName": "Get Static Site User Provided Function Apps", - "name": "Microsoft.Web/staticSites/userProvidedFunctionApps/Read", + "description": "Delete App Service Network Configuration.", + "displayName": "Delete App Service Network Configuration", + "name": "microsoft.web/sites/networkConfig/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Static Site Build User Provided Function Apps", - "displayName": "Get Static Site Build User Provided Function Apps", - "name": "Microsoft.Web/staticSites/builds/userProvidedFunctionApps/Read", + "description": "List which publishing methods are allowed for a Web App", + "displayName": "List Web App Publishing Credentials Policies", + "name": "Microsoft.Web/sites/basicPublishingCredentialsPolicies/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web App Slots Config Snapshots.", - "displayName": "Get Web App Slots Config Snapshots", - "name": "microsoft.web/sites/slots/config/snapshots/read", + "description": "List which publishing methods are allowed for a Web App", + "displayName": "List Web App Publishing Credentials Policies", + "name": "Microsoft.Web/sites/basicPublishingCredentialsPolicies/Write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Gets the available metrics for App Service Environment", - "displayName": "Read App Service Environment metric definitions", - "name": "Microsoft.Web/hostingEnvironments/providers/Microsoft.Insights/metricDefinitions/Read", + "description": "List which publishing credentials are allowed for a Web App Slot", + "displayName": "List Web App Slot Publishing Credentials Policies", + "name": "Microsoft.Web/sites/slots/basicPublishingCredentialsPolicies/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List the functions for a Static Site Build", - "displayName": "List Static Site Build Functions", - "name": "Microsoft.Web/staticSites/builds/functions/Read", + "description": "List which publishing credentials are allowed for a Web App Slot", + "displayName": "List Web App Slot Publishing Credentials Policies", + "name": "Microsoft.Web/sites/slots/basicPublishingCredentialsPolicies/Write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties for a Worker App", - "displayName": "Get Worker App", - "name": "Microsoft.Web/workerApps/read", + "description": "Approve or Reject a private endpoint connection.", + "displayName": "Approve or Reject Private Endpoint Connection", + "name": "Microsoft.Web/sites/privateEndpointConnections/Write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the results of a Worker App operation", - "displayName": "Get Worker App Operation", - "name": "Microsoft.Web/workerApps/operationResults/read", + "description": "Get a Private Endpoint Connection or the list of Private Endpoint Connections.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Web/sites/privateEndpointConnections/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get App Service Slots Network Configuration.", - "displayName": "Get App Service Slots Network Configuration", - "name": "microsoft.web/sites/slots/networkConfig/read", + "description": "Delete a Private Endpoint Connection.", + "displayName": "Delete Private Endpoint Connection", + "name": "Microsoft.Web/sites/privateEndpointConnections/Delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Gets the available metrics for API Connections", - "displayName": "Read API Connections metric definitions", - "name": "Microsoft.Web/connections/providers/Microsoft.Insights/metricDefinitions/Read", + "description": "Get Private Link Resources.", + "displayName": "Get Private Link Resources", + "name": "Microsoft.Web/sites/privateLinkResources/Read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties for a Container App", - "displayName": "Get container App", - "name": "Microsoft.Web/containerApps/read", + "description": "Get Web App Slots Config Snapshots.", + "displayName": "Get Web App Slots Config Snapshots", + "name": "microsoft.web/sites/slots/config/snapshots/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the results of a Container App operation", - "displayName": "Get Container App Operation", - "name": "Microsoft.Web/containerApps/operationResults/read", + "description": "Web Apps List Slot Secrets From Snapshot.", + "displayName": "Web Apps List Slot Secrets From Snapshot", + "name": "microsoft.web/sites/slots/config/snapshots/listsecrets/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get a Container App Revision", - "displayName": "Get Container App Revision", - "name": "Microsoft.Web/containerApps/revisions/read", + "description": "Get App Service Slots Network Configuration.", + "displayName": "Get App Service Slots Network Configuration", + "name": "microsoft.web/sites/slots/networkConfig/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get a Container App Source Control", - "displayName": "Get Container App Source Control", - "name": "Microsoft.Web/containerApps/sourcecontrols/read", + "description": "Update App Service Slots Network Configuration.", + "displayName": "Update App Service Slots Network Configuration", + "name": "microsoft.web/sites/slots/networkConfig/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web Apps Hostruntime Workflow Triggers.", - "displayName": "List Web Apps Hostruntime Workflow Triggers", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/read", + "description": "Delete App Service Slots Network Configuration.", + "displayName": "Delete App Service Slots Network Configuration", + "name": "microsoft.web/sites/slots/networkConfig/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web Apps Hostruntime Workflow Runs.", - "displayName": "List Web Apps Hostruntime Workflow Runs", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/runs/read", + "description": "List Web Apps Hostruntime Workflow Triggers.", + "displayName": "List Web Apps Hostruntime Workflow Triggers", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get info about custom hostnames under subscription.", - "displayName": "Get custom hostnames under subscription", - "name": "Microsoft.Web/customhostnameSites/Read", + "description": "Get Web Apps Hostruntime Workflow Trigger Uri.", + "displayName": "Get Web Apps Hostruntime Workflow Trigger Uri", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the list of recommendations for App Service Plan.", - "displayName": "Get recommendations for App Service Plan", - "name": "Microsoft.Web/serverfarms/recommendations/Read", + "description": "Run Web Apps Hostruntime Workflow Trigger.", + "displayName": "Run Web Apps Hostruntime Workflow Trigger", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/run/action", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get the properties of a Deleted Web App at location", - "displayName": "Get Deleted Web App at location", - "name": "Microsoft.Web/locations/deletedSites/Read", + "description": "List Web Apps Hostruntime Workflow Runs.", + "displayName": "List Web Apps Hostruntime Workflow Runs", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/runs/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, @@ -1147873,69 +1150555,6 @@ "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, - { - "description": "Get Static Site Linked Backends", - "displayName": "Get Static Site Linked Backends", - "name": "Microsoft.Web/staticSites/linkedBackends/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Static Site Build Linked Backends", - "displayName": "Get Static Site Build Linked Backends", - "name": "Microsoft.Web/staticSites/builds/linkedBackends/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Certificates Operation Results.", - "displayName": "Get Certificates Operation Results", - "name": "microsoft.web/certificates/operationresults/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Function App Stacks.", - "displayName": "Get Function App Stacks", - "name": "microsoft.web/functionappstacks/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Function App Stacks for location.", - "displayName": "Get Function App Stacks for location", - "name": "microsoft.web/locations/functionappstacks/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Hosting Environment Configurations.", - "displayName": "Get Hosting Environment Configurations", - "name": "microsoft.web/hostingenvironments/configurations/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get first party Azure Key vault referenced settings for App Service Plan.", - "displayName": "Get App Service Plan Key Vault first party settings", - "name": "microsoft.web/serverfarms/firstpartyapps/keyvaultsettings/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web App Stacks.", - "displayName": "Get Web App Stacks", - "name": "microsoft.web/webappstacks/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web App Stacks for location.", - "displayName": "Get Web App Stacks for location", - "name": "microsoft.web/locations/webappstacks/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, { "description": "Get Web App settings.", "displayName": "Get Web App settings", @@ -1147965,205 +1150584,107 @@ "providerName": "microsoft.web" }, { - "description": "Get Web App Single App setting.", - "displayName": "Get Web App Single App setting", - "name": "microsoft.web/sites/config/web/appsettings/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web App single connectionstring", - "displayName": "Get Web App single connection string", - "name": "microsoft.web/sites/config/web/connectionstrings/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web App Slot's single connection string", - "displayName": "Get Web App Slot's single connection string", - "name": "microsoft.web/sites/slots/config/web/connectionstrings/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List the workflows in a Logic App.", - "displayName": "List the workflows in a Logic App", - "name": "microsoft.web/sites/workflows/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "List the workflows in a deployment slot in a Logic App.", - "displayName": "List the workflows in a deployment slot in a Logic App", - "name": "microsoft.web/sites/slots/workflows/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get logic app's configuration information by its ID in a Logic App.", - "displayName": "Get logic app's configuration information by its ID in a Logic App", - "name": "microsoft.web/sites/workflowsconfiguration/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get logic app's configuration information by its ID in a deployment slot in a Logic App.", - "displayName": "Get logic app's configuration information by its ID in a deployment slot in a Logic App", - "name": "microsoft.web/sites/slots/workflowsconfiguration/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Static Site Database Connection", - "displayName": "Get Static Site Database Connections", - "name": "Microsoft.Web/staticSites/databaseConnections/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Static Site Build Database Connections", - "displayName": "Get Static Site Build Database Connections", - "name": "Microsoft.Web/staticSites/builds/databaseConnections/Read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Lists free trial static web apps.", - "displayName": "List free trial static web apps", - "name": "Microsoft.Web/freeTrialStaticWebApps/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Apply web app slot configuration from target slot to the current web app", - "displayName": "Apply Web App Configuration", - "name": "Microsoft.Web/sites/applySlotConfig/Action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Function App's master key for admin operations", - "displayName": "Get Function App master key", - "name": "Microsoft.Web/sites/hostruntime/host/_master/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Perform Function App runtime action like sync triggers, add functions, invoke functions, delete functions etc.", - "displayName": "Perform Function App runtime action", - "name": "Microsoft.Web/sites/hostruntime/host/action", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web Apps Hostruntime Functions Keys.", - "displayName": "Get Web Apps Hostruntime Functions Keys", - "name": "microsoft.web/sites/hostruntime/functions/keys/read", - "providerDisplayName": "Microsoft Web Apps", - "providerName": "microsoft.web" - }, - { - "description": "Get Web Apps Hostruntime Host.", - "displayName": "Get Web Apps Hostruntime Host", - "name": "microsoft.web/sites/hostruntime/host/read", + "description": "Create or Update Web App Slot's Single App setting", + "displayName": "Create or Update Web App Slot's Single App setting", + "name": "microsoft.web/sites/slots/config/appsettings/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web Apps Hostruntime Workflow Triggers.", - "displayName": "List Web Apps Hostruntime Workflow Triggers", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/read", + "description": "Get Web App Single App setting.", + "displayName": "Get Web App Single App setting", + "name": "microsoft.web/sites/config/web/appsettings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get Web Apps Hostruntime Workflow Trigger Uri.", - "displayName": "Get Web Apps Hostruntime Workflow Trigger Uri", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action", + "description": "Create or Update Web App Single App setting", + "displayName": "Create or Update Web App Single App setting", + "name": "microsoft.web/sites/config/web/appsettings/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Run Web Apps Hostruntime Workflow Trigger.", - "displayName": "Run Web Apps Hostruntime Workflow Trigger", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/run/action", + "description": "Delete Web Apps App Setting", + "displayName": "Delete Web Apps App Setting", + "name": "microsoft.web/sites/config/web/appsettings/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "List Web Apps Hostruntime Workflow Runs.", - "displayName": "List Web Apps Hostruntime Workflow Runs", - "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/runs/read", + "description": "Delete Web App Slot's App Setting", + "displayName": "Delete Web App Slot's App Setting", + "name": "microsoft.web/sites/slots/config/web/appsettings/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Restart a Web App", - "displayName": "Restart Web App", - "name": "Microsoft.Web/sites/restart/Action", + "description": "Get Web App single connectionstring", + "displayName": "Get Web App single connection string", + "name": "microsoft.web/sites/config/web/connectionstrings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Restart a Web App Slot", - "displayName": "Restart Web App Slot", - "name": "Microsoft.Web/sites/slots/restart/Action", + "description": "Get Web App single App setting.", + "displayName": "Create or Update Web App single sonnection string", + "name": "microsoft.web/sites/config/web/connectionstrings/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Swap Web App deployment slots", - "displayName": "Swap Web App Slots", - "name": "Microsoft.Web/sites/slots/slotsswap/Action", + "description": "Delete Web App single connection string", + "displayName": "Delete Web App single connection string", + "name": "microsoft.web/sites/config/web/connectionstrings/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Start a Web App Slot", - "displayName": "Start Web App Slot", - "name": "Microsoft.Web/sites/slots/start/Action", + "description": "Get Web App Slot's single connection string", + "displayName": "Get Web App Slot's single connection string", + "name": "microsoft.web/sites/slots/config/web/connectionstrings/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Stop a Web App Slot", - "displayName": "Stop Web App Slot", - "name": "Microsoft.Web/sites/slots/stop/Action", + "description": "Create or Update Web App Slot's single sonnection string", + "displayName": "Create or Update Web App Slot's single sonnection string", + "name": "microsoft.web/sites/slots/config/web/connectionstrings/write", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Get differences in configuration between web app and slots", - "displayName": "Get Web App Slots Differences", - "name": "Microsoft.Web/sites/slotsdiffs/Action", + "description": "Delete Web App slot's single connection string", + "displayName": "Delete Web App slot's single connection string", + "name": "microsoft.web/sites/slots/config/web/connectionstrings/delete", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Swap Web App deployment slots", - "displayName": "Swap Web App Slots", - "name": "Microsoft.Web/sites/slotsswap/Action", + "description": "List the workflows in a Logic App.", + "displayName": "List the workflows in a Logic App", + "name": "microsoft.web/sites/workflows/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Start a Web App", - "displayName": "Start Web App", - "name": "Microsoft.Web/sites/start/Action", + "description": "List the workflows in a deployment slot in a Logic App.", + "displayName": "List the workflows in a deployment slot in a Logic App", + "name": "microsoft.web/sites/slots/workflows/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Stop a Web App", - "displayName": "Stop Web App", - "name": "Microsoft.Web/sites/stop/Action", + "description": "Get logic app's configuration information by its ID in a Logic App.", + "displayName": "Get logic app's configuration information by its ID in a Logic App", + "name": "microsoft.web/sites/workflowsconfiguration/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" }, { - "description": "Create a new Web App or update an existing one", - "displayName": "Create or Update Web App", - "name": "Microsoft.Web/sites/Write", + "description": "Get logic app's configuration information by its ID in a deployment slot in a Logic App.", + "displayName": "Get logic app's configuration information by its ID in a deployment slot in a Logic App", + "name": "microsoft.web/sites/slots/workflowsconfiguration/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" } @@ -1148179,18 +1150700,12 @@ "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Support/*", "Microsoft.Web/*/read", - "Microsoft.Web/sites/applySlotConfig/Action", - "microsoft.web/sites/hostruntime/*", - "Microsoft.Web/sites/restart/Action", - "Microsoft.Web/sites/slots/restart/Action", - "Microsoft.Web/sites/slots/slotsswap/Action", - "Microsoft.Web/sites/slots/start/Action", - "Microsoft.Web/sites/slots/stop/Action", - "Microsoft.Web/sites/slotsdiffs/Action", - "Microsoft.Web/sites/slotsswap/Action", - "Microsoft.Web/sites/start/Action", - "Microsoft.Web/sites/stop/Action", - "Microsoft.Web/sites/write" + "Microsoft.Web/certificates/*", + "Microsoft.Web/connectionGateways/*", + "Microsoft.Web/connections/*", + "Microsoft.Web/customApis/*", + "Microsoft.Web/serverFarms/*", + "Microsoft.Web/sites/*" ], "condition": null, "conditionVersion": null, @@ -1148201,10 +1150716,10 @@ ] }, { - "description": "You have read-only access to all resources in a Standard logic app and workflows, including the workflow runs and their history.", + "description": "You can enable and disable the logic app, resubmit workflow runs, as well as create connections. You can't edit workflows or settings.", "hasExternal": false, "hasUnknown": false, - "name": "Logic Apps Standard Reader (Preview)", + "name": "Logic Apps Standard Operator (Preview)", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1150571,6 +1153086,139 @@ "name": "Microsoft.Web/freeTrialStaticWebApps/read", "providerDisplayName": "Microsoft Web Apps", "providerName": "microsoft.web" + }, + { + "description": "Apply web app slot configuration from target slot to the current web app", + "displayName": "Apply Web App Configuration", + "name": "Microsoft.Web/sites/applySlotConfig/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Function App's master key for admin operations", + "displayName": "Get Function App master key", + "name": "Microsoft.Web/sites/hostruntime/host/_master/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Perform Function App runtime action like sync triggers, add functions, invoke functions, delete functions etc.", + "displayName": "Perform Function App runtime action", + "name": "Microsoft.Web/sites/hostruntime/host/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Web Apps Hostruntime Functions Keys.", + "displayName": "Get Web Apps Hostruntime Functions Keys", + "name": "microsoft.web/sites/hostruntime/functions/keys/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Web Apps Hostruntime Host.", + "displayName": "Get Web Apps Hostruntime Host", + "name": "microsoft.web/sites/hostruntime/host/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Web Apps Hostruntime Workflow Triggers.", + "displayName": "List Web Apps Hostruntime Workflow Triggers", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get Web Apps Hostruntime Workflow Trigger Uri.", + "displayName": "Get Web Apps Hostruntime Workflow Trigger Uri", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/listCallbackUrl/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Run Web Apps Hostruntime Workflow Trigger.", + "displayName": "Run Web Apps Hostruntime Workflow Trigger", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/triggers/run/action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "List Web Apps Hostruntime Workflow Runs.", + "displayName": "List Web Apps Hostruntime Workflow Runs", + "name": "microsoft.web/sites/hostruntime/webhooks/api/workflows/runs/read", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Restart a Web App", + "displayName": "Restart Web App", + "name": "Microsoft.Web/sites/restart/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Restart a Web App Slot", + "displayName": "Restart Web App Slot", + "name": "Microsoft.Web/sites/slots/restart/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Swap Web App deployment slots", + "displayName": "Swap Web App Slots", + "name": "Microsoft.Web/sites/slots/slotsswap/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Start a Web App Slot", + "displayName": "Start Web App Slot", + "name": "Microsoft.Web/sites/slots/start/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Stop a Web App Slot", + "displayName": "Stop Web App Slot", + "name": "Microsoft.Web/sites/slots/stop/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Get differences in configuration between web app and slots", + "displayName": "Get Web App Slots Differences", + "name": "Microsoft.Web/sites/slotsdiffs/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Swap Web App deployment slots", + "displayName": "Swap Web App Slots", + "name": "Microsoft.Web/sites/slotsswap/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Start a Web App", + "displayName": "Start Web App", + "name": "Microsoft.Web/sites/start/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Stop a Web App", + "displayName": "Stop Web App", + "name": "Microsoft.Web/sites/stop/Action", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" + }, + { + "description": "Create a new Web App or update an existing one", + "displayName": "Create or Update Web App", + "name": "Microsoft.Web/sites/Write", + "providerDisplayName": "Microsoft Web Apps", + "providerName": "microsoft.web" } ], "permittedDataActions": [], @@ -1150583,7 +1153231,19 @@ "Microsoft.Resources/subscriptions/operationresults/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Support/*", - "Microsoft.Web/*/read" + "Microsoft.Web/*/read", + "Microsoft.Web/sites/applySlotConfig/Action", + "microsoft.web/sites/hostruntime/*", + "Microsoft.Web/sites/restart/Action", + "Microsoft.Web/sites/slots/restart/Action", + "Microsoft.Web/sites/slots/slotsswap/Action", + "Microsoft.Web/sites/slots/start/Action", + "Microsoft.Web/sites/slots/stop/Action", + "Microsoft.Web/sites/slotsdiffs/Action", + "Microsoft.Web/sites/slotsswap/Action", + "Microsoft.Web/sites/start/Action", + "Microsoft.Web/sites/stop/Action", + "Microsoft.Web/sites/write" ], "condition": null, "conditionVersion": null, @@ -1150764,10 +1153424,10 @@ ] }, { - "description": "Allows for Importing Elastic San Volume", + "description": "Allows for creating and exporting Snapshot of Elastic San Volume", "hasExternal": false, "hasUnknown": false, - "name": "Elastic SAN Volume Importer", + "name": "Elastic SAN Snapshot Exporter", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1150972,6 +1153632,27 @@ "providerDisplayName": "MicrosoftElasticSan", "providerName": "Microsoft.ElasticSan" }, + { + "description": "List VolumeGroups by ElasticSan", + "displayName": "List VolumeGroups by ElasticSan", + "name": "Microsoft.ElasticSan/elasticSans/volumeGroups/read", + "providerDisplayName": "MicrosoftElasticSan", + "providerName": "Microsoft.ElasticSan" + }, + { + "description": null, + "displayName": null, + "name": "Microsoft.ElasticSan/elasticSans/privateEndpointConnectionProxies/read", + "providerDisplayName": "MicrosoftElasticSan", + "providerName": "Microsoft.ElasticSan" + }, + { + "description": null, + "displayName": null, + "name": "Microsoft.ElasticSan/elasticSans/privateLinkResources/read", + "providerDisplayName": "MicrosoftElasticSan", + "providerName": "Microsoft.ElasticSan" + }, { "description": null, "displayName": null, @@ -1150980,9 +1153661,23 @@ "providerName": "Microsoft.ElasticSan" }, { - "description": "Create/Update Volume", - "displayName": "Create/Update Volume", - "name": "Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/write", + "description": null, + "displayName": null, + "name": "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/write", + "providerDisplayName": "MicrosoftElasticSan", + "providerName": "Microsoft.ElasticSan" + }, + { + "description": "Delete Volume Snapshot", + "displayName": "Delete Volume Snapshot", + "name": "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/delete", + "providerDisplayName": "MicrosoftElasticSan", + "providerName": "Microsoft.ElasticSan" + }, + { + "description": null, + "displayName": null, + "name": "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/beginGetAccess/action", "providerDisplayName": "MicrosoftElasticSan", "providerName": "Microsoft.ElasticSan" }, @@ -1151253,16 +1153948,16 @@ "providerName": "Microsoft.Compute" }, { - "description": "Get the SAS URI of the Disk for blob access", - "displayName": "Get Disk SAS URI", - "name": "Microsoft.Compute/disks/beginGetAccess/action", + "description": "Creates a new Disk or updates an existing one", + "displayName": "Create or Update Disk", + "name": "Microsoft.Compute/disks/write", "providerDisplayName": "Microsoft Compute", "providerName": "Microsoft.Compute" }, { - "description": "Revoke the SAS URI of the Disk", - "displayName": "Revoke Disk SAS URI", - "name": "Microsoft.Compute/disks/endGetAccess/action", + "description": "Deletes the Disk", + "displayName": "Delete Disk", + "name": "Microsoft.Compute/disks/delete", "providerDisplayName": "Microsoft Compute", "providerName": "Microsoft.Compute" }, @@ -1151274,16 +1153969,16 @@ "providerName": "Microsoft.Compute" }, { - "description": "Get the SAS URI of the Snapshot for blob access", - "displayName": "Get Snapshot SAS URI", - "name": "Microsoft.Compute/snapshots/beginGetAccess/action", + "description": "Create a new Snapshot or update an existing one", + "displayName": "Create or Update Snapshot", + "name": "Microsoft.Compute/snapshots/write", "providerDisplayName": "Microsoft Compute", "providerName": "Microsoft.Compute" }, { - "description": "Revoke the SAS URI of the Snapshot", - "displayName": "Revoke Snapshot SAS URI", - "name": "Microsoft.Compute/snapshots/endGetAccess/action", + "description": "Delete a Snapshot", + "displayName": "Delete Snapshot", + "name": "Microsoft.Compute/snapshots/delete", "providerDisplayName": "Microsoft Compute", "providerName": "Microsoft.Compute" } @@ -1151294,16 +1153989,18 @@ "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ElasticSan/elasticSans/volumeGroups/*/read", - "Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/write", + "Microsoft.ElasticSan/elasticSans/*/read", + "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/write", + "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/delete", + "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/beginGetAccess/action", "Microsoft.ElasticSan/locations/*", "Microsoft.Compute/locations/*", "Microsoft.Compute/disks/read", - "Microsoft.Compute/disks/beginGetAccess/action", - "Microsoft.Compute/disks/endGetAccess/action", + "Microsoft.Compute/disks/write", + "Microsoft.Compute/disks/delete", "Microsoft.Compute/snapshots/read", - "Microsoft.Compute/snapshots/beginGetAccess/action", - "Microsoft.Compute/snapshots/endGetAccess/action" + "Microsoft.Compute/snapshots/write", + "Microsoft.Compute/snapshots/delete" ], "condition": null, "conditionVersion": null, @@ -1151314,10 +1154011,10 @@ ] }, { - "description": "Allows for creating and exporting Snapshot of Elastic San Volume", + "description": "Allows for Importing Elastic San Volume", "hasExternal": false, "hasUnknown": false, - "name": "Elastic SAN Snapshot Exporter", + "name": "Elastic SAN Volume Importer", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1151522,27 +1154219,6 @@ "providerDisplayName": "MicrosoftElasticSan", "providerName": "Microsoft.ElasticSan" }, - { - "description": "List VolumeGroups by ElasticSan", - "displayName": "List VolumeGroups by ElasticSan", - "name": "Microsoft.ElasticSan/elasticSans/volumeGroups/read", - "providerDisplayName": "MicrosoftElasticSan", - "providerName": "Microsoft.ElasticSan" - }, - { - "description": null, - "displayName": null, - "name": "Microsoft.ElasticSan/elasticSans/privateEndpointConnectionProxies/read", - "providerDisplayName": "MicrosoftElasticSan", - "providerName": "Microsoft.ElasticSan" - }, - { - "description": null, - "displayName": null, - "name": "Microsoft.ElasticSan/elasticSans/privateLinkResources/read", - "providerDisplayName": "MicrosoftElasticSan", - "providerName": "Microsoft.ElasticSan" - }, { "description": null, "displayName": null, @@ -1151551,23 +1154227,9 @@ "providerName": "Microsoft.ElasticSan" }, { - "description": null, - "displayName": null, - "name": "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/write", - "providerDisplayName": "MicrosoftElasticSan", - "providerName": "Microsoft.ElasticSan" - }, - { - "description": "Delete Volume Snapshot", - "displayName": "Delete Volume Snapshot", - "name": "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/delete", - "providerDisplayName": "MicrosoftElasticSan", - "providerName": "Microsoft.ElasticSan" - }, - { - "description": null, - "displayName": null, - "name": "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/beginGetAccess/action", + "description": "Create/Update Volume", + "displayName": "Create/Update Volume", + "name": "Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/write", "providerDisplayName": "MicrosoftElasticSan", "providerName": "Microsoft.ElasticSan" }, @@ -1151838,16 +1154500,16 @@ "providerName": "Microsoft.Compute" }, { - "description": "Creates a new Disk or updates an existing one", - "displayName": "Create or Update Disk", - "name": "Microsoft.Compute/disks/write", + "description": "Get the SAS URI of the Disk for blob access", + "displayName": "Get Disk SAS URI", + "name": "Microsoft.Compute/disks/beginGetAccess/action", "providerDisplayName": "Microsoft Compute", "providerName": "Microsoft.Compute" }, { - "description": "Deletes the Disk", - "displayName": "Delete Disk", - "name": "Microsoft.Compute/disks/delete", + "description": "Revoke the SAS URI of the Disk", + "displayName": "Revoke Disk SAS URI", + "name": "Microsoft.Compute/disks/endGetAccess/action", "providerDisplayName": "Microsoft Compute", "providerName": "Microsoft.Compute" }, @@ -1151859,16 +1154521,16 @@ "providerName": "Microsoft.Compute" }, { - "description": "Create a new Snapshot or update an existing one", - "displayName": "Create or Update Snapshot", - "name": "Microsoft.Compute/snapshots/write", + "description": "Get the SAS URI of the Snapshot for blob access", + "displayName": "Get Snapshot SAS URI", + "name": "Microsoft.Compute/snapshots/beginGetAccess/action", "providerDisplayName": "Microsoft Compute", "providerName": "Microsoft.Compute" }, { - "description": "Delete a Snapshot", - "displayName": "Delete Snapshot", - "name": "Microsoft.Compute/snapshots/delete", + "description": "Revoke the SAS URI of the Snapshot", + "displayName": "Revoke Snapshot SAS URI", + "name": "Microsoft.Compute/snapshots/endGetAccess/action", "providerDisplayName": "Microsoft Compute", "providerName": "Microsoft.Compute" } @@ -1151879,18 +1154541,16 @@ "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.ElasticSan/elasticSans/*/read", - "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/write", - "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/delete", - "Microsoft.ElasticSan/elasticSans/volumeGroups/snapshots/beginGetAccess/action", + "Microsoft.ElasticSan/elasticSans/volumeGroups/*/read", + "Microsoft.ElasticSan/elasticSans/volumeGroups/volumes/write", "Microsoft.ElasticSan/locations/*", "Microsoft.Compute/locations/*", "Microsoft.Compute/disks/read", - "Microsoft.Compute/disks/write", - "Microsoft.Compute/disks/delete", + "Microsoft.Compute/disks/beginGetAccess/action", + "Microsoft.Compute/disks/endGetAccess/action", "Microsoft.Compute/snapshots/read", - "Microsoft.Compute/snapshots/write", - "Microsoft.Compute/snapshots/delete" + "Microsoft.Compute/snapshots/beginGetAccess/action", + "Microsoft.Compute/snapshots/endGetAccess/action" ], "condition": null, "conditionVersion": null, @@ -1154445,16 +1157105,30 @@ ] }, { - "description": "Execute requests against DeID realtime endpoint. This role is in preview and subject to change.", + "description": "Create and manage DeID batch jobs. This role is in preview and subject to change.", "hasExternal": false, "hasUnknown": false, - "name": "DeID Realtime Data User", + "name": "DeID Batch Data Owner", "permittedActions": [], "permittedDataActions": [ { - "description": "Allows access to realtime the endpoint", - "displayName": "Allows acces to the realtime endpoint", - "name": "Microsoft.HealthDataAIServices/DeidServices/Realtime/action", + "description": "Creates batches", + "displayName": "Creates a new batch operation", + "name": "Microsoft.HealthDataAIServices/DeidServices/Batch/write", + "providerDisplayName": "Microsoft.HealthDataAIServices", + "providerName": "Microsoft.HealthDataAIServices" + }, + { + "description": "Deletes a batch", + "displayName": "Deletes an existing batch operation", + "name": "Microsoft.HealthDataAIServices/DeidServices/Batch/delete", + "providerDisplayName": "Microsoft.HealthDataAIServices", + "providerName": "Microsoft.HealthDataAIServices" + }, + { + "description": "Reads a batch", + "displayName": "Get/List an existing batch operation", + "name": "Microsoft.HealthDataAIServices/DeidServices/Batch/read", "providerDisplayName": "Microsoft.HealthDataAIServices", "providerName": "Microsoft.HealthDataAIServices" } @@ -1154465,7 +1157139,9 @@ "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.HealthDataAIServices/DeidServices/Realtime/action" + "Microsoft.HealthDataAIServices/DeidServices/Batch/write", + "Microsoft.HealthDataAIServices/DeidServices/Batch/delete", + "Microsoft.HealthDataAIServices/DeidServices/Batch/read" ], "notActions": [], "notDataActions": [] @@ -1154504,30 +1157180,16 @@ ] }, { - "description": "Create and manage DeID batch jobs. This role is in preview and subject to change.", + "description": "Execute requests against DeID realtime endpoint. This role is in preview and subject to change.", "hasExternal": false, "hasUnknown": false, - "name": "DeID Batch Data Owner", + "name": "DeID Realtime Data User", "permittedActions": [], "permittedDataActions": [ { - "description": "Creates batches", - "displayName": "Creates a new batch operation", - "name": "Microsoft.HealthDataAIServices/DeidServices/Batch/write", - "providerDisplayName": "Microsoft.HealthDataAIServices", - "providerName": "Microsoft.HealthDataAIServices" - }, - { - "description": "Deletes a batch", - "displayName": "Deletes an existing batch operation", - "name": "Microsoft.HealthDataAIServices/DeidServices/Batch/delete", - "providerDisplayName": "Microsoft.HealthDataAIServices", - "providerName": "Microsoft.HealthDataAIServices" - }, - { - "description": "Reads a batch", - "displayName": "Get/List an existing batch operation", - "name": "Microsoft.HealthDataAIServices/DeidServices/Batch/read", + "description": "Allows access to realtime the endpoint", + "displayName": "Allows acces to the realtime endpoint", + "name": "Microsoft.HealthDataAIServices/DeidServices/Realtime/action", "providerDisplayName": "Microsoft.HealthDataAIServices", "providerName": "Microsoft.HealthDataAIServices" } @@ -1154538,9 +1157200,7 @@ "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.HealthDataAIServices/DeidServices/Batch/write", - "Microsoft.HealthDataAIServices/DeidServices/Batch/delete", - "Microsoft.HealthDataAIServices/DeidServices/Batch/read" + "Microsoft.HealthDataAIServices/DeidServices/Realtime/action" ], "notActions": [], "notDataActions": [] @@ -1155727,6 +1158387,962 @@ } ] }, + { + "description": "Grants permissions to perform all VM actions", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Stack HCI VM Contributor", + "permittedActions": [ + { + "description": "Restarts virtual machine resource", + "displayName": "Restarts virtual machine resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/Restart/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Starts virtual machine resource", + "displayName": "Starts virtual machine resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/Start/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Stops virtual machine resource", + "displayName": "Stops virtual machine resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/Stop/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Deletes virtual machine resource", + "displayName": "Deletes virtual machine resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/Delete", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Creates/Updates virtual machine resource", + "displayName": "Creates/Updates virtual machine resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/Write", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists virtual machine resource", + "displayName": "Gets/Lists virtual machine resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists virtual machine hybrid identity metadata proxy resource", + "displayName": "Gets/Lists virtual machine hybrid identity metadata proxy resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/HybridIdentityMetadata/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists virtual machine extensions resource", + "displayName": "Gets/Lists virtual machine extensions resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Creates/Updates virtual machine extensions resource", + "displayName": "Creates/Updates virtual machine extensions resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Write", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Deletes virtual machine extensions resource", + "displayName": "Deletes virtual machine extensions resource", + "name": "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Delete", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Restarts virtual machine instance resource", + "displayName": "Restarts virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Restart/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Starts virtual machine instance resource", + "displayName": "Starts virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Start/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Stops virtual machine instance resource", + "displayName": "Stops virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Stop/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Pauses virtual machine instance resource", + "displayName": "Pauses virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Pause/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Saves virtual machine instance resource", + "displayName": "Saves virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Save/Action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Deletes virtual machine instance resource", + "displayName": "Deletes virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Delete", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Creates/Updates virtual machine instance resource", + "displayName": "Creates/Updates virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Write", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists virtual machine instance resource", + "displayName": "Gets/Lists virtual machine instance resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists virtual machine instance hybrid identity metadata proxy resource", + "displayName": "Gets/Lists virtual machine instance hybrid identity metadata proxy resource", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/HybridIdentityMetadata/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists virtual machine instance's attestation status", + "displayName": "Gets/Lists virtual machine instance's attestation status", + "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/attestationStatus/read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Deletes network interfaces resource", + "displayName": "Deletes network interfaces resource", + "name": "Microsoft.AzureStackHCI/NetworkInterfaces/Delete", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Creates/Updates network interfaces resource", + "displayName": "Creates/Updates network interfaces resource", + "name": "Microsoft.AzureStackHCI/NetworkInterfaces/Write", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists network interfaces resource", + "displayName": "Gets/Lists network interfaces resource", + "name": "Microsoft.AzureStackHCI/NetworkInterfaces/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Deletes virtual hard disk resource", + "displayName": "Deletes virtual hard disk resource", + "name": "Microsoft.AzureStackHCI/VirtualHardDisks/Delete", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Creates/Updates virtual hard disk resource", + "displayName": "Creates/Updates virtual hard disk resource", + "name": "Microsoft.AzureStackHCI/VirtualHardDisks/Write", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists virtual hard disk resource", + "displayName": "Gets/Lists virtual hard disk resource", + "name": "Microsoft.AzureStackHCI/VirtualHardDisks/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists virtual networks resource", + "displayName": "Gets/Lists virtual networks resource", + "name": "Microsoft.AzureStackHCI/VirtualNetworks/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Joins virtual networks resource", + "displayName": "Joins virtual networks resource", + "name": "Microsoft.AzureStackHCI/VirtualNetworks/join/action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists logical networks resource", + "displayName": "Gets/Lists logical networks resource", + "name": "Microsoft.AzureStackHCI/LogicalNetworks/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Joins logical networks resource", + "displayName": "Joins logical networks resource", + "name": "Microsoft.AzureStackHCI/LogicalNetworks/join/action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists gallery images resource", + "displayName": "Gets/Lists gallery images resource", + "name": "Microsoft.AzureStackHCI/GalleryImages/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Deploys gallery images resource", + "displayName": "Deploys gallery images resource", + "name": "Microsoft.AzureStackHCI/GalleryImages/deploy/action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists storage containers resource", + "displayName": "Gets/Lists storage containers resource", + "name": "Microsoft.AzureStackHCI/StorageContainers/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Deploys storage containers resource", + "displayName": "Deploys storage containers resource", + "name": "Microsoft.AzureStackHCI/StorageContainers/deploy/action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists market place gallery images resource", + "displayName": "Gets/Lists market place gallery images resource", + "name": "Microsoft.AzureStackHCI/MarketPlaceGalleryImages/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Deploys market place gallery images resource", + "displayName": "Deploys market place gallery images resource", + "name": "Microsoft.AzureStackHCI/MarketPlaceGalleryImages/deploy/action", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets clusters", + "displayName": "Gets/List cluster resources", + "name": "Microsoft.AzureStackHCI/Clusters/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets arc resource of HCI cluster", + "displayName": "Gets/List arc resources", + "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists a network security group resource", + "displayName": "Gets/Lists a network security group resource", + "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Gets/Lists security rule resource", + "displayName": "Gets/Lists security rule resource", + "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read", + "providerDisplayName": "Microsoft.AzureStackHCI", + "providerName": "Microsoft.AzureStackHCI" + }, + { + "description": "Create or update a classic metric alert", + "displayName": "Create or update classic metric alert", + "name": "Microsoft.Insights/AlertRules/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Delete a classic metric alert", + "displayName": "Delete classic metric alert", + "name": "Microsoft.Insights/AlertRules/Delete", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert", + "displayName": "Read classic metric alert", + "name": "Microsoft.Insights/AlertRules/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert activated", + "displayName": "Classic metric alert activated", + "name": "Microsoft.Insights/AlertRules/Activated/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert resolved", + "displayName": "Classic metric alert resolved", + "name": "Microsoft.Insights/AlertRules/Resolved/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert rule throttled", + "displayName": "Classic metric alert rule throttled", + "name": "Microsoft.Insights/AlertRules/Throttled/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert incident", + "displayName": "Read classic metric alert incidents", + "name": "Microsoft.Insights/AlertRules/Incidents/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets the availability statuses for all resources in the specified scope", + "displayName": "Get Availability Statuses", + "name": "Microsoft.ResourceHealth/AvailabilityStatuses/read", + "providerDisplayName": "Microsoft ResourceHealth", + "providerName": "Microsoft.ResourceHealth" + }, + { + "description": "Reads the administrators for the subscription.", + "displayName": "Get administrator", + "name": "Microsoft.Authorization/classicAdministrators/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role assignment.", + "displayName": "Get role assignment", + "name": "Microsoft.Authorization/roleAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Lists all the permissions the caller has at a given scope.", + "displayName": "List permissions", + "name": "Microsoft.Authorization/permissions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets locks at the specified scope.", + "displayName": "Get management locks", + "name": "Microsoft.Authorization/locks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role definition.", + "displayName": "Get role definition", + "name": "Microsoft.Authorization/roleDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get operations for all resource providers which can be used in role definitions.", + "displayName": "Get operations for resource providers", + "name": "Microsoft.Authorization/providerOperations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy set definition.", + "displayName": "Get policy set definition", + "name": "Microsoft.Authorization/policySetDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy definition.", + "displayName": "Get policy definition", + "name": "Microsoft.Authorization/policyDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy assignment.", + "displayName": "Get policy assignment", + "name": "Microsoft.Authorization/policyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the list of operations", + "displayName": "Get operations", + "name": "Microsoft.Authorization/operations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the administrator opreation statuses of the subscription.", + "displayName": "Get administrator operation statuses", + "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a deny assignment.", + "displayName": "Get deny assignment", + "name": "Microsoft.Authorization/denyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about resource management private link.", + "displayName": "Get Resource Management Private Link", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection proxy.", + "displayName": "Get Private Endpoint Connection Proxy", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private link association.", + "displayName": "Get Private Link Association", + "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy exemption.", + "displayName": "Get policy exemption", + "name": "Microsoft.Authorization/policyExemptions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule requests at given scope.", + "displayName": "Get Role assignment schedule request", + "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule requests at given scope.", + "displayName": "Get Role eligibility schedule request", + "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedules at given scope.", + "displayName": "Get Role assignment schedule", + "name": "Microsoft.Authorization/roleAssignmentSchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedules at given scope.", + "displayName": "Get Role eligibility schedule", + "name": "Microsoft.Authorization/roleEligibilitySchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule instances at given scope.", + "displayName": "Get Role assignment schedule instance", + "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule instances at given scope.", + "displayName": "Get Role eligibility schedule instance", + "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get Role management policies", + "displayName": "Get Role management policy", + "name": "Microsoft.Authorization/roleManagementPolicies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get role management policy assignments", + "displayName": "Get Role management policy assignment", + "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Read the information about diagnostics settings", + "displayName": "Get information about diagnostics settings", + "name": "Microsoft.Authorization/diagnosticSettings/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get the information about diagnostic settings categories", + "displayName": "Read the information about diagnostic settings categories", + "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the list of subscriptions.", + "displayName": "Get Subscriptions", + "name": "Microsoft.Resources/subscriptions/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Get the subscription operation results.", + "displayName": "Get Subscription Operation Results", + "name": "Microsoft.Resources/subscriptions/operationresults/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Read any Azure Arc machines", + "displayName": "Read Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Writes an Azure Arc machines", + "displayName": "Write Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc machines", + "displayName": "Delete Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Upgrades Extensions on Azure Arc machines", + "displayName": "Upgrade Extensions on Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/UpgradeExtensions/action", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Assesses any Azure Arc machines to get missing software patches", + "displayName": "Assess Azure Arc machines to get missing software patches", + "name": "Microsoft.HybridCompute/machines/assessPatches/action", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs patches on any Azure Arc machines", + "displayName": "Install patches on Azure Arc machines", + "name": "Microsoft.HybridCompute/machines/installPatches/action", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc extensions", + "displayName": "Read Azure Arc extensions", + "name": "Microsoft.HybridCompute/machines/extensions/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs or Updates an Azure Arc extensions", + "displayName": "Install or Update an Azure Arc extensions", + "name": "Microsoft.HybridCompute/machines/extensions/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc extensions", + "displayName": "Delete Azure Arc extensions", + "name": "Microsoft.HybridCompute/machines/extensions/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Read all Operations for Azure Arc for Servers", + "displayName": "Read all Operations", + "name": "Microsoft.HybridCompute/operations/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", + "displayName": "Read Operation Results", + "name": "Microsoft.HybridCompute/locations/operationresults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", + "displayName": "Read Operation Results", + "name": "Microsoft.HybridCompute/locations/operationstatus/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc patchAssessmentResults", + "displayName": "Read Azure Arc patchAssessmentResults", + "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc patchAssessmentResults/softwarePatches", + "displayName": "Read Azure Arc patchAssessmentResults/softwarePatches", + "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc patchInstallationResults", + "displayName": "Read Azure Arc patchInstallationResults", + "name": "Microsoft.HybridCompute/machines/patchInstallationResults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc patchInstallationResults/softwarePatches", + "displayName": "Read Azure Arc patchInstallationResults/softwarePatches", + "name": "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads the status of an update center operation on machines", + "displayName": "Read Update Center Operation Results", + "name": "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Read any Azure Arc machines's Hybrid Identity Metadata", + "displayName": "Read Azure Arc machines's Hybrid Identity Metadata", + "name": "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Read all Azure Connected Machine Agent versions available", + "displayName": "Read all Azure Connected Machine Agent versions available", + "name": "Microsoft.HybridCompute/osType/agentVersions/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Read the latest Azure Connected Machine Agent version", + "displayName": "Read the latest Azure Connected Machine Agent version", + "name": "Microsoft.HybridCompute/osType/agentVersions/latest/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc runcommands", + "displayName": "Read Azure Arc runcommands", + "name": "Microsoft.HybridCompute/machines/runcommands/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs or Updates an Azure Arc runcommands", + "displayName": "Install or Update an Azure Arc runcommands", + "name": "Microsoft.HybridCompute/machines/runcommands/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc runcommands", + "displayName": "Delete Azure Arc runcommands", + "name": "Microsoft.HybridCompute/machines/runcommands/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc licenseProfiles", + "displayName": "Read Azure Arc licenseProfiles", + "name": "Microsoft.HybridCompute/machines/licenseProfiles/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs or Updates an Azure Arc licenseProfiles", + "displayName": "Install or Update an Azure Arc licenseProfiles", + "name": "Microsoft.HybridCompute/machines/licenseProfiles/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc licenseProfiles", + "displayName": "Delete Azure Arc licenseProfiles", + "name": "Microsoft.HybridCompute/machines/licenseProfiles/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Reads any Azure Arc licenses", + "displayName": "Read Azure Arc licenses", + "name": "Microsoft.HybridCompute/licenses/read", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Installs or Updates an Azure Arc licenses", + "displayName": "Install or Update an Azure Arc licenses", + "name": "Microsoft.HybridCompute/licenses/write", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Deletes an Azure Arc licenses", + "displayName": "Delete Azure Arc licenses", + "name": "Microsoft.HybridCompute/licenses/delete", + "providerDisplayName": "Microsoft HybridCompute", + "providerName": "Microsoft.HybridCompute" + }, + { + "description": "Gets an Custom Location resource", + "displayName": "Get Custom Location", + "name": "Microsoft.ExtendedLocation/customLocations/read", + "providerDisplayName": "Microsoft.ExtendedLocation", + "providerName": "Microsoft.ExtendedLocation" + }, + { + "description": "Deploy permissions to a Custom Location resource", + "displayName": "Deploy permissions to Custom Location", + "name": "Microsoft.ExtendedLocation/customLocations/deploy/action", + "providerDisplayName": "Microsoft.ExtendedLocation", + "providerName": "Microsoft.ExtendedLocation" + }, + { + "description": "Gets extension instance resource.", + "displayName": "Microsoft.KubernetesConfiguration/extensions/read", + "name": "Microsoft.KubernetesConfiguration/extensions/read", + "providerDisplayName": "Microsoft Kubernetes Configuration", + "providerName": "Microsoft.KubernetesConfiguration" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.AzureStackHCI/VirtualMachines/*", + "Microsoft.AzureStackHCI/virtualMachineInstances/*", + "Microsoft.AzureStackHCI/NetworkInterfaces/*", + "Microsoft.AzureStackHCI/VirtualHardDisks/*", + "Microsoft.AzureStackHCI/VirtualNetworks/Read", + "Microsoft.AzureStackHCI/VirtualNetworks/join/action", + "Microsoft.AzureStackHCI/LogicalNetworks/Read", + "Microsoft.AzureStackHCI/LogicalNetworks/join/action", + "Microsoft.AzureStackHCI/GalleryImages/Read", + "Microsoft.AzureStackHCI/GalleryImages/deploy/action", + "Microsoft.AzureStackHCI/StorageContainers/Read", + "Microsoft.AzureStackHCI/StorageContainers/deploy/action", + "Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read", + "Microsoft.AzureStackHCI/MarketPlaceGalleryImages/deploy/action", + "Microsoft.AzureStackHCI/Clusters/Read", + "Microsoft.AzureStackHCI/Clusters/ArcSettings/Read", + "Microsoft.AzureStackHCI/NetworkSecurityGroups/Read", + "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read", + "Microsoft.Insights/AlertRules/Write", + "Microsoft.Insights/AlertRules/Delete", + "Microsoft.Insights/AlertRules/Read", + "Microsoft.Insights/AlertRules/Activated/Action", + "Microsoft.Insights/AlertRules/Resolved/Action", + "Microsoft.Insights/AlertRules/Throttled/Action", + "Microsoft.Insights/AlertRules/Incidents/Read", + "Microsoft.Resources/deployments/read", + "Microsoft.Resources/deployments/write", + "Microsoft.Resources/deployments/delete", + "Microsoft.Resources/deployments/cancel/action", + "Microsoft.Resources/deployments/validate/action", + "Microsoft.Resources/deployments/whatIf/action", + "Microsoft.Resources/deployments/exportTemplate/action", + "Microsoft.Resources/deployments/operations/read", + "Microsoft.Resources/deployments/operationstatuses/read", + "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", + "Microsoft.Resources/subscriptions/resourcegroups/deployments/write", + "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", + "Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read", + "Microsoft.ResourceHealth/availabilityStatuses/read", + "Microsoft.Authorization/*/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.HybridCompute/machines/read", + "Microsoft.HybridCompute/machines/write", + "Microsoft.HybridCompute/machines/delete", + "Microsoft.HybridCompute/machines/UpgradeExtensions/action", + "Microsoft.HybridCompute/machines/assessPatches/action", + "Microsoft.HybridCompute/machines/installPatches/action", + "Microsoft.HybridCompute/machines/extensions/read", + "Microsoft.HybridCompute/machines/extensions/write", + "Microsoft.HybridCompute/machines/extensions/delete", + "Microsoft.HybridCompute/operations/read", + "Microsoft.HybridCompute/locations/operationresults/read", + "Microsoft.HybridCompute/locations/operationstatus/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/read", + "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/read", + "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", + "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", + "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", + "Microsoft.HybridCompute/osType/agentVersions/read", + "Microsoft.HybridCompute/osType/agentVersions/latest/read", + "Microsoft.HybridCompute/machines/runcommands/read", + "Microsoft.HybridCompute/machines/runcommands/write", + "Microsoft.HybridCompute/machines/runcommands/delete", + "Microsoft.HybridCompute/machines/licenseProfiles/read", + "Microsoft.HybridCompute/machines/licenseProfiles/write", + "Microsoft.HybridCompute/machines/licenseProfiles/delete", + "Microsoft.HybridCompute/licenses/read", + "Microsoft.HybridCompute/licenses/write", + "Microsoft.HybridCompute/licenses/delete", + "Microsoft.ExtendedLocation/customLocations/Read", + "Microsoft.ExtendedLocation/customLocations/deploy/action", + "Microsoft.KubernetesConfiguration/extensions/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Grants permissions to view VMs", "hasExternal": false, @@ -1159623,962 +1163239,6 @@ } ] }, - { - "description": "Grants permissions to perform all VM actions", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Stack HCI VM Contributor", - "permittedActions": [ - { - "description": "Restarts virtual machine resource", - "displayName": "Restarts virtual machine resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/Restart/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Starts virtual machine resource", - "displayName": "Starts virtual machine resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/Start/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Stops virtual machine resource", - "displayName": "Stops virtual machine resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/Stop/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Deletes virtual machine resource", - "displayName": "Deletes virtual machine resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/Delete", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Creates/Updates virtual machine resource", - "displayName": "Creates/Updates virtual machine resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/Write", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets/Lists virtual machine resource", - "displayName": "Gets/Lists virtual machine resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets/Lists virtual machine hybrid identity metadata proxy resource", - "displayName": "Gets/Lists virtual machine hybrid identity metadata proxy resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/HybridIdentityMetadata/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets/Lists virtual machine extensions resource", - "displayName": "Gets/Lists virtual machine extensions resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Creates/Updates virtual machine extensions resource", - "displayName": "Creates/Updates virtual machine extensions resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Write", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Deletes virtual machine extensions resource", - "displayName": "Deletes virtual machine extensions resource", - "name": "Microsoft.AzureStackHCI/VirtualMachines/Extensions/Delete", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Restarts virtual machine instance resource", - "displayName": "Restarts virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Restart/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Starts virtual machine instance resource", - "displayName": "Starts virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Start/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Stops virtual machine instance resource", - "displayName": "Stops virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Stop/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Pauses virtual machine instance resource", - "displayName": "Pauses virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Pause/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Saves virtual machine instance resource", - "displayName": "Saves virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Save/Action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Deletes virtual machine instance resource", - "displayName": "Deletes virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Delete", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Creates/Updates virtual machine instance resource", - "displayName": "Creates/Updates virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Write", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets/Lists virtual machine instance resource", - "displayName": "Gets/Lists virtual machine instance resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets/Lists virtual machine instance hybrid identity metadata proxy resource", - "displayName": "Gets/Lists virtual machine instance hybrid identity metadata proxy resource", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/HybridIdentityMetadata/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets/Lists virtual machine instance's attestation status", - "displayName": "Gets/Lists virtual machine instance's attestation status", - "name": "Microsoft.AzureStackHCI/VirtualMachineInstances/attestationStatus/read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Deletes network interfaces resource", - "displayName": "Deletes network interfaces resource", - "name": "Microsoft.AzureStackHCI/NetworkInterfaces/Delete", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Creates/Updates network interfaces resource", - "displayName": "Creates/Updates network interfaces resource", - "name": "Microsoft.AzureStackHCI/NetworkInterfaces/Write", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets/Lists network interfaces resource", - "displayName": "Gets/Lists network interfaces resource", - "name": "Microsoft.AzureStackHCI/NetworkInterfaces/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Deletes virtual hard disk resource", - "displayName": "Deletes virtual hard disk resource", - "name": "Microsoft.AzureStackHCI/VirtualHardDisks/Delete", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Creates/Updates virtual hard disk resource", - "displayName": "Creates/Updates virtual hard disk resource", - "name": "Microsoft.AzureStackHCI/VirtualHardDisks/Write", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets/Lists virtual hard disk resource", - "displayName": "Gets/Lists virtual hard disk resource", - "name": "Microsoft.AzureStackHCI/VirtualHardDisks/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets/Lists virtual networks resource", - "displayName": "Gets/Lists virtual networks resource", - "name": "Microsoft.AzureStackHCI/VirtualNetworks/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Joins virtual networks resource", - "displayName": "Joins virtual networks resource", - "name": "Microsoft.AzureStackHCI/VirtualNetworks/join/action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets/Lists logical networks resource", - "displayName": "Gets/Lists logical networks resource", - "name": "Microsoft.AzureStackHCI/LogicalNetworks/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Joins logical networks resource", - "displayName": "Joins logical networks resource", - "name": "Microsoft.AzureStackHCI/LogicalNetworks/join/action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets/Lists gallery images resource", - "displayName": "Gets/Lists gallery images resource", - "name": "Microsoft.AzureStackHCI/GalleryImages/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Deploys gallery images resource", - "displayName": "Deploys gallery images resource", - "name": "Microsoft.AzureStackHCI/GalleryImages/deploy/action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets/Lists storage containers resource", - "displayName": "Gets/Lists storage containers resource", - "name": "Microsoft.AzureStackHCI/StorageContainers/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Deploys storage containers resource", - "displayName": "Deploys storage containers resource", - "name": "Microsoft.AzureStackHCI/StorageContainers/deploy/action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets/Lists market place gallery images resource", - "displayName": "Gets/Lists market place gallery images resource", - "name": "Microsoft.AzureStackHCI/MarketPlaceGalleryImages/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Deploys market place gallery images resource", - "displayName": "Deploys market place gallery images resource", - "name": "Microsoft.AzureStackHCI/MarketPlaceGalleryImages/deploy/action", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets clusters", - "displayName": "Gets/List cluster resources", - "name": "Microsoft.AzureStackHCI/Clusters/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets arc resource of HCI cluster", - "displayName": "Gets/List arc resources", - "name": "Microsoft.AzureStackHCI/Clusters/ArcSettings/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets/Lists a network security group resource", - "displayName": "Gets/Lists a network security group resource", - "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Gets/Lists security rule resource", - "displayName": "Gets/Lists security rule resource", - "name": "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read", - "providerDisplayName": "Microsoft.AzureStackHCI", - "providerName": "Microsoft.AzureStackHCI" - }, - { - "description": "Create or update a classic metric alert", - "displayName": "Create or update classic metric alert", - "name": "Microsoft.Insights/AlertRules/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Delete a classic metric alert", - "displayName": "Delete classic metric alert", - "name": "Microsoft.Insights/AlertRules/Delete", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert", - "displayName": "Read classic metric alert", - "name": "Microsoft.Insights/AlertRules/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert activated", - "displayName": "Classic metric alert activated", - "name": "Microsoft.Insights/AlertRules/Activated/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert resolved", - "displayName": "Classic metric alert resolved", - "name": "Microsoft.Insights/AlertRules/Resolved/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert rule throttled", - "displayName": "Classic metric alert rule throttled", - "name": "Microsoft.Insights/AlertRules/Throttled/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert incident", - "displayName": "Read classic metric alert incidents", - "name": "Microsoft.Insights/AlertRules/Incidents/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets the availability statuses for all resources in the specified scope", - "displayName": "Get Availability Statuses", - "name": "Microsoft.ResourceHealth/AvailabilityStatuses/read", - "providerDisplayName": "Microsoft ResourceHealth", - "providerName": "Microsoft.ResourceHealth" - }, - { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the list of subscriptions.", - "displayName": "Get Subscriptions", - "name": "Microsoft.Resources/subscriptions/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Get the subscription operation results.", - "displayName": "Get Subscription Operation Results", - "name": "Microsoft.Resources/subscriptions/operationresults/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Read any Azure Arc machines", - "displayName": "Read Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Writes an Azure Arc machines", - "displayName": "Write Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Deletes an Azure Arc machines", - "displayName": "Delete Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Upgrades Extensions on Azure Arc machines", - "displayName": "Upgrade Extensions on Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/UpgradeExtensions/action", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Assesses any Azure Arc machines to get missing software patches", - "displayName": "Assess Azure Arc machines to get missing software patches", - "name": "Microsoft.HybridCompute/machines/assessPatches/action", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Installs patches on any Azure Arc machines", - "displayName": "Install patches on Azure Arc machines", - "name": "Microsoft.HybridCompute/machines/installPatches/action", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc extensions", - "displayName": "Read Azure Arc extensions", - "name": "Microsoft.HybridCompute/machines/extensions/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Installs or Updates an Azure Arc extensions", - "displayName": "Install or Update an Azure Arc extensions", - "name": "Microsoft.HybridCompute/machines/extensions/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Deletes an Azure Arc extensions", - "displayName": "Delete Azure Arc extensions", - "name": "Microsoft.HybridCompute/machines/extensions/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Read all Operations for Azure Arc for Servers", - "displayName": "Read all Operations", - "name": "Microsoft.HybridCompute/operations/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", - "displayName": "Read Operation Results", - "name": "Microsoft.HybridCompute/locations/operationresults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads the status of an operation on Microsoft.HybridCompute Resource Provider", - "displayName": "Read Operation Results", - "name": "Microsoft.HybridCompute/locations/operationstatus/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc patchAssessmentResults", - "displayName": "Read Azure Arc patchAssessmentResults", - "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc patchAssessmentResults/softwarePatches", - "displayName": "Read Azure Arc patchAssessmentResults/softwarePatches", - "name": "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc patchInstallationResults", - "displayName": "Read Azure Arc patchInstallationResults", - "name": "Microsoft.HybridCompute/machines/patchInstallationResults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc patchInstallationResults/softwarePatches", - "displayName": "Read Azure Arc patchInstallationResults/softwarePatches", - "name": "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads the status of an update center operation on machines", - "displayName": "Read Update Center Operation Results", - "name": "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Read any Azure Arc machines's Hybrid Identity Metadata", - "displayName": "Read Azure Arc machines's Hybrid Identity Metadata", - "name": "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Read all Azure Connected Machine Agent versions available", - "displayName": "Read all Azure Connected Machine Agent versions available", - "name": "Microsoft.HybridCompute/osType/agentVersions/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Read the latest Azure Connected Machine Agent version", - "displayName": "Read the latest Azure Connected Machine Agent version", - "name": "Microsoft.HybridCompute/osType/agentVersions/latest/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc runcommands", - "displayName": "Read Azure Arc runcommands", - "name": "Microsoft.HybridCompute/machines/runcommands/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Installs or Updates an Azure Arc runcommands", - "displayName": "Install or Update an Azure Arc runcommands", - "name": "Microsoft.HybridCompute/machines/runcommands/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Deletes an Azure Arc runcommands", - "displayName": "Delete Azure Arc runcommands", - "name": "Microsoft.HybridCompute/machines/runcommands/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc licenseProfiles", - "displayName": "Read Azure Arc licenseProfiles", - "name": "Microsoft.HybridCompute/machines/licenseProfiles/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Installs or Updates an Azure Arc licenseProfiles", - "displayName": "Install or Update an Azure Arc licenseProfiles", - "name": "Microsoft.HybridCompute/machines/licenseProfiles/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Deletes an Azure Arc licenseProfiles", - "displayName": "Delete Azure Arc licenseProfiles", - "name": "Microsoft.HybridCompute/machines/licenseProfiles/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Reads any Azure Arc licenses", - "displayName": "Read Azure Arc licenses", - "name": "Microsoft.HybridCompute/licenses/read", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Installs or Updates an Azure Arc licenses", - "displayName": "Install or Update an Azure Arc licenses", - "name": "Microsoft.HybridCompute/licenses/write", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Deletes an Azure Arc licenses", - "displayName": "Delete Azure Arc licenses", - "name": "Microsoft.HybridCompute/licenses/delete", - "providerDisplayName": "Microsoft HybridCompute", - "providerName": "Microsoft.HybridCompute" - }, - { - "description": "Gets an Custom Location resource", - "displayName": "Get Custom Location", - "name": "Microsoft.ExtendedLocation/customLocations/read", - "providerDisplayName": "Microsoft.ExtendedLocation", - "providerName": "Microsoft.ExtendedLocation" - }, - { - "description": "Deploy permissions to a Custom Location resource", - "displayName": "Deploy permissions to Custom Location", - "name": "Microsoft.ExtendedLocation/customLocations/deploy/action", - "providerDisplayName": "Microsoft.ExtendedLocation", - "providerName": "Microsoft.ExtendedLocation" - }, - { - "description": "Gets extension instance resource.", - "displayName": "Microsoft.KubernetesConfiguration/extensions/read", - "name": "Microsoft.KubernetesConfiguration/extensions/read", - "providerDisplayName": "Microsoft Kubernetes Configuration", - "providerName": "Microsoft.KubernetesConfiguration" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.AzureStackHCI/VirtualMachines/*", - "Microsoft.AzureStackHCI/virtualMachineInstances/*", - "Microsoft.AzureStackHCI/NetworkInterfaces/*", - "Microsoft.AzureStackHCI/VirtualHardDisks/*", - "Microsoft.AzureStackHCI/VirtualNetworks/Read", - "Microsoft.AzureStackHCI/VirtualNetworks/join/action", - "Microsoft.AzureStackHCI/LogicalNetworks/Read", - "Microsoft.AzureStackHCI/LogicalNetworks/join/action", - "Microsoft.AzureStackHCI/GalleryImages/Read", - "Microsoft.AzureStackHCI/GalleryImages/deploy/action", - "Microsoft.AzureStackHCI/StorageContainers/Read", - "Microsoft.AzureStackHCI/StorageContainers/deploy/action", - "Microsoft.AzureStackHCI/MarketplaceGalleryImages/Read", - "Microsoft.AzureStackHCI/MarketPlaceGalleryImages/deploy/action", - "Microsoft.AzureStackHCI/Clusters/Read", - "Microsoft.AzureStackHCI/Clusters/ArcSettings/Read", - "Microsoft.AzureStackHCI/NetworkSecurityGroups/Read", - "Microsoft.AzureStackHCI/NetworkSecurityGroups/SecurityRules/Read", - "Microsoft.Insights/AlertRules/Write", - "Microsoft.Insights/AlertRules/Delete", - "Microsoft.Insights/AlertRules/Read", - "Microsoft.Insights/AlertRules/Activated/Action", - "Microsoft.Insights/AlertRules/Resolved/Action", - "Microsoft.Insights/AlertRules/Throttled/Action", - "Microsoft.Insights/AlertRules/Incidents/Read", - "Microsoft.Resources/deployments/read", - "Microsoft.Resources/deployments/write", - "Microsoft.Resources/deployments/delete", - "Microsoft.Resources/deployments/cancel/action", - "Microsoft.Resources/deployments/validate/action", - "Microsoft.Resources/deployments/whatIf/action", - "Microsoft.Resources/deployments/exportTemplate/action", - "Microsoft.Resources/deployments/operations/read", - "Microsoft.Resources/deployments/operationstatuses/read", - "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", - "Microsoft.Resources/subscriptions/resourcegroups/deployments/write", - "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", - "Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read", - "Microsoft.ResourceHealth/availabilityStatuses/read", - "Microsoft.Authorization/*/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.HybridCompute/machines/read", - "Microsoft.HybridCompute/machines/write", - "Microsoft.HybridCompute/machines/delete", - "Microsoft.HybridCompute/machines/UpgradeExtensions/action", - "Microsoft.HybridCompute/machines/assessPatches/action", - "Microsoft.HybridCompute/machines/installPatches/action", - "Microsoft.HybridCompute/machines/extensions/read", - "Microsoft.HybridCompute/machines/extensions/write", - "Microsoft.HybridCompute/machines/extensions/delete", - "Microsoft.HybridCompute/operations/read", - "Microsoft.HybridCompute/locations/operationresults/read", - "Microsoft.HybridCompute/locations/operationstatus/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/read", - "Microsoft.HybridCompute/machines/patchAssessmentResults/softwarePatches/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/read", - "Microsoft.HybridCompute/machines/patchInstallationResults/softwarePatches/read", - "Microsoft.HybridCompute/locations/updateCenterOperationResults/read", - "Microsoft.HybridCompute/machines/hybridIdentityMetadata/read", - "Microsoft.HybridCompute/osType/agentVersions/read", - "Microsoft.HybridCompute/osType/agentVersions/latest/read", - "Microsoft.HybridCompute/machines/runcommands/read", - "Microsoft.HybridCompute/machines/runcommands/write", - "Microsoft.HybridCompute/machines/runcommands/delete", - "Microsoft.HybridCompute/machines/licenseProfiles/read", - "Microsoft.HybridCompute/machines/licenseProfiles/write", - "Microsoft.HybridCompute/machines/licenseProfiles/delete", - "Microsoft.HybridCompute/licenses/read", - "Microsoft.HybridCompute/licenses/write", - "Microsoft.HybridCompute/licenses/delete", - "Microsoft.ExtendedLocation/customLocations/Read", - "Microsoft.ExtendedLocation/customLocations/deploy/action", - "Microsoft.KubernetesConfiguration/extensions/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Provides read access to environment resources.", "hasExternal": false, @@ -1160885,10 +1163545,10 @@ ] }, { - "description": "Allows receive access to event grid events.", + "description": "Allows send and receive access to event grid events.", "hasExternal": false, "hasUnknown": false, - "name": "EventGrid Data Receiver", + "name": "EventGrid Data Contributor", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1161114,6 +1163774,27 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, + { + "description": "Read a topic", + "displayName": "Read Topic", + "name": "Microsoft.EventGrid/topics/read", + "providerDisplayName": "Microsoft Event Grid", + "providerName": "Microsoft.EventGrid" + }, + { + "description": "Read a domain", + "displayName": "Read Domain", + "name": "Microsoft.EventGrid/domains/read", + "providerDisplayName": "Microsoft Event Grid", + "providerName": "Microsoft.EventGrid" + }, + { + "description": "Read a partner namespace", + "displayName": "Read PartnerNamespace", + "name": "Microsoft.EventGrid/partnerNamespaces/read", + "providerDisplayName": "Microsoft Event Grid", + "providerName": "Microsoft.EventGrid" + }, { "description": "Read a namespace", "displayName": "Read Namespace", @@ -1161123,6 +1163804,13 @@ } ], "permittedDataActions": [ + { + "description": "Send events to topics", + "displayName": "Send events", + "name": "Microsoft.EventGrid/events/send/action", + "providerDisplayName": "Microsoft Event Grid", + "providerName": "Microsoft.EventGrid" + }, { "description": "Receive events from namespace topics", "displayName": "Receive events", @@ -1161140,11 +1163828,15 @@ "Microsoft.EventGrid/locations/eventSubscriptions/read", "Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.EventGrid/topics/read", + "Microsoft.EventGrid/domains/read", + "Microsoft.EventGrid/partnerNamespaces/read", "Microsoft.EventGrid/namespaces/read" ], "condition": null, "conditionVersion": null, "dataActions": [ + "Microsoft.EventGrid/events/send/action", "Microsoft.EventGrid/events/receive/action" ], "notActions": [], @@ -1161153,10 +1163845,10 @@ ] }, { - "description": "Allows send and receive access to event grid events.", + "description": "Allows receive access to event grid events.", "hasExternal": false, "hasUnknown": false, - "name": "EventGrid Data Contributor", + "name": "EventGrid Data Receiver", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1161382,27 +1164074,6 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, - { - "description": "Read a topic", - "displayName": "Read Topic", - "name": "Microsoft.EventGrid/topics/read", - "providerDisplayName": "Microsoft Event Grid", - "providerName": "Microsoft.EventGrid" - }, - { - "description": "Read a domain", - "displayName": "Read Domain", - "name": "Microsoft.EventGrid/domains/read", - "providerDisplayName": "Microsoft Event Grid", - "providerName": "Microsoft.EventGrid" - }, - { - "description": "Read a partner namespace", - "displayName": "Read PartnerNamespace", - "name": "Microsoft.EventGrid/partnerNamespaces/read", - "providerDisplayName": "Microsoft Event Grid", - "providerName": "Microsoft.EventGrid" - }, { "description": "Read a namespace", "displayName": "Read Namespace", @@ -1161412,13 +1164083,6 @@ } ], "permittedDataActions": [ - { - "description": "Send events to topics", - "displayName": "Send events", - "name": "Microsoft.EventGrid/events/send/action", - "providerDisplayName": "Microsoft Event Grid", - "providerName": "Microsoft.EventGrid" - }, { "description": "Receive events from namespace topics", "displayName": "Receive events", @@ -1161436,15 +1164100,11 @@ "Microsoft.EventGrid/locations/eventSubscriptions/read", "Microsoft.EventGrid/locations/topicTypes/eventSubscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.EventGrid/topics/read", - "Microsoft.EventGrid/domains/read", - "Microsoft.EventGrid/partnerNamespaces/read", "Microsoft.EventGrid/namespaces/read" ], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.EventGrid/events/send/action", "Microsoft.EventGrid/events/receive/action" ], "notActions": [], @@ -1161453,46 +1164113,11 @@ ] }, { - "description": "View reviews for a workload and triage recommendations linked to them.", + "description": "Can perform all actions required to create a resource deployment within a resource group.", "hasExternal": false, "hasUnknown": false, - "name": "Advisor Reviews Contributor", + "name": "Azure AI Inference Deployment Operator", "permittedActions": [ - { - "description": "Read resiliencyReviews", - "displayName": "Reads resiliencyReviews", - "name": "Microsoft.Advisor/resiliencyReviews/read", - "providerDisplayName": "Microsoft Advisor", - "providerName": "Microsoft.Advisor" - }, - { - "description": "Read triageRecommendations", - "displayName": "Reads triageRecommendations", - "name": "Microsoft.Advisor/triageRecommendations/read", - "providerDisplayName": "Microsoft Advisor", - "providerName": "Microsoft.Advisor" - }, - { - "description": "Approve triageRecommendations", - "displayName": "Approves triageRecommendations", - "name": "Microsoft.Advisor/triageRecommendations/approve/action", - "providerDisplayName": "Microsoft Advisor", - "providerName": "Microsoft.Advisor" - }, - { - "description": "Reject triageRecommendations", - "displayName": "Rejects triageRecommendations", - "name": "Microsoft.Advisor/triageRecommendations/reject/action", - "providerDisplayName": "Microsoft Advisor", - "providerName": "Microsoft.Advisor" - }, - { - "description": "Reset triageRecommendations", - "displayName": "Resets triageRecommendations", - "name": "Microsoft.Advisor/triageRecommendations/reset/action", - "providerDisplayName": "Microsoft Advisor", - "providerName": "Microsoft.Advisor" - }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1161682,55 +1164307,6 @@ "providerDisplayName": "Microsoft Authorization", "providerName": "Microsoft.Authorization" }, - { - "description": "Create or update a classic metric alert", - "displayName": "Create or update classic metric alert", - "name": "Microsoft.Insights/AlertRules/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Delete a classic metric alert", - "displayName": "Delete classic metric alert", - "name": "Microsoft.Insights/AlertRules/Delete", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert", - "displayName": "Read classic metric alert", - "name": "Microsoft.Insights/AlertRules/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert activated", - "displayName": "Classic metric alert activated", - "name": "Microsoft.Insights/AlertRules/Activated/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert resolved", - "displayName": "Classic metric alert resolved", - "name": "Microsoft.Insights/AlertRules/Resolved/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert rule throttled", - "displayName": "Classic metric alert rule throttled", - "name": "Microsoft.Insights/AlertRules/Throttled/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert incident", - "displayName": "Read classic metric alert incidents", - "name": "Microsoft.Insights/AlertRules/Incidents/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, { "description": "Gets or lists deployments.", "displayName": "Get Deployment", @@ -1161795,62 +1164371,20 @@ "providerName": "Microsoft.Resources" }, { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Create or update an autoscale setting", + "displayName": "Create or update autoscale setting", + "name": "Microsoft.Insights/AutoscaleSettings/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.Advisor/resiliencyReviews/read", - "Microsoft.Advisor/triageRecommendations/read", - "Microsoft.Advisor/triageRecommendations/approve/action", - "Microsoft.Advisor/triageRecommendations/reject/action", - "Microsoft.Advisor/triageRecommendations/reset/action", "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "View reviews for a workload and recommendations linked to them.", - "hasExternal": false, - "hasUnknown": false, - "name": "Advisor Reviews Reader", - "permittedActions": [ - { - "description": "Read resiliencyReviews", - "displayName": "Reads resiliencyReviews", - "name": "Microsoft.Advisor/resiliencyReviews/read", - "providerDisplayName": "Microsoft Advisor", - "providerName": "Microsoft.Advisor" - }, - { - "description": "Read triageRecommendations", - "displayName": "Reads triageRecommendations", - "name": "Microsoft.Advisor/triageRecommendations/read", - "providerDisplayName": "Microsoft Advisor", - "providerName": "Microsoft.Advisor" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Advisor/resiliencyReviews/read", - "Microsoft.Advisor/triageRecommendations/read" + "Microsoft.Insights/AutoscaleSettings/write" ], "condition": null, "conditionVersion": null, @@ -1161861,10 +1164395,10 @@ ] }, { - "description": "Can perform all actions required to create a resource deployment within a resource group.", + "description": "Built-in role that allows a Connected Cluster managed identity to call the checkAccess API", "hasExternal": false, "hasUnknown": false, - "name": "Azure AI Inference Deployment Operator", + "name": "Connected Cluster Managed Identity CheckAccess Reader", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1162054,85 +1164588,49 @@ "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", "providerDisplayName": "Microsoft Authorization", "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, + } + ], + "permittedDataActions": [], + "rawPermissions": [ { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, + "actions": [ + "Microsoft.Authorization/*/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "View reviews for a workload and recommendations linked to them.", + "hasExternal": false, + "hasUnknown": false, + "name": "Advisor Reviews Reader", + "permittedActions": [ { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "Read resiliencyReviews", + "displayName": "Reads resiliencyReviews", + "name": "Microsoft.Advisor/resiliencyReviews/read", + "providerDisplayName": "Microsoft Advisor", + "providerName": "Microsoft.Advisor" }, { - "description": "Create or update an autoscale setting", - "displayName": "Create or update autoscale setting", - "name": "Microsoft.Insights/AutoscaleSettings/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Read triageRecommendations", + "displayName": "Reads triageRecommendations", + "name": "Microsoft.Advisor/triageRecommendations/read", + "providerDisplayName": "Microsoft Advisor", + "providerName": "Microsoft.Advisor" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Resources/deployments/*", - "Microsoft.Insights/AutoscaleSettings/write" + "Microsoft.Advisor/resiliencyReviews/read", + "Microsoft.Advisor/triageRecommendations/read" ], "condition": null, "conditionVersion": null, @@ -1162143,11 +1164641,46 @@ ] }, { - "description": "Built-in role that allows a Connected Cluster managed identity to call the checkAccess API", + "description": "View reviews for a workload and triage recommendations linked to them.", "hasExternal": false, "hasUnknown": false, - "name": "Connected Cluster Managed Identity CheckAccess Reader", + "name": "Advisor Reviews Contributor", "permittedActions": [ + { + "description": "Read resiliencyReviews", + "displayName": "Reads resiliencyReviews", + "name": "Microsoft.Advisor/resiliencyReviews/read", + "providerDisplayName": "Microsoft Advisor", + "providerName": "Microsoft.Advisor" + }, + { + "description": "Read triageRecommendations", + "displayName": "Reads triageRecommendations", + "name": "Microsoft.Advisor/triageRecommendations/read", + "providerDisplayName": "Microsoft Advisor", + "providerName": "Microsoft.Advisor" + }, + { + "description": "Approve triageRecommendations", + "displayName": "Approves triageRecommendations", + "name": "Microsoft.Advisor/triageRecommendations/approve/action", + "providerDisplayName": "Microsoft Advisor", + "providerName": "Microsoft.Advisor" + }, + { + "description": "Reject triageRecommendations", + "displayName": "Rejects triageRecommendations", + "name": "Microsoft.Advisor/triageRecommendations/reject/action", + "providerDisplayName": "Microsoft Advisor", + "providerName": "Microsoft.Advisor" + }, + { + "description": "Reset triageRecommendations", + "displayName": "Resets triageRecommendations", + "name": "Microsoft.Advisor/triageRecommendations/reset/action", + "providerDisplayName": "Microsoft Advisor", + "providerName": "Microsoft.Advisor" + }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1162336,13 +1164869,140 @@ "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", "providerDisplayName": "Microsoft Authorization", "providerName": "Microsoft.Authorization" + }, + { + "description": "Create or update a classic metric alert", + "displayName": "Create or update classic metric alert", + "name": "Microsoft.Insights/AlertRules/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Delete a classic metric alert", + "displayName": "Delete classic metric alert", + "name": "Microsoft.Insights/AlertRules/Delete", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert", + "displayName": "Read classic metric alert", + "name": "Microsoft.Insights/AlertRules/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert activated", + "displayName": "Classic metric alert activated", + "name": "Microsoft.Insights/AlertRules/Activated/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert resolved", + "displayName": "Classic metric alert resolved", + "name": "Microsoft.Insights/AlertRules/Resolved/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert rule throttled", + "displayName": "Classic metric alert rule throttled", + "name": "Microsoft.Insights/AlertRules/Throttled/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert incident", + "displayName": "Read classic metric alert incidents", + "name": "Microsoft.Insights/AlertRules/Incidents/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.Authorization/*/read" + "Microsoft.Advisor/resiliencyReviews/read", + "Microsoft.Advisor/triageRecommendations/read", + "Microsoft.Advisor/triageRecommendations/approve/action", + "Microsoft.Advisor/triageRecommendations/reject/action", + "Microsoft.Advisor/triageRecommendations/reset/action", + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, "conditionVersion": null, @@ -1164618,10 +1167278,10 @@ ] }, { - "description": "List cluster user credential action.", + "description": "List cluster admin credential action.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Kubernetes Service Hybrid Cluster User Role", + "name": "Azure Kubernetes Service Hybrid Cluster Admin Role", "permittedActions": [ { "description": "Gets the Hybrid AKS provisioned cluster instance", @@ -1164631,9 +1167291,9 @@ "providerName": "Microsoft.HybridContainerService" }, { - "description": "Lists the AAD user credentials of a provisioned cluster instance used only in direct mode.", - "displayName": "provisionedClusterInstances_ListUserKubeconfig", - "name": "Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action", + "description": "Lists the admin credentials of a provisioned cluster instance used only in direct mode.", + "displayName": "provisionedClusterInstances_ListAdminKubeconfig", + "name": "Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action", "providerDisplayName": "Microsoft.HybridContainerService", "providerName": "Microsoft.HybridContainerService" }, @@ -1164650,7 +1167310,7 @@ { "actions": [ "Microsoft.HybridContainerService/provisionedClusterInstances/read", - "Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action", + "Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action", "Microsoft.Kubernetes/connectedClusters/Read" ], "condition": null, @@ -1164662,10 +1167322,10 @@ ] }, { - "description": "List cluster admin credential action.", + "description": "List cluster user credential action.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Kubernetes Service Hybrid Cluster Admin Role", + "name": "Azure Kubernetes Service Hybrid Cluster User Role", "permittedActions": [ { "description": "Gets the Hybrid AKS provisioned cluster instance", @@ -1164675,9 +1167335,9 @@ "providerName": "Microsoft.HybridContainerService" }, { - "description": "Lists the admin credentials of a provisioned cluster instance used only in direct mode.", - "displayName": "provisionedClusterInstances_ListAdminKubeconfig", - "name": "Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action", + "description": "Lists the AAD user credentials of a provisioned cluster instance used only in direct mode.", + "displayName": "provisionedClusterInstances_ListUserKubeconfig", + "name": "Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action", "providerDisplayName": "Microsoft.HybridContainerService", "providerName": "Microsoft.HybridContainerService" }, @@ -1164694,7 +1167354,7 @@ { "actions": [ "Microsoft.HybridContainerService/provisionedClusterInstances/read", - "Microsoft.HybridContainerService/provisionedClusterInstances/listAdminKubeconfig/action", + "Microsoft.HybridContainerService/provisionedClusterInstances/listUserKubeconfig/action", "Microsoft.Kubernetes/connectedClusters/Read" ], "condition": null, @@ -1165442,25 +1168102,11 @@ ] }, { - "description": "Enclave Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.", + "description": "Community Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.", "hasExternal": false, "hasUnknown": true, - "name": "Enclave Contributor Role", + "name": "Community Reader Role", "permittedActions": [ - { - "description": "Register the subscription for Microsoft.Mission", - "displayName": "Register the Microsoft.Mission", - "name": "Microsoft.Mission/register/action", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" - }, - { - "description": "Unregister the subscription for Microsoft.Mission", - "displayName": "Unregister the Microsoft.Mission", - "name": "Microsoft.Mission/unregister/action", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" - }, { "description": "read OperationStatuses", "displayName": "read_OperationStatuses", @@ -1165468,13 +1168114,6 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, - { - "description": "write OperationStatuses", - "displayName": "write_OperationStatuses", - "name": "Microsoft.Mission/Locations/OperationStatuses/write", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" - }, { "description": "read Operations", "displayName": "read_Operations", @@ -1165511,9 +1168150,16 @@ "providerName": "Microsoft.Mission" }, { - "description": "Create a InternalConnection", - "displayName": "InternalConnections_CreateOrUpdate", - "name": "Microsoft.Mission/internalConnections/write", + "description": "List ExternalConnection resources by subscription ID", + "displayName": "ExternalConnections_ListBySubscription", + "name": "Microsoft.Mission/externalConnections/read", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" + }, + { + "description": "Get a ExternalConnection", + "displayName": "ExternalConnections_Get", + "name": "Microsoft.Mission/externalConnections/read", "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, @@ -1165531,13 +1168177,6 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, - { - "description": "Create a EnclaveResource", - "displayName": "VirtualEnclave_CreateOrUpdate", - "name": "Microsoft.Mission/virtualEnclaves/write", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" - }, { "description": "List EndpointResource resources by subscription ID", "displayName": "Endpoint_ListBySubscription", @@ -1165552,13 +1168191,6 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, - { - "description": "Create a EndpointResource", - "displayName": "Endpoint_CreateOrUpdate", - "name": "Microsoft.Mission/virtualEnclaves/endpoints/write", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" - }, { "description": "List WorkloadResource resources by subscription ID", "displayName": "Workload_ListBySubscription", @@ -1165573,13 +1168205,6 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, - { - "description": "Create a WorkloadResource", - "displayName": "Workload_CreateOrUpdate", - "name": "Microsoft.Mission/virtualEnclaves/workloads/write", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" - }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1165769,6 +1168394,20 @@ "providerDisplayName": "Microsoft Authorization", "providerName": "Microsoft.Authorization" }, + { + "description": "Create or update a classic metric alert", + "displayName": "Create or update classic metric alert", + "name": "Microsoft.Insights/AlertRules/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Delete a classic metric alert", + "displayName": "Delete classic metric alert", + "name": "Microsoft.Insights/AlertRules/Delete", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, { "description": "Read a classic metric alert", "displayName": "Read classic metric alert", @@ -1165776,6 +1168415,34 @@ "providerDisplayName": "Microsoft Azure Monitor", "providerName": "Microsoft.Insights" }, + { + "description": "Classic metric alert activated", + "displayName": "Classic metric alert activated", + "name": "Microsoft.Insights/AlertRules/Activated/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert resolved", + "displayName": "Classic metric alert resolved", + "name": "Microsoft.Insights/AlertRules/Resolved/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert rule throttled", + "displayName": "Classic metric alert rule throttled", + "name": "Microsoft.Insights/AlertRules/Throttled/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert incident", + "displayName": "Read classic metric alert incidents", + "name": "Microsoft.Insights/AlertRules/Incidents/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, { "description": "Gets or lists deployments.", "displayName": "Get Deployment", @@ -1165790,6 +1168457,55 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, { "description": "Gets the list of subscriptions.", "displayName": "Get Subscriptions", @@ -1165881,13 +1168597,6 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, - { - "description": "Create a EnclaveConnectionResource", - "displayName": "EnclaveConnection_CreateOrUpdate", - "name": "Microsoft.Mission/enclaveConnections/write", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" - }, { "description": "List EnclaveEndpointResource resources by subscription ID", "displayName": "EnclaveEndpoints_ListBySubscription", @@ -1165901,39 +1168610,24 @@ "name": "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read", "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" - }, - { - "description": "Create a EnclaveEndpointResource", - "displayName": "EnclaveEndpoints_CreateOrUpdate", - "name": "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.Mission/register/action", - "Microsoft.Mission/unregister/action", "Microsoft.Mission/Locations/OperationStatuses/read", - "Microsoft.Mission/Locations/OperationStatuses/write", "Microsoft.Mission/Operations/read", "Microsoft.Mission/catalogs/read", - "Microsoft.Mission/catalogs/write", "Microsoft.Mission/communities/read", "Microsoft.Mission/internalConnections/read", - "Microsoft.Mission/internalConnections/write", + "Microsoft.Mission/externalConnections/read", "Microsoft.Mission/virtualEnclaves/read", - "Microsoft.Mission/virtualEnclaves/write", "Microsoft.Mission/virtualEnclaves/endpoints/read", - "Microsoft.Mission/virtualEnclaves/endpoints/write", "Microsoft.Mission/virtualEnclaves/workloads/read", - "Microsoft.Mission/virtualEnclaves/workloads/write", "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/read", - "Microsoft.Resources/deployments/read", - "Microsoft.Resources/deployments/write", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/*", "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", @@ -1165944,9 +1168638,7 @@ "Microsoft.Mission/communities/communityEndpoints/read", "Microsoft.Mission/communities/transitHubs/read", "Microsoft.Mission/enclaveConnections/read", - "Microsoft.Mission/enclaveConnections/write", - "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read", - "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write" + "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read" ], "condition": null, "conditionVersion": null, @@ -1165957,11 +1168649,25 @@ ] }, { - "description": "Community Reader Role to access the resources of Microsoft.Mission stored with RPSAAS.", + "description": "Enclave Contributor Role to access the resources of Microsoft.Mission stored with RPSAAS.", "hasExternal": false, "hasUnknown": true, - "name": "Community Reader Role", + "name": "Enclave Contributor Role", "permittedActions": [ + { + "description": "Register the subscription for Microsoft.Mission", + "displayName": "Register the Microsoft.Mission", + "name": "Microsoft.Mission/register/action", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" + }, + { + "description": "Unregister the subscription for Microsoft.Mission", + "displayName": "Unregister the Microsoft.Mission", + "name": "Microsoft.Mission/unregister/action", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" + }, { "description": "read OperationStatuses", "displayName": "read_OperationStatuses", @@ -1165969,6 +1168675,13 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, + { + "description": "write OperationStatuses", + "displayName": "write_OperationStatuses", + "name": "Microsoft.Mission/Locations/OperationStatuses/write", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" + }, { "description": "read Operations", "displayName": "read_Operations", @@ -1166005,16 +1168718,9 @@ "providerName": "Microsoft.Mission" }, { - "description": "List ExternalConnection resources by subscription ID", - "displayName": "ExternalConnections_ListBySubscription", - "name": "Microsoft.Mission/externalConnections/read", - "providerDisplayName": "Microsoft.Mission", - "providerName": "Microsoft.Mission" - }, - { - "description": "Get a ExternalConnection", - "displayName": "ExternalConnections_Get", - "name": "Microsoft.Mission/externalConnections/read", + "description": "Create a InternalConnection", + "displayName": "InternalConnections_CreateOrUpdate", + "name": "Microsoft.Mission/internalConnections/write", "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, @@ -1166032,6 +1168738,13 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, + { + "description": "Create a EnclaveResource", + "displayName": "VirtualEnclave_CreateOrUpdate", + "name": "Microsoft.Mission/virtualEnclaves/write", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" + }, { "description": "List EndpointResource resources by subscription ID", "displayName": "Endpoint_ListBySubscription", @@ -1166046,6 +1168759,13 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, + { + "description": "Create a EndpointResource", + "displayName": "Endpoint_CreateOrUpdate", + "name": "Microsoft.Mission/virtualEnclaves/endpoints/write", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" + }, { "description": "List WorkloadResource resources by subscription ID", "displayName": "Workload_ListBySubscription", @@ -1166060,6 +1168780,13 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, + { + "description": "Create a WorkloadResource", + "displayName": "Workload_CreateOrUpdate", + "name": "Microsoft.Mission/virtualEnclaves/workloads/write", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" + }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1166249,20 +1168976,6 @@ "providerDisplayName": "Microsoft Authorization", "providerName": "Microsoft.Authorization" }, - { - "description": "Create or update a classic metric alert", - "displayName": "Create or update classic metric alert", - "name": "Microsoft.Insights/AlertRules/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Delete a classic metric alert", - "displayName": "Delete classic metric alert", - "name": "Microsoft.Insights/AlertRules/Delete", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, { "description": "Read a classic metric alert", "displayName": "Read classic metric alert", @@ -1166270,34 +1168983,6 @@ "providerDisplayName": "Microsoft Azure Monitor", "providerName": "Microsoft.Insights" }, - { - "description": "Classic metric alert activated", - "displayName": "Classic metric alert activated", - "name": "Microsoft.Insights/AlertRules/Activated/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert resolved", - "displayName": "Classic metric alert resolved", - "name": "Microsoft.Insights/AlertRules/Resolved/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert rule throttled", - "displayName": "Classic metric alert rule throttled", - "name": "Microsoft.Insights/AlertRules/Throttled/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert incident", - "displayName": "Read classic metric alert incidents", - "name": "Microsoft.Insights/AlertRules/Incidents/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, { "description": "Gets or lists deployments.", "displayName": "Get Deployment", @@ -1166312,55 +1168997,6 @@ "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, { "description": "Gets the list of subscriptions.", "displayName": "Get Subscriptions", @@ -1166452,6 +1169088,13 @@ "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" }, + { + "description": "Create a EnclaveConnectionResource", + "displayName": "EnclaveConnection_CreateOrUpdate", + "name": "Microsoft.Mission/enclaveConnections/write", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" + }, { "description": "List EnclaveEndpointResource resources by subscription ID", "displayName": "EnclaveEndpoints_ListBySubscription", @@ -1166465,24 +1169108,39 @@ "name": "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read", "providerDisplayName": "Microsoft.Mission", "providerName": "Microsoft.Mission" + }, + { + "description": "Create a EnclaveEndpointResource", + "displayName": "EnclaveEndpoints_CreateOrUpdate", + "name": "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write", + "providerDisplayName": "Microsoft.Mission", + "providerName": "Microsoft.Mission" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ + "Microsoft.Mission/register/action", + "Microsoft.Mission/unregister/action", "Microsoft.Mission/Locations/OperationStatuses/read", + "Microsoft.Mission/Locations/OperationStatuses/write", "Microsoft.Mission/Operations/read", "Microsoft.Mission/catalogs/read", + "Microsoft.Mission/catalogs/write", "Microsoft.Mission/communities/read", "Microsoft.Mission/internalConnections/read", - "Microsoft.Mission/externalConnections/read", + "Microsoft.Mission/internalConnections/write", "Microsoft.Mission/virtualEnclaves/read", + "Microsoft.Mission/virtualEnclaves/write", "Microsoft.Mission/virtualEnclaves/endpoints/read", + "Microsoft.Mission/virtualEnclaves/endpoints/write", "Microsoft.Mission/virtualEnclaves/workloads/read", + "Microsoft.Mission/virtualEnclaves/workloads/write", "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/*", + "Microsoft.Insights/alertRules/read", + "Microsoft.Resources/deployments/read", + "Microsoft.Resources/deployments/write", "Microsoft.Resources/subscriptions/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", @@ -1166493,43 +1169151,9 @@ "Microsoft.Mission/communities/communityEndpoints/read", "Microsoft.Mission/communities/transitHubs/read", "Microsoft.Mission/enclaveConnections/read", - "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Allows management of Encryption Scopes on a Storage Account", - "hasExternal": false, - "hasUnknown": false, - "name": "Storage Account Encryption Scope Contributor Role", - "permittedActions": [ - { - "description": null, - "displayName": null, - "name": "Microsoft.Storage/storageAccounts/encryptionScopes/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": null, - "displayName": null, - "name": "Microsoft.Storage/storageAccounts/encryptionScopes/write", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Storage/storageAccounts/encryptionScopes/read", - "Microsoft.Storage/storageAccounts/encryptionScopes/write" + "Microsoft.Mission/enclaveConnections/write", + "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/read", + "Microsoft.Mission/virtualEnclaves/enclaveEndpoints/write" ], "condition": null, "conditionVersion": null, @@ -1166577,6 +1169201,42 @@ } ] }, + { + "description": "Allows management of Encryption Scopes on a Storage Account", + "hasExternal": false, + "hasUnknown": false, + "name": "Storage Account Encryption Scope Contributor Role", + "permittedActions": [ + { + "description": null, + "displayName": null, + "name": "Microsoft.Storage/storageAccounts/encryptionScopes/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": null, + "displayName": null, + "name": "Microsoft.Storage/storageAccounts/encryptionScopes/write", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Storage/storageAccounts/encryptionScopes/read", + "Microsoft.Storage/storageAccounts/encryptionScopes/write" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Release keys. Only works for key vaults that use the 'Azure role-based access control' permission model.", "hasExternal": false, @@ -1167347,27 +1170007,45 @@ ] }, { - "description": "Read real-time logs for all managed components in Azure Spring Apps", + "description": "Read real-time logs for Spring Cloud Gateway in Azure Spring Apps", "hasExternal": false, "hasUnknown": false, - "name": "Azure Spring Apps Managed Components Log Reader Role", - "permittedActions": [], + "name": "Azure Spring Apps Spring Cloud Gateway Log Reader Role", + "permittedActions": [ + { + "description": "Get Azure Spring Apps service instance(s)", + "displayName": "Get the details of an Azure Spring Apps service instance", + "name": "Microsoft.AppPlatform/Spring/read", + "providerDisplayName": "Microsoft Azure Spring Apps", + "providerName": "Microsoft.AppPlatform" + }, + { + "description": "Get the Spring Cloud Gateways for a specific Azure Spring Apps service instance", + "displayName": "Get Microsoft Azure Spring Apps Spring Cloud Gateway", + "name": "Microsoft.AppPlatform/Spring/gateways/read", + "providerDisplayName": "Microsoft Azure Spring Apps", + "providerName": "Microsoft.AppPlatform" + } + ], "permittedDataActions": [ { - "description": "Read the streaming log of all managed components (e.g. Application Configuration Service, Spring Cloud Gateway) from a specific Azure Spring Apps service instance", - "displayName": "Get the streaming log of all managed components from Microsoft Azure Spring Apps", - "name": "Microsoft.AppPlatform/Spring/managedComponents/logstream/action", + "description": "Read the streaming log of Spring Cloud Gateway from a specific Azure Spring Apps service instance", + "displayName": "Get the streaming log of Spring Cloud Gateway from Microsoft Azure Spring Apps", + "name": "Microsoft.AppPlatform/Spring/SpringCloudGateway/logstream/action", "providerDisplayName": "Microsoft Azure Spring Apps", "providerName": "Microsoft.AppPlatform" } ], "rawPermissions": [ { - "actions": [], + "actions": [ + "Microsoft.AppPlatform/Spring/read", + "Microsoft.AppPlatform/Spring/gateways/read" + ], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.AppPlatform/Spring/managedComponents/logstream/action" + "Microsoft.AppPlatform/Spring/SpringCloudGateway/logstream/action" ], "notActions": [], "notDataActions": [] @@ -1167375,45 +1170053,27 @@ ] }, { - "description": "Read real-time logs for Application Configuration Service in Azure Spring Apps", + "description": "Read real-time logs for all managed components in Azure Spring Apps", "hasExternal": false, "hasUnknown": false, - "name": "Azure Spring Apps Application Configuration Service Log Reader Role", - "permittedActions": [ - { - "description": "Get Azure Spring Apps service instance(s)", - "displayName": "Get the details of an Azure Spring Apps service instance", - "name": "Microsoft.AppPlatform/Spring/read", - "providerDisplayName": "Microsoft Azure Spring Apps", - "providerName": "Microsoft.AppPlatform" - }, - { - "description": "Get the Application Configuration Services for a specific Azure Spring Apps service instance", - "displayName": "Get Microsoft Azure Spring Apps Application Configuration Service", - "name": "Microsoft.AppPlatform/Spring/configurationServices/read", - "providerDisplayName": "Microsoft Azure Spring Apps", - "providerName": "Microsoft.AppPlatform" - } - ], + "name": "Azure Spring Apps Managed Components Log Reader Role", + "permittedActions": [], "permittedDataActions": [ { - "description": "Read the streaming log of all subcomponents in Application Configuration Service from a specific Azure Spring Apps service instance", - "displayName": "Get the streaming log of Application Configuration Service from Microsoft Azure Spring Apps", - "name": "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action", + "description": "Read the streaming log of all managed components (e.g. Application Configuration Service, Spring Cloud Gateway) from a specific Azure Spring Apps service instance", + "displayName": "Get the streaming log of all managed components from Microsoft Azure Spring Apps", + "name": "Microsoft.AppPlatform/Spring/managedComponents/logstream/action", "providerDisplayName": "Microsoft Azure Spring Apps", "providerName": "Microsoft.AppPlatform" } ], "rawPermissions": [ { - "actions": [ - "Microsoft.AppPlatform/Spring/read", - "Microsoft.AppPlatform/Spring/configurationServices/read" - ], + "actions": [], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action" + "Microsoft.AppPlatform/Spring/managedComponents/logstream/action" ], "notActions": [], "notDataActions": [] @@ -1167421,10 +1170081,10 @@ ] }, { - "description": "Read real-time logs for Spring Cloud Gateway in Azure Spring Apps", + "description": "Read real-time logs for Application Configuration Service in Azure Spring Apps", "hasExternal": false, "hasUnknown": false, - "name": "Azure Spring Apps Spring Cloud Gateway Log Reader Role", + "name": "Azure Spring Apps Application Configuration Service Log Reader Role", "permittedActions": [ { "description": "Get Azure Spring Apps service instance(s)", @@ -1167434,18 +1170094,18 @@ "providerName": "Microsoft.AppPlatform" }, { - "description": "Get the Spring Cloud Gateways for a specific Azure Spring Apps service instance", - "displayName": "Get Microsoft Azure Spring Apps Spring Cloud Gateway", - "name": "Microsoft.AppPlatform/Spring/gateways/read", + "description": "Get the Application Configuration Services for a specific Azure Spring Apps service instance", + "displayName": "Get Microsoft Azure Spring Apps Application Configuration Service", + "name": "Microsoft.AppPlatform/Spring/configurationServices/read", "providerDisplayName": "Microsoft Azure Spring Apps", "providerName": "Microsoft.AppPlatform" } ], "permittedDataActions": [ { - "description": "Read the streaming log of Spring Cloud Gateway from a specific Azure Spring Apps service instance", - "displayName": "Get the streaming log of Spring Cloud Gateway from Microsoft Azure Spring Apps", - "name": "Microsoft.AppPlatform/Spring/SpringCloudGateway/logstream/action", + "description": "Read the streaming log of all subcomponents in Application Configuration Service from a specific Azure Spring Apps service instance", + "displayName": "Get the streaming log of Application Configuration Service from Microsoft Azure Spring Apps", + "name": "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action", "providerDisplayName": "Microsoft Azure Spring Apps", "providerName": "Microsoft.AppPlatform" } @@ -1167454,12 +1170114,12 @@ { "actions": [ "Microsoft.AppPlatform/Spring/read", - "Microsoft.AppPlatform/Spring/gateways/read" + "Microsoft.AppPlatform/Spring/configurationServices/read" ], "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.AppPlatform/Spring/SpringCloudGateway/logstream/action" + "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/logstream/action" ], "notActions": [], "notDataActions": [] @@ -1168046,130 +1170706,6 @@ } ] }, - { - "description": "Enables permissions for the operator to manage and update the cloud controller managers deployed on top of OpenShift.", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Red Hat OpenShift Cloud Controller Manager Role", - "permittedActions": [ - { - "description": "Get the properties of a virtual machine", - "displayName": "Get Virtual Machine", - "name": "Microsoft.Compute/virtualMachines/read", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Gets a load balancer definition", - "displayName": "Get Load Balancer", - "name": "Microsoft.Network/loadBalancers/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Creates a load balancer or updates an existing load balancer", - "displayName": "Create or Update Load Balancer", - "name": "Microsoft.Network/loadBalancers/write", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets a network interface definition. ", - "displayName": "Get Network Interface", - "name": "Microsoft.Network/networkInterfaces/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets a network security group definition", - "displayName": "Get Network Security Group", - "name": "Microsoft.Network/networkSecurityGroups/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Creates a network security group or updates an existing network security group", - "displayName": "Create or Update Network Security Group", - "name": "Microsoft.Network/networkSecurityGroups/write", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Joins a public ip address. Not Alertable.", - "displayName": "Join Public Ip Address.", - "name": "Microsoft.Network/publicIPAddresses/join/action", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets a public ip address definition.", - "displayName": "Get Public Ip Address", - "name": "Microsoft.Network/publicIPAddresses/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Creates a public Ip address or updates an existing public Ip address. ", - "displayName": "Create or Update Public Ip Address", - "name": "Microsoft.Network/publicIPAddresses/write", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Joins a virtual network. Not Alertable.", - "displayName": "Join Virtual Network.", - "name": "Microsoft.Network/virtualNetworks/subnets/join/action", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets a virtual network subnet definition", - "displayName": "Get Virtual Network Subnet", - "name": "Microsoft.Network/virtualNetworks/subnets/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Joins a load balancer backend address pool. Not Alertable.", - "displayName": "Join Load Balancer Backend Address Pool.", - "name": "Microsoft.Network/loadBalancers/backendAddressPools/join/action", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Creates a network interface or updates an existing network interface. ", - "displayName": "Create or Update Network Interface", - "name": "Microsoft.Network/networkInterfaces/write", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Compute/virtualMachines/read", - "Microsoft.Network/loadBalancers/read", - "Microsoft.Network/loadBalancers/write", - "Microsoft.Network/networkInterfaces/read", - "Microsoft.Network/networkSecurityGroups/read", - "Microsoft.Network/networkSecurityGroups/write", - "Microsoft.Network/publicIPAddresses/join/action", - "Microsoft.Network/publicIPAddresses/read", - "Microsoft.Network/publicIPAddresses/write", - "Microsoft.Network/virtualNetworks/subnets/join/action", - "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/loadBalancers/backendAddressPools/join/action", - "Microsoft.Network/networkInterfaces/write" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Enables permissions to set OpenShift cluster-wide storage defaults. It ensures a default storageclass exists for clusters. It also installs Container Storage Interface (CSI) drivers which enable your cluster to use various storage backends.", "hasExternal": false, @@ -1168303,64 +1170839,180 @@ ] }, { - "description": "Enables permissions to install and upgrade the networking components on an OpenShift cluster.", + "description": "The ARO Operator is responsible for maintaining features, checks, and resources that are specific to an Azure Red Hat OpenShift cluster's continued functionality as a managed service. This includes, but is not limited to, machine management and health, network configuration, and monitoring.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Red Hat OpenShift Network Operator Role", + "name": "Azure Red Hat OpenShift Service Operator Role", "permittedActions": [ { - "description": "Gets a network interface definition. ", - "displayName": "Get Network Interface", - "name": "Microsoft.Network/networkInterfaces/read", + "description": "Gets a virtual network subnet definition", + "displayName": "Get Virtual Network Subnet", + "name": "Microsoft.Network/virtualNetworks/subnets/read", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Creates a network interface or updates an existing network interface. ", - "displayName": "Create or Update Network Interface", - "name": "Microsoft.Network/networkInterfaces/write", + "description": "Creates a virtual network subnet or updates an existing virtual network subnet", + "displayName": "Create or Update Virtual Network Subnet", + "name": "Microsoft.Network/virtualNetworks/subnets/write", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Get the virtual network definition", - "displayName": "Get Virtual Network", - "name": "Microsoft.Network/virtualNetworks/read", + "description": "Joins a NAT Gateway", + "displayName": "Join NAT Gateway", + "name": "Microsoft.Network/natGateways/join/action", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Joins a virtual network. Not Alertable.", - "displayName": "Join Virtual Network.", - "name": "Microsoft.Network/virtualNetworks/subnets/join/action", + "description": "Joins a route table. Not Alertable.", + "displayName": "Join Route Table.", + "name": "Microsoft.Network/routeTables/join/action", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Joins a load balancer backend address pool. Not Alertable.", - "displayName": "Join Load Balancer Backend Address Pool.", - "name": "Microsoft.Network/loadBalancers/backendAddressPools/join/action", + "description": "Joins a network security group. Not Alertable.", + "displayName": "Join Network Security Group.", + "name": "Microsoft.Network/networkSecurityGroups/join/action", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Get the properties of a virtual machine", - "displayName": "Get Virtual Machine", - "name": "Microsoft.Compute/virtualMachines/read", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" + "description": "Returns the access keys for the specified storage account.", + "displayName": "List Storage Account Keys", + "name": "Microsoft.Storage/storageAccounts/listkeys/action", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Returns the list of storage accounts or gets the properties for the specified storage account.", + "displayName": "List/Get Storage Account(s)", + "name": "Microsoft.Storage/storageAccounts/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.Network/networkInterfaces/read", - "Microsoft.Network/networkInterfaces/write", - "Microsoft.Network/virtualNetworks/read", - "Microsoft.Network/virtualNetworks/subnets/join/action", - "Microsoft.Network/loadBalancers/backendAddressPools/join/action", - "Microsoft.Compute/virtualMachines/read" + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Network/virtualNetworks/subnets/write", + "Microsoft.Network/natGateways/join/action", + "Microsoft.Network/routeTables/join/action", + "Microsoft.Network/networkSecurityGroups/join/action", + "Microsoft.Storage/storageAccounts/listKeys/action", + "Microsoft.Storage/storageAccounts/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Enables permissions to set OpenShift cluster-wide storage defaults. It ensures a default storageclass exists for clusters. It also installs Container Storage Interface (CSI) drivers which enable your cluster to use Azure Files.", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Red Hat OpenShift Azure Files Storage Operator Role", + "permittedActions": [ + { + "description": "Deletes an existing storage account.", + "displayName": "Delete Storage Account", + "name": "Microsoft.Storage/storageAccounts/delete", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "List file services", + "displayName": "List File Services", + "name": "Microsoft.Storage/storageAccounts/fileServices/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Delete file share", + "displayName": "Delete File Share", + "name": "Microsoft.Storage/storageAccounts/fileServices/shares/delete", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Get file share", + "displayName": "Get File Share", + "name": "Microsoft.Storage/storageAccounts/fileServices/shares/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Create or update file share", + "displayName": "Put File Share", + "name": "Microsoft.Storage/storageAccounts/fileServices/shares/write", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Returns the access keys for the specified storage account.", + "displayName": "List Storage Account Keys", + "name": "Microsoft.Storage/storageAccounts/listkeys/action", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Returns the list of storage accounts or gets the properties for the specified storage account.", + "displayName": "List/Get Storage Account(s)", + "name": "Microsoft.Storage/storageAccounts/read", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Creates a storage account with the specified parameters or update the properties or tags or adds custom domain for the specified storage account.", + "displayName": "Create/Update Storage Account", + "name": "Microsoft.Storage/storageAccounts/write", + "providerDisplayName": "Microsoft Storage", + "providerName": "Microsoft.Storage" + }, + { + "description": "Joins a network security group. Not Alertable.", + "displayName": "Join Network Security Group.", + "name": "Microsoft.Network/networkSecurityGroups/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets a virtual network subnet definition", + "displayName": "Get Virtual Network Subnet", + "name": "Microsoft.Network/virtualNetworks/subnets/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Creates a virtual network subnet or updates an existing virtual network subnet", + "displayName": "Create or Update Virtual Network Subnet", + "name": "Microsoft.Network/virtualNetworks/subnets/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Storage/storageAccounts/delete", + "Microsoft.Storage/storageAccounts/fileServices/read", + "Microsoft.Storage/storageAccounts/fileServices/shares/delete", + "Microsoft.Storage/storageAccounts/fileServices/shares/read", + "Microsoft.Storage/storageAccounts/fileServices/shares/write", + "Microsoft.Storage/storageAccounts/listKeys/action", + "Microsoft.Storage/storageAccounts/read", + "Microsoft.Storage/storageAccounts/write", + "Microsoft.Network/networkSecurityGroups/join/action", + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Network/virtualNetworks/subnets/write" ], "condition": null, "conditionVersion": null, @@ -1168505,104 +1171157,64 @@ ] }, { - "description": "Enables permissions to set OpenShift cluster-wide storage defaults. It ensures a default storageclass exists for clusters. It also installs Container Storage Interface (CSI) drivers which enable your cluster to use Azure Files.", + "description": "Enables permissions to install and upgrade the networking components on an OpenShift cluster.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Red Hat OpenShift Azure Files Storage Operator Role", + "name": "Azure Red Hat OpenShift Network Operator Role", "permittedActions": [ { - "description": "Deletes an existing storage account.", - "displayName": "Delete Storage Account", - "name": "Microsoft.Storage/storageAccounts/delete", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "List file services", - "displayName": "List File Services", - "name": "Microsoft.Storage/storageAccounts/fileServices/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Delete file share", - "displayName": "Delete File Share", - "name": "Microsoft.Storage/storageAccounts/fileServices/shares/delete", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Get file share", - "displayName": "Get File Share", - "name": "Microsoft.Storage/storageAccounts/fileServices/shares/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Create or update file share", - "displayName": "Put File Share", - "name": "Microsoft.Storage/storageAccounts/fileServices/shares/write", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Returns the access keys for the specified storage account.", - "displayName": "List Storage Account Keys", - "name": "Microsoft.Storage/storageAccounts/listkeys/action", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" - }, - { - "description": "Returns the list of storage accounts or gets the properties for the specified storage account.", - "displayName": "List/Get Storage Account(s)", - "name": "Microsoft.Storage/storageAccounts/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" + "description": "Gets a network interface definition. ", + "displayName": "Get Network Interface", + "name": "Microsoft.Network/networkInterfaces/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" }, { - "description": "Creates a storage account with the specified parameters or update the properties or tags or adds custom domain for the specified storage account.", - "displayName": "Create/Update Storage Account", - "name": "Microsoft.Storage/storageAccounts/write", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" + "description": "Creates a network interface or updates an existing network interface. ", + "displayName": "Create or Update Network Interface", + "name": "Microsoft.Network/networkInterfaces/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" }, { - "description": "Joins a network security group. Not Alertable.", - "displayName": "Join Network Security Group.", - "name": "Microsoft.Network/networkSecurityGroups/join/action", + "description": "Get the virtual network definition", + "displayName": "Get Virtual Network", + "name": "Microsoft.Network/virtualNetworks/read", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Gets a virtual network subnet definition", - "displayName": "Get Virtual Network Subnet", - "name": "Microsoft.Network/virtualNetworks/subnets/read", + "description": "Joins a virtual network. Not Alertable.", + "displayName": "Join Virtual Network.", + "name": "Microsoft.Network/virtualNetworks/subnets/join/action", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Creates a virtual network subnet or updates an existing virtual network subnet", - "displayName": "Create or Update Virtual Network Subnet", - "name": "Microsoft.Network/virtualNetworks/subnets/write", + "description": "Joins a load balancer backend address pool. Not Alertable.", + "displayName": "Join Load Balancer Backend Address Pool.", + "name": "Microsoft.Network/loadBalancers/backendAddressPools/join/action", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" + }, + { + "description": "Get the properties of a virtual machine", + "displayName": "Get Virtual Machine", + "name": "Microsoft.Compute/virtualMachines/read", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.Storage/storageAccounts/delete", - "Microsoft.Storage/storageAccounts/fileServices/read", - "Microsoft.Storage/storageAccounts/fileServices/shares/delete", - "Microsoft.Storage/storageAccounts/fileServices/shares/read", - "Microsoft.Storage/storageAccounts/fileServices/shares/write", - "Microsoft.Storage/storageAccounts/listKeys/action", - "Microsoft.Storage/storageAccounts/read", - "Microsoft.Storage/storageAccounts/write", - "Microsoft.Network/networkSecurityGroups/join/action", - "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/virtualNetworks/subnets/write" + "Microsoft.Network/networkInterfaces/read", + "Microsoft.Network/networkInterfaces/write", + "Microsoft.Network/virtualNetworks/read", + "Microsoft.Network/virtualNetworks/subnets/join/action", + "Microsoft.Network/loadBalancers/backendAddressPools/join/action", + "Microsoft.Compute/virtualMachines/read" ], "condition": null, "conditionVersion": null, @@ -1168613,72 +1171225,120 @@ ] }, { - "description": "The ARO Operator is responsible for maintaining features, checks, and resources that are specific to an Azure Red Hat OpenShift cluster's continued functionality as a managed service. This includes, but is not limited to, machine management and health, network configuration, and monitoring.", + "description": "Enables permissions for the operator to manage and update the cloud controller managers deployed on top of OpenShift.", "hasExternal": false, "hasUnknown": false, - "name": "Azure Red Hat OpenShift Service Operator Role", + "name": "Azure Red Hat OpenShift Cloud Controller Manager Role", "permittedActions": [ { - "description": "Gets a virtual network subnet definition", - "displayName": "Get Virtual Network Subnet", - "name": "Microsoft.Network/virtualNetworks/subnets/read", + "description": "Get the properties of a virtual machine", + "displayName": "Get Virtual Machine", + "name": "Microsoft.Compute/virtualMachines/read", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Gets a load balancer definition", + "displayName": "Get Load Balancer", + "name": "Microsoft.Network/loadBalancers/read", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Creates a virtual network subnet or updates an existing virtual network subnet", - "displayName": "Create or Update Virtual Network Subnet", - "name": "Microsoft.Network/virtualNetworks/subnets/write", + "description": "Creates a load balancer or updates an existing load balancer", + "displayName": "Create or Update Load Balancer", + "name": "Microsoft.Network/loadBalancers/write", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Joins a NAT Gateway", - "displayName": "Join NAT Gateway", - "name": "Microsoft.Network/natGateways/join/action", + "description": "Gets a network interface definition. ", + "displayName": "Get Network Interface", + "name": "Microsoft.Network/networkInterfaces/read", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Joins a route table. Not Alertable.", - "displayName": "Join Route Table.", - "name": "Microsoft.Network/routeTables/join/action", + "description": "Gets a network security group definition", + "displayName": "Get Network Security Group", + "name": "Microsoft.Network/networkSecurityGroups/read", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Joins a network security group. Not Alertable.", - "displayName": "Join Network Security Group.", - "name": "Microsoft.Network/networkSecurityGroups/join/action", + "description": "Creates a network security group or updates an existing network security group", + "displayName": "Create or Update Network Security Group", + "name": "Microsoft.Network/networkSecurityGroups/write", "providerDisplayName": "Microsoft Network", "providerName": "Microsoft.Network" }, { - "description": "Returns the access keys for the specified storage account.", - "displayName": "List Storage Account Keys", - "name": "Microsoft.Storage/storageAccounts/listkeys/action", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" + "description": "Joins a public ip address. Not Alertable.", + "displayName": "Join Public Ip Address.", + "name": "Microsoft.Network/publicIPAddresses/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" }, { - "description": "Returns the list of storage accounts or gets the properties for the specified storage account.", - "displayName": "List/Get Storage Account(s)", - "name": "Microsoft.Storage/storageAccounts/read", - "providerDisplayName": "Microsoft Storage", - "providerName": "Microsoft.Storage" + "description": "Gets a public ip address definition.", + "displayName": "Get Public Ip Address", + "name": "Microsoft.Network/publicIPAddresses/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Creates a public Ip address or updates an existing public Ip address. ", + "displayName": "Create or Update Public Ip Address", + "name": "Microsoft.Network/publicIPAddresses/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Joins a virtual network. Not Alertable.", + "displayName": "Join Virtual Network.", + "name": "Microsoft.Network/virtualNetworks/subnets/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets a virtual network subnet definition", + "displayName": "Get Virtual Network Subnet", + "name": "Microsoft.Network/virtualNetworks/subnets/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Joins a load balancer backend address pool. Not Alertable.", + "displayName": "Join Load Balancer Backend Address Pool.", + "name": "Microsoft.Network/loadBalancers/backendAddressPools/join/action", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Creates a network interface or updates an existing network interface. ", + "displayName": "Create or Update Network Interface", + "name": "Microsoft.Network/networkInterfaces/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ + "Microsoft.Compute/virtualMachines/read", + "Microsoft.Network/loadBalancers/read", + "Microsoft.Network/loadBalancers/write", + "Microsoft.Network/networkInterfaces/read", + "Microsoft.Network/networkSecurityGroups/read", + "Microsoft.Network/networkSecurityGroups/write", + "Microsoft.Network/publicIPAddresses/join/action", + "Microsoft.Network/publicIPAddresses/read", + "Microsoft.Network/publicIPAddresses/write", + "Microsoft.Network/virtualNetworks/subnets/join/action", "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/virtualNetworks/subnets/write", - "Microsoft.Network/natGateways/join/action", - "Microsoft.Network/routeTables/join/action", - "Microsoft.Network/networkSecurityGroups/join/action", - "Microsoft.Storage/storageAccounts/listKeys/action", - "Microsoft.Storage/storageAccounts/read" + "Microsoft.Network/loadBalancers/backendAddressPools/join/action", + "Microsoft.Network/networkInterfaces/write" ], "condition": null, "conditionVersion": null, @@ -1171959,6 +1174619,34 @@ } ] }, + { + "description": "Users with reader access can sign in, have read-only access to the bot resources, scenarios and configuration setting except for the bot instance keys & secrets (including Authentication, Data Connection and Channels keys) and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs).", + "hasExternal": false, + "hasUnknown": false, + "name": "Health Bot Reader", + "permittedActions": [], + "permittedDataActions": [ + { + "description": "Sign in to the management portal, with read-only access to resources, scenarios and configuration settings except for the bot instance keys & secrets and the end-user inputs.", + "displayName": "Healthbot configuration reader", + "name": "Microsoft.HealthBot/healthBots/Reader/Action", + "providerDisplayName": "Microsoft.HealthBot", + "providerName": "Microsoft.HealthBot" + } + ], + "rawPermissions": [ + { + "actions": [], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.HealthBot/healthBots/Reader/Action" + ], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Users with editor access can sign in, view and edit all the bot resources, scenarios and configuration setting except for the bot instance keys & secrets and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs). A read-only access to the bot skills and channels.", "hasExternal": false, @@ -1171988,16 +1174676,16 @@ ] }, { - "description": "Users with reader access can sign in, have read-only access to the bot resources, scenarios and configuration setting except for the bot instance keys & secrets (including Authentication, Data Connection and Channels keys) and the end-user inputs (including Feedback, Unrecognized utterances and Conversation logs).", + "description": "Users with admin access can sign in, view and edit all of the bot resources, scenarios and configuration setting including the bot instance keys & secrets.", "hasExternal": false, "hasUnknown": false, - "name": "Health Bot Reader", + "name": "Health Bot Admin", "permittedActions": [], "permittedDataActions": [ { - "description": "Sign in to the management portal, with read-only access to resources, scenarios and configuration settings except for the bot instance keys & secrets and the end-user inputs.", - "displayName": "Healthbot configuration reader", - "name": "Microsoft.HealthBot/healthBots/Reader/Action", + "description": "Sign in to the management portal, view and edit all of the bot resources, scenarios, configuration settings, instance keys & secrets.", + "displayName": "Healthbot configuration admin", + "name": "Microsoft.HealthBot/healthBots/Admin/Action", "providerDisplayName": "Microsoft.HealthBot", "providerName": "Microsoft.HealthBot" } @@ -1172008,7 +1174696,7 @@ "condition": null, "conditionVersion": null, "dataActions": [ - "Microsoft.HealthBot/healthBots/Reader/Action" + "Microsoft.HealthBot/healthBots/Admin/Action" ], "notActions": [], "notDataActions": [] @@ -1172308,34 +1174996,6 @@ } ] }, - { - "description": "Users with admin access can sign in, view and edit all of the bot resources, scenarios and configuration setting including the bot instance keys & secrets.", - "hasExternal": false, - "hasUnknown": false, - "name": "Health Bot Admin", - "permittedActions": [], - "permittedDataActions": [ - { - "description": "Sign in to the management portal, view and edit all of the bot resources, scenarios, configuration settings, instance keys & secrets.", - "displayName": "Healthbot configuration admin", - "name": "Microsoft.HealthBot/healthBots/Admin/Action", - "providerDisplayName": "Microsoft.HealthBot", - "providerName": "Microsoft.HealthBot" - } - ], - "rawPermissions": [ - { - "actions": [], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.HealthBot/healthBots/Admin/Action" - ], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Can approve private endpoint connections to Azure AI common dependency resources", "hasExternal": false, @@ -1174427,179 +1177087,11 @@ ] }, { - "description": "Backup MultiUser-Authorization. Allows user to perform critical operation protected by resourceguard", + "description": "Backup MultiUser-Authorization. Can create/delete ResourceGuard ", "hasExternal": false, "hasUnknown": false, - "name": "Backup MUA Operator", + "name": "Backup MUA Admin", "permittedActions": [ - { - "description": "Registers subscription for given Resource Provider", - "displayName": "Register Resource Provider", - "name": "Microsoft.DataProtection/register/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Unregisters subscription for given Resource Provider", - "displayName": "Unregister Resource Provider", - "name": "Microsoft.DataProtection/unregister/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Checks if the requested BackupVault Name is Available", - "displayName": "Check if the requested BackupVault Name is Available", - "name": "Microsoft.DataProtection/locations/checkNameAvailability/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Check Backup Status for Recovery Services Vaults", - "displayName": "Check Backup Status for Vault", - "name": "Microsoft.DataProtection/locations/getBackupStatus/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Validates if a feature is supported", - "displayName": "Validate if a feature is supported", - "name": "Microsoft.DataProtection/locations/checkFeatureSupport/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Validates for modification of Backup Instance", - "displayName": "Validate for modification of Backup Instance", - "name": "Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Performs Backup on the Backup Instance", - "displayName": "Backup Backup Instance", - "name": "Microsoft.DataProtection/backupVaults/backupInstances/backup/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Sync operation retries last failed operation on backup instance to bring it to a valid state.", - "displayName": "Sync Backup Instance", - "name": "Microsoft.DataProtection/backupVaults/backupInstances/sync/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Triggers restore on the Backup Instance", - "displayName": "Restore Backup Instance", - "name": "Microsoft.DataProtection/backupVaults/backupInstances/restore/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Validates for Restore of the Backup Instance", - "displayName": "Validate for Restore of Backup Instance", - "name": "Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Stop Protection operation stops both backup and retention schedules of backup instance. Existing data will be retained forever.", - "displayName": "Stop Protection of Backup Instance", - "name": "Microsoft.DataProtection/backupVaults/backupInstances/stopProtection/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Suspend Backups operation stops only backups of backup instance. Retention activities will continue and hence data will be ratained as per policy.", - "displayName": "Suspend Backups of Backup Instance", - "name": "Microsoft.DataProtection/backupVaults/backupInstances/suspendBackups/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Resume protection of a ProtectionStopped BI.", - "displayName": "Resume Protection of Backup Instance", - "name": "Microsoft.DataProtection/backupVaults/backupInstances/resumeProtection/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Resume Backups for a BackupsSuspended BI.", - "displayName": "Resume Backups of Backup Instance", - "name": "Microsoft.DataProtection/backupVaults/backupInstances/resumeBackups/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Finds Restorable Time Ranges", - "displayName": "Find Restorable Time Ranges", - "name": "Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Validates for backup of Backup Instance", - "displayName": "Validate for backup of Backup Instance", - "name": "Microsoft.DataProtection/backupVaults/validateForBackup/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Get Job details", - "displayName": "Backup Job Object", - "name": "Microsoft.DataProtection/backupVaults/backupJobs/enableProgress/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Unlock delete ResourceGuard proxy operation unlocks the next delete critical operation", - "displayName": "Unlock delete ResourceGuard proxy operation unlocks the next delete critical operation", - "name": "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Perform undelete of soft-deleted Backup Instance. Backup Instance moves from SoftDeleted to ProtectionStopped state.", - "displayName": "Perform undelete of soft-deleted Backup Instance", - "name": "Microsoft.DataProtection/backupVaults/deletedBackupInstances/undelete/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Returns recovery points from secondary region for cross region restore enabled Backup Vaults.", - "displayName": "Fetch secondary recovery points.", - "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Triggers cross region restore operation on given backup instance.", - "displayName": "Trigger cross region restore.", - "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Performs validations for cross region restore operation.", - "displayName": "Validate cross region restore", - "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "List cross region restore jobs of backup instance from secondary region.", - "displayName": "Fetch cross region restore jobs.", - "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Get cross region restore job details from secondary region.", - "displayName": "Fetch cross region restore job.", - "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, { "description": "Returns details of the Backup Instance", "displayName": "Get Backup Instance Details", @@ -1174726,6 +1177218,69 @@ "providerDisplayName": "Microsoft.DataProtection", "providerName": "Microsoft.DataProtection" }, + { + "description": "Create ResourceGuard operation creates an Azure resource of type 'ResourceGuard'", + "displayName": "Create ResourceGuard", + "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Create ResourceGuard operation creates an Azure resource of type 'ResourceGuard'", + "displayName": "Create ResourceGuard", + "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "The Delete ResourceGuard operation deletes the specified Azure resource of type 'ResourceGuard'", + "displayName": "Delete ResourceGuard", + "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/delete", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "The Get ResourceGuard operation gets an object representing the Azure resource of type 'ResourceGuard'", + "displayName": "Get ResourceGuard", + "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/read", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Returns Backup Operation Result for Backup Vault.", + "displayName": "Get Backup Operation Result", + "name": "Microsoft.DataProtection/locations/operationResults/read", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Returns Backup Operation Status for Backup Vault.", + "displayName": "Get Backup Operation Status", + "name": "Microsoft.DataProtection/locations/operationStatus/read", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Check Backup Status for Recovery Services Vaults", + "displayName": "Check Backup Status for Vault", + "name": "Microsoft.DataProtection/locations/getBackupStatus/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Validates if a feature is supported", + "displayName": "Validate if a feature is supported", + "name": "Microsoft.DataProtection/locations/checkFeatureSupport/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Returns Backup Operation Status for Backup Vault.", + "displayName": "Get Backup Operation Status", + "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/operationStatus/read", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1174914,15 +1177469,220 @@ "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", "providerDisplayName": "Microsoft Authorization", "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the features of a subscription.", + "displayName": "Get Feature", + "name": "Microsoft.Features/features/read", + "providerDisplayName": "Microsoft Feature", + "providerName": "Microsoft.Features" + }, + { + "description": "Gets the feature of a subscription in a given resource provider.", + "displayName": "Get Provider Feature", + "name": "Microsoft.Features/providers/features/read", + "providerDisplayName": "Microsoft Feature", + "providerName": "Microsoft.Features" + }, + { + "description": "Gets the availability statuses for all resources in the specified scope", + "displayName": "Get Availability Statuses", + "name": "Microsoft.ResourceHealth/AvailabilityStatuses/read", + "providerDisplayName": "Microsoft ResourceHealth", + "providerName": "Microsoft.ResourceHealth" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Get the subscription operation results.", + "displayName": "Get Subscription Operation Results", + "name": "Microsoft.Resources/subscriptions/operationresults/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets the list of subscriptions.", + "displayName": "Get Subscriptions", + "name": "Microsoft.Resources/subscriptions/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Get the list of ResourceGuard proxies for a resource", + "displayName": "Get the list of ResourceGuard proxies for a resource", + "name": "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Create ResourceGuard proxy operation creates an Azure resource of type 'ResourceGuard Proxy'", + "displayName": "Create ResourceGuard proxy", + "name": "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "The Delete ResourceGuard proxy operation deletes the specified Azure resource of type 'ResourceGuard proxy'", + "displayName": "Delete ResourceGuard proxy", + "name": "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Unlock delete ResourceGuard proxy operation unlocks the next delete critical operation", + "displayName": "Unlock delete ResourceGuard proxy operation unlocks the next delete critical operation", + "name": "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Gets list of ResourceGuards in a Subscription", + "displayName": "Get ResourceGuards in a Subscription", + "name": "Microsoft.DataProtection/subscriptions/providers/resourceGuards/read", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Gets ResourceGuard operation request info", + "displayName": "Get ResourceGuard operation request info", + "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/read", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Microsoft.DataProtection/*/action", "Microsoft.DataProtection/*/read", - "Microsoft.Authorization/*/read" + "Microsoft.DataProtection/*/resourceGuards/write", + "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write", + "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/delete", + "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/read", + "Microsoft.DataProtection/locations/operationResults/read", + "Microsoft.DataProtection/locations/operationStatus/read", + "Microsoft.DataProtection/locations/getBackupStatus/action", + "Microsoft.DataProtection/locations/checkFeatureSupport/action", + "Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/operationStatus/read", + "Microsoft.Authorization/*/read", + "Microsoft.Features/features/read", + "Microsoft.Features/providers/features/read", + "Microsoft.ResourceHealth/availabilityStatuses/read", + "Microsoft.Resources/deployments/operations/read", + "Microsoft.Resources/subscriptions/operationresults/read", + "Microsoft.Resources/subscriptions/read", + "Microsoft.Resources/subscriptions/resourcegroups/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Resources/deployments/*", + "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read", + "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write", + "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete", + "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action", + "Microsoft.DataProtection/subscriptions/providers/resourceGuards/read", + "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/read" ], "condition": null, "conditionVersion": null, @@ -1174933,11 +1177693,179 @@ ] }, { - "description": "Backup MultiUser-Authorization. Can create/delete ResourceGuard ", + "description": "Backup MultiUser-Authorization. Allows user to perform critical operation protected by resourceguard", "hasExternal": false, "hasUnknown": false, - "name": "Backup MUA Admin", + "name": "Backup MUA Operator", "permittedActions": [ + { + "description": "Registers subscription for given Resource Provider", + "displayName": "Register Resource Provider", + "name": "Microsoft.DataProtection/register/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Unregisters subscription for given Resource Provider", + "displayName": "Unregister Resource Provider", + "name": "Microsoft.DataProtection/unregister/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Checks if the requested BackupVault Name is Available", + "displayName": "Check if the requested BackupVault Name is Available", + "name": "Microsoft.DataProtection/locations/checkNameAvailability/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Check Backup Status for Recovery Services Vaults", + "displayName": "Check Backup Status for Vault", + "name": "Microsoft.DataProtection/locations/getBackupStatus/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Validates if a feature is supported", + "displayName": "Validate if a feature is supported", + "name": "Microsoft.DataProtection/locations/checkFeatureSupport/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Validates for modification of Backup Instance", + "displayName": "Validate for modification of Backup Instance", + "name": "Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Performs Backup on the Backup Instance", + "displayName": "Backup Backup Instance", + "name": "Microsoft.DataProtection/backupVaults/backupInstances/backup/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Sync operation retries last failed operation on backup instance to bring it to a valid state.", + "displayName": "Sync Backup Instance", + "name": "Microsoft.DataProtection/backupVaults/backupInstances/sync/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Triggers restore on the Backup Instance", + "displayName": "Restore Backup Instance", + "name": "Microsoft.DataProtection/backupVaults/backupInstances/restore/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Validates for Restore of the Backup Instance", + "displayName": "Validate for Restore of Backup Instance", + "name": "Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Stop Protection operation stops both backup and retention schedules of backup instance. Existing data will be retained forever.", + "displayName": "Stop Protection of Backup Instance", + "name": "Microsoft.DataProtection/backupVaults/backupInstances/stopProtection/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Suspend Backups operation stops only backups of backup instance. Retention activities will continue and hence data will be ratained as per policy.", + "displayName": "Suspend Backups of Backup Instance", + "name": "Microsoft.DataProtection/backupVaults/backupInstances/suspendBackups/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Resume protection of a ProtectionStopped BI.", + "displayName": "Resume Protection of Backup Instance", + "name": "Microsoft.DataProtection/backupVaults/backupInstances/resumeProtection/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Resume Backups for a BackupsSuspended BI.", + "displayName": "Resume Backups of Backup Instance", + "name": "Microsoft.DataProtection/backupVaults/backupInstances/resumeBackups/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Finds Restorable Time Ranges", + "displayName": "Find Restorable Time Ranges", + "name": "Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Validates for backup of Backup Instance", + "displayName": "Validate for backup of Backup Instance", + "name": "Microsoft.DataProtection/backupVaults/validateForBackup/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Get Job details", + "displayName": "Backup Job Object", + "name": "Microsoft.DataProtection/backupVaults/backupJobs/enableProgress/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Unlock delete ResourceGuard proxy operation unlocks the next delete critical operation", + "displayName": "Unlock delete ResourceGuard proxy operation unlocks the next delete critical operation", + "name": "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Perform undelete of soft-deleted Backup Instance. Backup Instance moves from SoftDeleted to ProtectionStopped state.", + "displayName": "Perform undelete of soft-deleted Backup Instance", + "name": "Microsoft.DataProtection/backupVaults/deletedBackupInstances/undelete/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Returns recovery points from secondary region for cross region restore enabled Backup Vaults.", + "displayName": "Fetch secondary recovery points.", + "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Triggers cross region restore operation on given backup instance.", + "displayName": "Trigger cross region restore.", + "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Performs validations for cross region restore operation.", + "displayName": "Validate cross region restore", + "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "List cross region restore jobs of backup instance from secondary region.", + "displayName": "Fetch cross region restore jobs.", + "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, + { + "description": "Get cross region restore job details from secondary region.", + "displayName": "Fetch cross region restore job.", + "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action", + "providerDisplayName": "Microsoft.DataProtection", + "providerName": "Microsoft.DataProtection" + }, { "description": "Returns details of the Backup Instance", "displayName": "Get Backup Instance Details", @@ -1175064,69 +1177992,6 @@ "providerDisplayName": "Microsoft.DataProtection", "providerName": "Microsoft.DataProtection" }, - { - "description": "Create ResourceGuard operation creates an Azure resource of type 'ResourceGuard'", - "displayName": "Create ResourceGuard", - "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Create ResourceGuard operation creates an Azure resource of type 'ResourceGuard'", - "displayName": "Create ResourceGuard", - "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "The Delete ResourceGuard operation deletes the specified Azure resource of type 'ResourceGuard'", - "displayName": "Delete ResourceGuard", - "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/delete", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "The Get ResourceGuard operation gets an object representing the Azure resource of type 'ResourceGuard'", - "displayName": "Get ResourceGuard", - "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/read", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Returns Backup Operation Result for Backup Vault.", - "displayName": "Get Backup Operation Result", - "name": "Microsoft.DataProtection/locations/operationResults/read", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Returns Backup Operation Status for Backup Vault.", - "displayName": "Get Backup Operation Status", - "name": "Microsoft.DataProtection/locations/operationStatus/read", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Check Backup Status for Recovery Services Vaults", - "displayName": "Check Backup Status for Vault", - "name": "Microsoft.DataProtection/locations/getBackupStatus/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Validates if a feature is supported", - "displayName": "Validate if a feature is supported", - "name": "Microsoft.DataProtection/locations/checkFeatureSupport/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Returns Backup Operation Status for Backup Vault.", - "displayName": "Get Backup Operation Status", - "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/operationStatus/read", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1175315,220 +1178180,15 @@ "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", "providerDisplayName": "Microsoft Authorization", "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the features of a subscription.", - "displayName": "Get Feature", - "name": "Microsoft.Features/features/read", - "providerDisplayName": "Microsoft Feature", - "providerName": "Microsoft.Features" - }, - { - "description": "Gets the feature of a subscription in a given resource provider.", - "displayName": "Get Provider Feature", - "name": "Microsoft.Features/providers/features/read", - "providerDisplayName": "Microsoft Feature", - "providerName": "Microsoft.Features" - }, - { - "description": "Gets the availability statuses for all resources in the specified scope", - "displayName": "Get Availability Statuses", - "name": "Microsoft.ResourceHealth/AvailabilityStatuses/read", - "providerDisplayName": "Microsoft ResourceHealth", - "providerName": "Microsoft.ResourceHealth" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Get the subscription operation results.", - "displayName": "Get Subscription Operation Results", - "name": "Microsoft.Resources/subscriptions/operationresults/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets the list of subscriptions.", - "displayName": "Get Subscriptions", - "name": "Microsoft.Resources/subscriptions/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/subscriptions/resourcegroups/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Get the list of ResourceGuard proxies for a resource", - "displayName": "Get the list of ResourceGuard proxies for a resource", - "name": "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Create ResourceGuard proxy operation creates an Azure resource of type 'ResourceGuard Proxy'", - "displayName": "Create ResourceGuard proxy", - "name": "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "The Delete ResourceGuard proxy operation deletes the specified Azure resource of type 'ResourceGuard proxy'", - "displayName": "Delete ResourceGuard proxy", - "name": "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Unlock delete ResourceGuard proxy operation unlocks the next delete critical operation", - "displayName": "Unlock delete ResourceGuard proxy operation unlocks the next delete critical operation", - "name": "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Gets list of ResourceGuards in a Subscription", - "displayName": "Get ResourceGuards in a Subscription", - "name": "Microsoft.DataProtection/subscriptions/providers/resourceGuards/read", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" - }, - { - "description": "Gets ResourceGuard operation request info", - "displayName": "Get ResourceGuard operation request info", - "name": "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/read", - "providerDisplayName": "Microsoft.DataProtection", - "providerName": "Microsoft.DataProtection" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ + "Microsoft.DataProtection/*/action", "Microsoft.DataProtection/*/read", - "Microsoft.DataProtection/*/resourceGuards/write", - "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write", - "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/delete", - "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/read", - "Microsoft.DataProtection/locations/operationResults/read", - "Microsoft.DataProtection/locations/operationStatus/read", - "Microsoft.DataProtection/locations/getBackupStatus/action", - "Microsoft.DataProtection/locations/checkFeatureSupport/action", - "Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/operationStatus/read", - "Microsoft.Authorization/*/read", - "Microsoft.Features/features/read", - "Microsoft.Features/providers/features/read", - "Microsoft.ResourceHealth/availabilityStatuses/read", - "Microsoft.Resources/deployments/operations/read", - "Microsoft.Resources/subscriptions/operationresults/read", - "Microsoft.Resources/subscriptions/read", - "Microsoft.Resources/subscriptions/resourcegroups/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/deployments/*", - "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read", - "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write", - "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete", - "Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action", - "Microsoft.DataProtection/subscriptions/providers/resourceGuards/read", - "Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/read" + "Microsoft.Authorization/*/read" ], "condition": null, "conditionVersion": null, @@ -1175638,85 +1178298,6 @@ } ] }, - { - "description": "Allows for read access to ExpressRoute CrossConnections", - "hasExternal": false, - "hasUnknown": false, - "name": "CrossConnectionReader", - "permittedActions": [ - { - "description": "Get an express route cross connection operation status.", - "displayName": "Get Express Route Cross Connection Operation Status", - "name": "Microsoft.ClassicNetwork/expressroutecrossconnections/operationstatuses/read", - "providerDisplayName": "Microsoft ClassicNetwork", - "providerName": "Microsoft.ClassicNetwork" - }, - { - "description": "Get express route cross connection peering.", - "displayName": "Get Express Route Cross Connection Peering", - "name": "Microsoft.ClassicNetwork/expressroutecrossconnections/peerings/read", - "providerDisplayName": "Microsoft ClassicNetwork", - "providerName": "Microsoft.ClassicNetwork" - }, - { - "description": "Get an express route cross connection peering operation status.", - "displayName": "Get Express Route Cross Connection Peering Operation Status", - "name": "Microsoft.ClassicNetwork/expressroutecrossconnections/peerings/operationstatuses/read", - "providerDisplayName": "Microsoft ClassicNetwork", - "providerName": "Microsoft.ClassicNetwork" - }, - { - "description": "Gets an Express Route Cross Connection Peering", - "displayName": "Get Express Route Cross Connection Peering", - "name": "Microsoft.Network/expressRouteCrossConnections/peerings/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets an Express Route Cross Connection Peering Arp Table", - "displayName": "Get Express Route Cross Connection Peering Arp Table", - "name": "Microsoft.Network/expressRouteCrossConnections/peerings/arpTables/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets an Express Route Cross Connection Peering Route Table", - "displayName": "Get Express Route Cross Connection Peering Route Table", - "name": "Microsoft.Network/expressRouteCrossConnections/peerings/routeTables/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets an Express Route Cross Connection Peering Route Table Summary", - "displayName": "Get Express Route Cross Connection Peering Route Table Summary", - "name": "Microsoft.Network/expressRouteCrossConnections/peerings/routeTableSummary/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets the feature of a subscription in a given resource provider.", - "displayName": "Get Provider Feature", - "name": "Microsoft.Features/providers/features/read", - "providerDisplayName": "Microsoft Feature", - "providerName": "Microsoft.Features" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.ClassicNetwork/expressRouteCrossConnections/*/read", - "Microsoft.Network/expressRouteCrossConnections/*/read", - "Microsoft.Features/providers/features/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Allows for read, write access to ExpressRoute CrossConnections", "hasExternal": false, @@ -1175868,6 +1178449,85 @@ } ] }, + { + "description": "Allows for read access to ExpressRoute CrossConnections", + "hasExternal": false, + "hasUnknown": false, + "name": "CrossConnectionReader", + "permittedActions": [ + { + "description": "Get an express route cross connection operation status.", + "displayName": "Get Express Route Cross Connection Operation Status", + "name": "Microsoft.ClassicNetwork/expressroutecrossconnections/operationstatuses/read", + "providerDisplayName": "Microsoft ClassicNetwork", + "providerName": "Microsoft.ClassicNetwork" + }, + { + "description": "Get express route cross connection peering.", + "displayName": "Get Express Route Cross Connection Peering", + "name": "Microsoft.ClassicNetwork/expressroutecrossconnections/peerings/read", + "providerDisplayName": "Microsoft ClassicNetwork", + "providerName": "Microsoft.ClassicNetwork" + }, + { + "description": "Get an express route cross connection peering operation status.", + "displayName": "Get Express Route Cross Connection Peering Operation Status", + "name": "Microsoft.ClassicNetwork/expressroutecrossconnections/peerings/operationstatuses/read", + "providerDisplayName": "Microsoft ClassicNetwork", + "providerName": "Microsoft.ClassicNetwork" + }, + { + "description": "Gets an Express Route Cross Connection Peering", + "displayName": "Get Express Route Cross Connection Peering", + "name": "Microsoft.Network/expressRouteCrossConnections/peerings/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets an Express Route Cross Connection Peering Arp Table", + "displayName": "Get Express Route Cross Connection Peering Arp Table", + "name": "Microsoft.Network/expressRouteCrossConnections/peerings/arpTables/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets an Express Route Cross Connection Peering Route Table", + "displayName": "Get Express Route Cross Connection Peering Route Table", + "name": "Microsoft.Network/expressRouteCrossConnections/peerings/routeTables/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets an Express Route Cross Connection Peering Route Table Summary", + "displayName": "Get Express Route Cross Connection Peering Route Table Summary", + "name": "Microsoft.Network/expressRouteCrossConnections/peerings/routeTableSummary/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets the feature of a subscription in a given resource provider.", + "displayName": "Get Provider Feature", + "name": "Microsoft.Features/providers/features/read", + "providerDisplayName": "Microsoft Feature", + "providerName": "Microsoft.Features" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.ClassicNetwork/expressRouteCrossConnections/*/read", + "Microsoft.Network/expressRouteCrossConnections/*/read", + "Microsoft.Features/providers/features/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Grants Microsoft Defender for Cloud access to Azure Kubernetes Services", "hasExternal": false, @@ -1175977,134 +1178637,164 @@ ] }, { - "description": "Allows managing Azure API Center service.", + "description": "Allows managing API compliance in Azure API Center service.", "hasExternal": false, - "hasUnknown": false, - "name": "Azure API Center Service Contributor", + "hasUnknown": true, + "name": "Azure API Center Compliance Manager", "permittedActions": [ { - "description": "Creates or updates specified service.", - "displayName": "Create or update service", - "name": "Microsoft.ApiCenter/services/write", + "description": "Returns the details of the specified API.", + "displayName": "Get API", + "name": "Microsoft.ApiCenter/services/workspaces/apis/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, { - "description": "Returns the details of the specified service.", - "displayName": "Get service", - "name": "Microsoft.ApiCenter/services/read", + "description": "Returns the details of the specified API version.", + "displayName": "Get Api version", + "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, { - "description": "Returns paginated collection of services.", - "displayName": "List services", - "name": "Microsoft.ApiCenter/services/read", + "description": "Returns paginated collection of metadataSchemas.", + "displayName": "List metadataSchemas", + "name": "Microsoft.ApiCenter/services/metadataSchemas/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, { - "description": "Deletes specified service.", - "displayName": "Delete service", - "name": "Microsoft.ApiCenter/services/delete", + "description": "Checks if specified metadataSchema exists", + "displayName": "Checks metadataSchema exists", + "name": "Microsoft.ApiCenter/services/metadataSchemas/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, { - "description": "Imports resources from one or more API Management instances.", - "displayName": "Import from APIM", - "name": "Microsoft.ApiCenter/services/apim-notification/action", + "description": "Returns paginated collection of workspaces.", + "displayName": "List workspaces", + "name": "Microsoft.ApiCenter/services/workspaces/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, { - "description": "Imports resources from one or more API Management instances.", - "displayName": "Import from APIM", - "name": "Microsoft.ApiCenter/services/importFromApim/action", + "description": "Checks if specified workspace exists", + "displayName": "Checks workspace exists", + "name": "Microsoft.ApiCenter/services/workspaces/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, { - "description": "Returns effective metadata schema document.", - "displayName": "Export metadata schema", - "name": "Microsoft.ApiCenter/services/exportMetadataSchema/action", + "description": "Returns the details of the specified API definition.", + "displayName": "Get API definition", + "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, { - "description": "Validates move resource request", - "displayName": "Validate move resource", - "name": "Microsoft.ApiCenter/services/validateMoveResources/action", + "description": "Returns the details of the specified API deployment.", + "displayName": "Get API Deployment", + "name": "Microsoft.ApiCenter/services/workspaces/apis/deployments/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, { - "description": "Move resource request", - "displayName": "Move resource", - "name": "Microsoft.ApiCenter/services/moveResources/action", + "description": "Checks status of individual import operation", + "displayName": "Import API definition status check", + "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/operationResults/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, { - "description": "Creates or updates specified API.", - "displayName": "Create or Update API", - "name": "Microsoft.ApiCenter/services/workspaces/apis/write", + "description": "Checks status of an APIM import operation", + "displayName": "APIM import status check", + "name": "Microsoft.ApiCenter/services/operationResults/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, { - "description": "Returns the details of the specified API.", - "displayName": "Get API", - "name": "Microsoft.ApiCenter/services/workspaces/apis/read", + "description": "Returns paginated collection of the Event Grid filters.", + "displayName": "List Event Grid filter", + "name": "Microsoft.ApiCenter/services/eventGridFilters/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, { - "description": "Deletes specified API.", - "displayName": "Delete API", - "name": "Microsoft.ApiCenter/services/workspaces/apis/delete", + "description": "Returns analysis report for specified API definition.", + "displayName": "Get API definition analysis report", + "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/analysisResults/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, { - "description": "Create or update environment", - "displayName": "Creates or updates the environment.", - "name": "Microsoft.ApiCenter/services/workspaces/environments/write", + "description": "Get a certain analysis report of an API Center instance", + "displayName": "Read analysis report of an API Center instance", + "name": "Microsoft.ApiCenter/services/analysisReports/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, { - "description": "Deletes specified environment.", - "displayName": "Delete environment", - "name": "Microsoft.ApiCenter/services/workspaces/environments/delete", + "description": "List API Sources inside a catalog.", + "displayName": "List API sources", + "name": "Microsoft.ApiCenter/services/workspaces/apiSources/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, { - "description": "Creates or updates API version.", - "displayName": "Create or Update API version.", - "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/write", + "description": "Returns the details of the specified analyzer configuration.", + "displayName": "Get analyzer configuration", + "name": "Microsoft.ApiCenter/services/workspaces/analyzerConfigs/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, { - "description": "Returns the details of the specified API version.", - "displayName": "Get Api version", - "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/read", + "description": "Checks status of individual import ruleset operation", + "displayName": "Import ruleset status check", + "name": "Microsoft.ApiCenter/services/workspaces/analyzerConfigs/operationResults/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, { - "description": "Deletes specified API version.", - "displayName": "Delete API version.", - "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/delete", + "description": "Updates analysis results for specified API definition.", + "displayName": "Update API definition analysis state", + "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.ApiCenter/services/*/read", + "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action", + "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Allows read-only access to Azure API Center service.", + "hasExternal": false, + "hasUnknown": true, + "name": "Azure API Center Service Reader", + "permittedActions": [ + { + "description": "Returns the details of the specified API.", + "displayName": "Get API", + "name": "Microsoft.ApiCenter/services/workspaces/apis/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, { - "description": "Creates or updates specified metadataSchema.", - "displayName": "Create or update metadataSchema", - "name": "Microsoft.ApiCenter/services/metadataSchemas/write", + "description": "Returns the details of the specified API version.", + "displayName": "Get Api version", + "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, @@ -1176122,27 +1178812,6 @@ "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, - { - "description": "Deletes specified metadataSchema.", - "displayName": "Delete metadataSchema", - "name": "Microsoft.ApiCenter/services/metadataSchemas/delete", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Triggers synchronization with the API source.", - "displayName": "Sync with API source", - "name": "Microsoft.ApiCenter/services/workspaces/apiSources/action", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Creates or updates specified workspace.", - "displayName": "Create or update workspace", - "name": "Microsoft.ApiCenter/services/workspaces/write", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, { "description": "Returns paginated collection of workspaces.", "displayName": "List workspaces", @@ -1176157,27 +1178826,6 @@ "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, - { - "description": "Deletes specified workspace.", - "displayName": "Delete workspace", - "name": "Microsoft.ApiCenter/services/workspaces/delete", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Imports API definition file.", - "displayName": "Import API definition", - "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/importSpecification/action", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Creates or updates API Spec.", - "displayName": "Create or Update API Spec.", - "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/write", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, { "description": "Returns the details of the specified API definition.", "displayName": "Get API definition", @@ -1176185,31 +1178833,10 @@ "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, - { - "description": "Deletes specified API definition.", - "displayName": "Delete API definition.", - "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/delete", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Creates or updates API Deployment.", - "displayName": "Create or Update API Deployment.", - "name": "Microsoft.ApiCenter/services/workspaces/apis/deployments/write", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, { "description": "Returns the details of the specified API deployment.", - "displayName": "Get API Deployment", - "name": "Microsoft.ApiCenter/services/workspaces/apis/deployments/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Deletes specified API deployment.", - "displayName": "Delete API deployment.", - "name": "Microsoft.ApiCenter/services/workspaces/apis/deployments/delete", + "displayName": "Get API Deployment", + "name": "Microsoft.ApiCenter/services/workspaces/apis/deployments/read", "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, @@ -1176234,20 +1178861,6 @@ "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, - { - "description": "Creates or updates specified Event Grid filter.", - "displayName": "Create or update Event Grid filter", - "name": "Microsoft.ApiCenter/services/eventGridFilters/write", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Deletes the details of the specified Event Grid filter.", - "displayName": "Delete Event Grid filter", - "name": "Microsoft.ApiCenter/services/eventGridFilters/delete", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, { "description": "Returns analysis report for specified API definition.", "displayName": "Get API definition analysis report", @@ -1176269,20 +1178882,6 @@ "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, - { - "description": "Deletes specified API Source.", - "displayName": "Delete API source", - "name": "Microsoft.ApiCenter/services/workspaces/apiSources/delete", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Creates or updates specified analyzer configuration.", - "displayName": "Create or update analyzer configuration", - "name": "Microsoft.ApiCenter/services/workspaces/analyzerConfigs/write", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, { "description": "Returns the details of the specified analyzer configuration.", "displayName": "Get analyzer configuration", @@ -1176290,20 +1178889,6 @@ "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, - { - "description": "Imports ruleset file.", - "displayName": "Import ruleset", - "name": "Microsoft.ApiCenter/services/workspaces/analyzerConfigs/importRuleset/action", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Exports ruleset file.", - "displayName": "Export ruleset", - "name": "Microsoft.ApiCenter/services/workspaces/analyzerConfigs/exportRuleset/action", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, { "description": "Checks status of individual import ruleset operation", "displayName": "Import ruleset status check", @@ -1176631,7 +1179216,8 @@ "rawPermissions": [ { "actions": [ - "Microsoft.ApiCenter/services/*", + "Microsoft.ApiCenter/services/*/read", + "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action", "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", "Microsoft.ResourceHealth/availabilityStatuses/read", @@ -1176641,19 +1179227,87 @@ "condition": null, "conditionVersion": null, "dataActions": [], - "notActions": [ - "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action" - ], + "notActions": [], "notDataActions": [] } ] }, { - "description": "Allows read-only access to Azure API Center service.", + "description": "Allows managing Azure API Center service.", "hasExternal": false, - "hasUnknown": true, - "name": "Azure API Center Service Reader", + "hasUnknown": false, + "name": "Azure API Center Service Contributor", "permittedActions": [ + { + "description": "Creates or updates specified service.", + "displayName": "Create or update service", + "name": "Microsoft.ApiCenter/services/write", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Returns the details of the specified service.", + "displayName": "Get service", + "name": "Microsoft.ApiCenter/services/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Returns paginated collection of services.", + "displayName": "List services", + "name": "Microsoft.ApiCenter/services/read", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Deletes specified service.", + "displayName": "Delete service", + "name": "Microsoft.ApiCenter/services/delete", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Imports resources from one or more API Management instances.", + "displayName": "Import from APIM", + "name": "Microsoft.ApiCenter/services/apim-notification/action", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Imports resources from one or more API Management instances.", + "displayName": "Import from APIM", + "name": "Microsoft.ApiCenter/services/importFromApim/action", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Returns effective metadata schema document.", + "displayName": "Export metadata schema", + "name": "Microsoft.ApiCenter/services/exportMetadataSchema/action", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Validates move resource request", + "displayName": "Validate move resource", + "name": "Microsoft.ApiCenter/services/validateMoveResources/action", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Move resource request", + "displayName": "Move resource", + "name": "Microsoft.ApiCenter/services/moveResources/action", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Creates or updates specified API.", + "displayName": "Create or Update API", + "name": "Microsoft.ApiCenter/services/workspaces/apis/write", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, { "description": "Returns the details of the specified API.", "displayName": "Get API", @@ -1176661,6 +1179315,34 @@ "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, + { + "description": "Deletes specified API.", + "displayName": "Delete API", + "name": "Microsoft.ApiCenter/services/workspaces/apis/delete", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Create or update environment", + "displayName": "Creates or updates the environment.", + "name": "Microsoft.ApiCenter/services/workspaces/environments/write", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Deletes specified environment.", + "displayName": "Delete environment", + "name": "Microsoft.ApiCenter/services/workspaces/environments/delete", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Creates or updates API version.", + "displayName": "Create or Update API version.", + "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/write", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, { "description": "Returns the details of the specified API version.", "displayName": "Get Api version", @@ -1176668,6 +1179350,20 @@ "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, + { + "description": "Deletes specified API version.", + "displayName": "Delete API version.", + "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/delete", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Creates or updates specified metadataSchema.", + "displayName": "Create or update metadataSchema", + "name": "Microsoft.ApiCenter/services/metadataSchemas/write", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, { "description": "Returns paginated collection of metadataSchemas.", "displayName": "List metadataSchemas", @@ -1176682,6 +1179378,27 @@ "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, + { + "description": "Deletes specified metadataSchema.", + "displayName": "Delete metadataSchema", + "name": "Microsoft.ApiCenter/services/metadataSchemas/delete", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Triggers synchronization with the API source.", + "displayName": "Sync with API source", + "name": "Microsoft.ApiCenter/services/workspaces/apiSources/action", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Creates or updates specified workspace.", + "displayName": "Create or update workspace", + "name": "Microsoft.ApiCenter/services/workspaces/write", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, { "description": "Returns paginated collection of workspaces.", "displayName": "List workspaces", @@ -1176696,6 +1179413,27 @@ "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, + { + "description": "Deletes specified workspace.", + "displayName": "Delete workspace", + "name": "Microsoft.ApiCenter/services/workspaces/delete", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Imports API definition file.", + "displayName": "Import API definition", + "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/importSpecification/action", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Creates or updates API Spec.", + "displayName": "Create or Update API Spec.", + "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/write", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, { "description": "Returns the details of the specified API definition.", "displayName": "Get API definition", @@ -1176703,6 +1179441,20 @@ "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, + { + "description": "Deletes specified API definition.", + "displayName": "Delete API definition.", + "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/delete", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Creates or updates API Deployment.", + "displayName": "Create or Update API Deployment.", + "name": "Microsoft.ApiCenter/services/workspaces/apis/deployments/write", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, { "description": "Returns the details of the specified API deployment.", "displayName": "Get API Deployment", @@ -1176710,6 +1179462,13 @@ "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, + { + "description": "Deletes specified API deployment.", + "displayName": "Delete API deployment.", + "name": "Microsoft.ApiCenter/services/workspaces/apis/deployments/delete", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, { "description": "Checks status of individual import operation", "displayName": "Import API definition status check", @@ -1176731,6 +1179490,20 @@ "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, + { + "description": "Creates or updates specified Event Grid filter.", + "displayName": "Create or update Event Grid filter", + "name": "Microsoft.ApiCenter/services/eventGridFilters/write", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Deletes the details of the specified Event Grid filter.", + "displayName": "Delete Event Grid filter", + "name": "Microsoft.ApiCenter/services/eventGridFilters/delete", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, { "description": "Returns analysis report for specified API definition.", "displayName": "Get API definition analysis report", @@ -1176752,6 +1179525,20 @@ "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, + { + "description": "Deletes specified API Source.", + "displayName": "Delete API source", + "name": "Microsoft.ApiCenter/services/workspaces/apiSources/delete", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Creates or updates specified analyzer configuration.", + "displayName": "Create or update analyzer configuration", + "name": "Microsoft.ApiCenter/services/workspaces/analyzerConfigs/write", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, { "description": "Returns the details of the specified analyzer configuration.", "displayName": "Get analyzer configuration", @@ -1176759,6 +1179546,20 @@ "providerDisplayName": "Microsoft Azure API Center", "providerName": "Microsoft.ApiCenter" }, + { + "description": "Imports ruleset file.", + "displayName": "Import ruleset", + "name": "Microsoft.ApiCenter/services/workspaces/analyzerConfigs/importRuleset/action", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, + { + "description": "Exports ruleset file.", + "displayName": "Export ruleset", + "name": "Microsoft.ApiCenter/services/workspaces/analyzerConfigs/exportRuleset/action", + "providerDisplayName": "Microsoft Azure API Center", + "providerName": "Microsoft.ApiCenter" + }, { "description": "Checks status of individual import ruleset operation", "displayName": "Import ruleset status check", @@ -1177086,8 +1179887,7 @@ "rawPermissions": [ { "actions": [ - "Microsoft.ApiCenter/services/*/read", - "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action", + "Microsoft.ApiCenter/services/*", "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", "Microsoft.ResourceHealth/availabilityStatuses/read", @@ -1177097,149 +1179897,9 @@ "condition": null, "conditionVersion": null, "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Allows managing API compliance in Azure API Center service.", - "hasExternal": false, - "hasUnknown": true, - "name": "Azure API Center Compliance Manager", - "permittedActions": [ - { - "description": "Returns the details of the specified API.", - "displayName": "Get API", - "name": "Microsoft.ApiCenter/services/workspaces/apis/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Returns the details of the specified API version.", - "displayName": "Get Api version", - "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Returns paginated collection of metadataSchemas.", - "displayName": "List metadataSchemas", - "name": "Microsoft.ApiCenter/services/metadataSchemas/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Checks if specified metadataSchema exists", - "displayName": "Checks metadataSchema exists", - "name": "Microsoft.ApiCenter/services/metadataSchemas/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Returns paginated collection of workspaces.", - "displayName": "List workspaces", - "name": "Microsoft.ApiCenter/services/workspaces/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Checks if specified workspace exists", - "displayName": "Checks workspace exists", - "name": "Microsoft.ApiCenter/services/workspaces/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Returns the details of the specified API definition.", - "displayName": "Get API definition", - "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Returns the details of the specified API deployment.", - "displayName": "Get API Deployment", - "name": "Microsoft.ApiCenter/services/workspaces/apis/deployments/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Checks status of individual import operation", - "displayName": "Import API definition status check", - "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/operationResults/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Checks status of an APIM import operation", - "displayName": "APIM import status check", - "name": "Microsoft.ApiCenter/services/operationResults/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Returns paginated collection of the Event Grid filters.", - "displayName": "List Event Grid filter", - "name": "Microsoft.ApiCenter/services/eventGridFilters/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Returns analysis report for specified API definition.", - "displayName": "Get API definition analysis report", - "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/analysisResults/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Get a certain analysis report of an API Center instance", - "displayName": "Read analysis report of an API Center instance", - "name": "Microsoft.ApiCenter/services/analysisReports/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "List API Sources inside a catalog.", - "displayName": "List API sources", - "name": "Microsoft.ApiCenter/services/workspaces/apiSources/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Returns the details of the specified analyzer configuration.", - "displayName": "Get analyzer configuration", - "name": "Microsoft.ApiCenter/services/workspaces/analyzerConfigs/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Checks status of individual import ruleset operation", - "displayName": "Import ruleset status check", - "name": "Microsoft.ApiCenter/services/workspaces/analyzerConfigs/operationResults/read", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - }, - { - "description": "Updates analysis results for specified API definition.", - "displayName": "Update API definition analysis state", - "name": "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action", - "providerDisplayName": "Microsoft Azure API Center", - "providerName": "Microsoft.ApiCenter" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.ApiCenter/services/*/read", - "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action", - "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/exportSpecification/action" + "notActions": [ + "Microsoft.ApiCenter/services/workspaces/apis/versions/definitions/updateAnalysisState/action" ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], "notDataActions": [] } ] @@ -1177370,50 +1180030,36 @@ ] }, { - "description": "Grants full access to manage all VmCluster resources", + "description": "Grants full access to manage all Oracle Subscriptions resources", "hasExternal": true, "hasUnknown": true, - "name": "Oracle.Database VmCluster Administrator Built-in Role", + "name": "Oracle Subscriptions Manager Built-in Role", "permittedActions": [ { - "description": "List DbNode resources by CloudVmCluster", - "displayName": "DbNodes_ListByCloudVmCluster", - "name": "Oracle.Database/cloudVmClusters/dbNodes/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List VirtualNetworkAddress resources by CloudVmCluster", - "displayName": "VirtualNetworkAddresses_ListByCloudVmCluster", - "name": "Oracle.Database/cloudVmClusters/virtualNetworkAddresses/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "Create a VirtualNetworkAddress", - "displayName": "VirtualNetworkAddresses_CreateOrUpdate", - "name": "Oracle.Database/cloudVmClusters/virtualNetworkAddresses/write", + "description": "Add Azure Subscriptions", + "displayName": "OracleSubscriptions_AddAzureSubscriptions", + "name": "Oracle.Database/oracleSubscriptions/addAzureSubscriptions/action", "providerDisplayName": "Oracle.Database", "providerName": "Oracle.Database" }, { - "description": "Delete a VirtualNetworkAddress", - "displayName": "VirtualNetworkAddresses_Delete", - "name": "Oracle.Database/cloudVmClusters/virtualNetworkAddresses/delete", + "description": "List Activation Links", + "displayName": "OracleSubscriptions_ListActivationLinks", + "name": "Oracle.Database/oracleSubscriptions/listActivationLinks/action", "providerDisplayName": "Oracle.Database", "providerName": "Oracle.Database" }, { - "description": "Create a CloudExadataInfrastructure", - "displayName": "CloudExadataInfrastructures_CreateOrUpdate", - "name": "Oracle.Database/cloudExadataInfrastructures/write", + "description": "List Cloud Account Details", + "displayName": "OracleSubscriptions_ListCloudAccountDetails", + "name": "Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action", "providerDisplayName": "Oracle.Database", "providerName": "Oracle.Database" }, { - "description": "List DbServer resources by CloudExadataInfrastructure", - "displayName": "DbServers_ListByCloudExadataInfrastructure", - "name": "Oracle.Database/cloudExadataInfrastructures/dbServers/read", + "description": "List Saas Subscription Details", + "displayName": "OracleSubscriptions_ListSaasSubscriptionDetails", + "name": "Oracle.Database/oracleSubscriptions/listSaasSubscriptionDetails/action", "providerDisplayName": "Oracle.Database", "providerName": "Oracle.Database" }, @@ -1177563,322 +1180209,21 @@ "name": "Microsoft.Resources/subscriptions/resourceGroups/read", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" - }, - { - "description": "Get the virtual network definition", - "displayName": "Get Virtual Network", - "name": "Microsoft.Network/virtualNetworks/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets a virtual network subnet definition", - "displayName": "Get Virtual Network Subnet", - "name": "Microsoft.Network/virtualNetworks/subnets/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Creates a virtual network subnet or updates an existing virtual network subnet", - "displayName": "Create or Update Virtual Network Subnet", - "name": "Microsoft.Network/virtualNetworks/subnets/write", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets operation resource that represents status of an asynchronous operation", - "displayName": "Get Operation Resource", - "name": "Microsoft.Network/locations/operations/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Get the properties of an SSH public key", - "displayName": "Get SSH Public Key", - "name": "Microsoft.Compute/sshPublicKeys/read", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Creates a new SSH public key or updates an existing SSH public key", - "displayName": "Create or Update SSH Public Key", - "name": "Microsoft.Compute/sshPublicKeys/write", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" - }, - { - "description": "Generates a new SSH public/private key pair", - "displayName": "Generate SSH Key Pair", - "name": "Microsoft.Compute/sshPublicKeys/generateKeyPair/action", - "providerDisplayName": "Microsoft Compute", - "providerName": "Microsoft.Compute" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Oracle.Database/cloudVmClusters/*/read", - "Oracle.Database/cloudVmClusters/*/write", - "Oracle.Database/cloudVmClusters/*/delete", - "Oracle.Database/cloudExadataInfrastructures/write", - "Oracle.Database/cloudExadataInfrastructures/*/read", + "Oracle.Database/oracleSubscriptions/*/read", + "Oracle.Database/oracleSubscriptions/*/write", + "Oracle.Database/oracleSubscriptions/*/delete", + "Oracle.Database/oracleSubscriptions/*/action", "Oracle.Database/Locations/*/read", "Oracle.Database/Locations/*/write", "Oracle.Database/Operations/read", - "Oracle.Database/oracleSubscriptions/*/read", "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Network/virtualNetworks/read", - "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/virtualNetworks/subnets/write", - "Microsoft.Network/locations/operations/read", - "Microsoft.Compute/sshPublicKeys/read", - "Microsoft.Compute/sshPublicKeys/write", - "Microsoft.Compute/sshPublicKeys/generateKeyPair/action" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Grants read access to all Oracle.Database resources", - "hasExternal": true, - "hasUnknown": true, - "name": "Oracle.Database Reader Built-in Role", - "permittedActions": [ - { - "description": "read OperationStatuses", - "displayName": "read_OperationStatuses", - "name": "Oracle.Database/Locations/OperationStatuses/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List GiVersion resources by Location", - "displayName": "GiVersions_ListByLocation", - "name": "Oracle.Database/locations/giVersions/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List DbSystemShape resources by Location", - "displayName": "DbSystemShapes_ListByLocation", - "name": "Oracle.Database/locations/dbSystemShapes/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List DnsPrivateView resources by Location", - "displayName": "DnsPrivateViews_ListByLocation", - "name": "Oracle.Database/locations/dnsPrivateViews/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List DnsPrivateZone resources by Location", - "displayName": "DnsPrivateZones_ListByLocation", - "name": "Oracle.Database/locations/dnsPrivateZones/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List AutonomousDatabaseCharacterSet resources by Location", - "displayName": "AutonomousDatabaseCharacterSets_ListByLocation", - "name": "Oracle.Database/locations/autonomousDatabaseCharacterSets/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List AutonomousDatabaseNationalCharacterSet resources by Location", - "displayName": "AutonomousDatabaseNationalCharacterSets_ListByLocation", - "name": "Oracle.Database/locations/autonomousDatabaseNationalCharacterSets/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List AutonomousDbVersion resources by Location", - "displayName": "AutonomousDatabaseVersions_ListByLocation", - "name": "Oracle.Database/locations/autonomousDbVersions/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List SystemVersion resources by Location", - "displayName": "SystemVersions_ListByLocation", - "name": "Oracle.Database/locations/systemVersions/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "read Operations", - "displayName": "read_Operations", - "name": "Oracle.Database/Operations/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List DbServer resources by CloudExadataInfrastructure", - "displayName": "DbServers_ListByCloudExadataInfrastructure", - "name": "Oracle.Database/cloudExadataInfrastructures/dbServers/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List DbNode resources by CloudVmCluster", - "displayName": "DbNodes_ListByCloudVmCluster", - "name": "Oracle.Database/cloudVmClusters/dbNodes/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List VirtualNetworkAddress resources by CloudVmCluster", - "displayName": "VirtualNetworkAddresses_ListByCloudVmCluster", - "name": "Oracle.Database/cloudVmClusters/virtualNetworkAddresses/read", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List Private IP Addresses by the provided filter", - "displayName": "CloudVmClusters_ListPrivateIpAddresses", - "name": "Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "List Cloud Account Details", - "displayName": "OracleSubscriptions_ListCloudAccountDetails", - "name": "Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action", - "providerDisplayName": "Oracle.Database", - "providerName": "Oracle.Database" - }, - { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets a virtual network subnet definition", - "displayName": "Get Virtual Network Subnet", - "name": "Microsoft.Network/virtualNetworks/subnets/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Get the virtual network definition", - "displayName": "Get Virtual Network", - "name": "Microsoft.Network/virtualNetworks/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets operation resource that represents status of an asynchronous operation", - "displayName": "Get Operation Resource", - "name": "Microsoft.Network/locations/operations/read", - "providerDisplayName": "Microsoft Network", - "providerName": "Microsoft.Network" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Oracle.Database/Locations/*/read", - "Oracle.Database/Operations/read", - "Oracle.Database/oracleSubscriptions/*/read", - "Oracle.Database/cloudExadataInfrastructures/*/read", - "Oracle.Database/cloudVmClusters/*/read", - "Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action", - "Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/deployments/*/read", - "Microsoft.Network/virtualNetworks/subnets/read", - "Microsoft.Network/virtualNetworks/read", - "Microsoft.Network/locations/operations/read", - "Microsoft.Resources/deployments/*" + "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, "conditionVersion": null, @@ -1178388,22 +1180733,106 @@ ] }, { - "description": "Grants full access to manage all Oracle Subscriptions resources", + "description": "Grants read access to all Oracle.Database resources", "hasExternal": true, "hasUnknown": true, - "name": "Oracle Subscriptions Manager Built-in Role", + "name": "Oracle.Database Reader Built-in Role", "permittedActions": [ { - "description": "Add Azure Subscriptions", - "displayName": "OracleSubscriptions_AddAzureSubscriptions", - "name": "Oracle.Database/oracleSubscriptions/addAzureSubscriptions/action", + "description": "read OperationStatuses", + "displayName": "read_OperationStatuses", + "name": "Oracle.Database/Locations/OperationStatuses/read", "providerDisplayName": "Oracle.Database", "providerName": "Oracle.Database" }, { - "description": "List Activation Links", - "displayName": "OracleSubscriptions_ListActivationLinks", - "name": "Oracle.Database/oracleSubscriptions/listActivationLinks/action", + "description": "List GiVersion resources by Location", + "displayName": "GiVersions_ListByLocation", + "name": "Oracle.Database/locations/giVersions/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List DbSystemShape resources by Location", + "displayName": "DbSystemShapes_ListByLocation", + "name": "Oracle.Database/locations/dbSystemShapes/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List DnsPrivateView resources by Location", + "displayName": "DnsPrivateViews_ListByLocation", + "name": "Oracle.Database/locations/dnsPrivateViews/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List DnsPrivateZone resources by Location", + "displayName": "DnsPrivateZones_ListByLocation", + "name": "Oracle.Database/locations/dnsPrivateZones/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List AutonomousDatabaseCharacterSet resources by Location", + "displayName": "AutonomousDatabaseCharacterSets_ListByLocation", + "name": "Oracle.Database/locations/autonomousDatabaseCharacterSets/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List AutonomousDatabaseNationalCharacterSet resources by Location", + "displayName": "AutonomousDatabaseNationalCharacterSets_ListByLocation", + "name": "Oracle.Database/locations/autonomousDatabaseNationalCharacterSets/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List AutonomousDbVersion resources by Location", + "displayName": "AutonomousDatabaseVersions_ListByLocation", + "name": "Oracle.Database/locations/autonomousDbVersions/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List SystemVersion resources by Location", + "displayName": "SystemVersions_ListByLocation", + "name": "Oracle.Database/locations/systemVersions/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "read Operations", + "displayName": "read_Operations", + "name": "Oracle.Database/Operations/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List DbServer resources by CloudExadataInfrastructure", + "displayName": "DbServers_ListByCloudExadataInfrastructure", + "name": "Oracle.Database/cloudExadataInfrastructures/dbServers/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List DbNode resources by CloudVmCluster", + "displayName": "DbNodes_ListByCloudVmCluster", + "name": "Oracle.Database/cloudVmClusters/dbNodes/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List VirtualNetworkAddress resources by CloudVmCluster", + "displayName": "VirtualNetworkAddresses_ListByCloudVmCluster", + "name": "Oracle.Database/cloudVmClusters/virtualNetworkAddresses/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List Private IP Addresses by the provided filter", + "displayName": "CloudVmClusters_ListPrivateIpAddresses", + "name": "Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action", "providerDisplayName": "Oracle.Database", "providerName": "Oracle.Database" }, @@ -1178415,9 +1180844,182 @@ "providerName": "Oracle.Database" }, { - "description": "List Saas Subscription Details", - "displayName": "OracleSubscriptions_ListSaasSubscriptionDetails", - "name": "Oracle.Database/oracleSubscriptions/listSaasSubscriptionDetails/action", + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets a virtual network subnet definition", + "displayName": "Get Virtual Network Subnet", + "name": "Microsoft.Network/virtualNetworks/subnets/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get the virtual network definition", + "displayName": "Get Virtual Network", + "name": "Microsoft.Network/virtualNetworks/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets operation resource that represents status of an asynchronous operation", + "displayName": "Get Operation Resource", + "name": "Microsoft.Network/locations/operations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Oracle.Database/Locations/*/read", + "Oracle.Database/Operations/read", + "Oracle.Database/oracleSubscriptions/*/read", + "Oracle.Database/cloudExadataInfrastructures/*/read", + "Oracle.Database/cloudVmClusters/*/read", + "Oracle.Database/cloudVmClusters/listPrivateIpAddresses/action", + "Oracle.Database/oracleSubscriptions/listCloudAccountDetails/action", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Resources/deployments/*/read", + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Network/virtualNetworks/read", + "Microsoft.Network/locations/operations/read", + "Microsoft.Resources/deployments/*" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Grants full access to manage all VmCluster resources", + "hasExternal": true, + "hasUnknown": true, + "name": "Oracle.Database VmCluster Administrator Built-in Role", + "permittedActions": [ + { + "description": "List DbNode resources by CloudVmCluster", + "displayName": "DbNodes_ListByCloudVmCluster", + "name": "Oracle.Database/cloudVmClusters/dbNodes/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List VirtualNetworkAddress resources by CloudVmCluster", + "displayName": "VirtualNetworkAddresses_ListByCloudVmCluster", + "name": "Oracle.Database/cloudVmClusters/virtualNetworkAddresses/read", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "Create a VirtualNetworkAddress", + "displayName": "VirtualNetworkAddresses_CreateOrUpdate", + "name": "Oracle.Database/cloudVmClusters/virtualNetworkAddresses/write", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "Delete a VirtualNetworkAddress", + "displayName": "VirtualNetworkAddresses_Delete", + "name": "Oracle.Database/cloudVmClusters/virtualNetworkAddresses/delete", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "Create a CloudExadataInfrastructure", + "displayName": "CloudExadataInfrastructures_CreateOrUpdate", + "name": "Oracle.Database/cloudExadataInfrastructures/write", + "providerDisplayName": "Oracle.Database", + "providerName": "Oracle.Database" + }, + { + "description": "List DbServer resources by CloudExadataInfrastructure", + "displayName": "DbServers_ListByCloudExadataInfrastructure", + "name": "Oracle.Database/cloudExadataInfrastructures/dbServers/read", "providerDisplayName": "Oracle.Database", "providerName": "Oracle.Database" }, @@ -1178567,21 +1181169,79 @@ "name": "Microsoft.Resources/subscriptions/resourceGroups/read", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" + }, + { + "description": "Get the virtual network definition", + "displayName": "Get Virtual Network", + "name": "Microsoft.Network/virtualNetworks/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets a virtual network subnet definition", + "displayName": "Get Virtual Network Subnet", + "name": "Microsoft.Network/virtualNetworks/subnets/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Creates a virtual network subnet or updates an existing virtual network subnet", + "displayName": "Create or Update Virtual Network Subnet", + "name": "Microsoft.Network/virtualNetworks/subnets/write", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Gets operation resource that represents status of an asynchronous operation", + "displayName": "Get Operation Resource", + "name": "Microsoft.Network/locations/operations/read", + "providerDisplayName": "Microsoft Network", + "providerName": "Microsoft.Network" + }, + { + "description": "Get the properties of an SSH public key", + "displayName": "Get SSH Public Key", + "name": "Microsoft.Compute/sshPublicKeys/read", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Creates a new SSH public key or updates an existing SSH public key", + "displayName": "Create or Update SSH Public Key", + "name": "Microsoft.Compute/sshPublicKeys/write", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" + }, + { + "description": "Generates a new SSH public/private key pair", + "displayName": "Generate SSH Key Pair", + "name": "Microsoft.Compute/sshPublicKeys/generateKeyPair/action", + "providerDisplayName": "Microsoft Compute", + "providerName": "Microsoft.Compute" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ - "Oracle.Database/oracleSubscriptions/*/read", - "Oracle.Database/oracleSubscriptions/*/write", - "Oracle.Database/oracleSubscriptions/*/delete", - "Oracle.Database/oracleSubscriptions/*/action", + "Oracle.Database/cloudVmClusters/*/read", + "Oracle.Database/cloudVmClusters/*/write", + "Oracle.Database/cloudVmClusters/*/delete", + "Oracle.Database/cloudExadataInfrastructures/write", + "Oracle.Database/cloudExadataInfrastructures/*/read", "Oracle.Database/Locations/*/read", "Oracle.Database/Locations/*/write", "Oracle.Database/Operations/read", + "Oracle.Database/oracleSubscriptions/*/read", "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read" + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Network/virtualNetworks/read", + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Network/virtualNetworks/subnets/write", + "Microsoft.Network/locations/operations/read", + "Microsoft.Compute/sshPublicKeys/read", + "Microsoft.Compute/sshPublicKeys/write", + "Microsoft.Compute/sshPublicKeys/generateKeyPair/action" ], "condition": null, "conditionVersion": null, @@ -1178898,6 +1181558,52 @@ } ] }, + { + "description": "Read content of config file pattern for Application Configuration Service in Azure Spring Apps", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Spring Apps Application Configuration Service Config File Pattern Reader Role", + "permittedActions": [ + { + "description": "Get Azure Spring Apps service instance(s)", + "displayName": "Get the details of an Azure Spring Apps service instance", + "name": "Microsoft.AppPlatform/Spring/read", + "providerDisplayName": "Microsoft Azure Spring Apps", + "providerName": "Microsoft.AppPlatform" + }, + { + "description": "Get the Application Configuration Services for a specific Azure Spring Apps service instance", + "displayName": "Get Microsoft Azure Spring Apps Application Configuration Service", + "name": "Microsoft.AppPlatform/Spring/configurationServices/read", + "providerDisplayName": "Microsoft Azure Spring Apps", + "providerName": "Microsoft.AppPlatform" + } + ], + "permittedDataActions": [ + { + "description": "Read the configuration content (for example, application-prod.yaml) pulled by Application Configuration Service for a specific Azure Spring Apps service instance", + "displayName": "Get configuration content of Application Configuration Service from Microsoft Azure Spring Apps", + "name": "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/read", + "providerDisplayName": "Microsoft Azure Spring Apps", + "providerName": "Microsoft.AppPlatform" + } + ], + "rawPermissions": [ + { + "actions": [ + "Microsoft.AppPlatform/Spring/read", + "Microsoft.AppPlatform/Spring/configurationServices/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [ + "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/read" + ], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Allows for full access to Azure Messaging Catalog resources.", "hasExternal": false, @@ -1178984,52 +1181690,6 @@ } ] }, - { - "description": "Read content of config file pattern for Application Configuration Service in Azure Spring Apps", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Spring Apps Application Configuration Service Config File Pattern Reader Role", - "permittedActions": [ - { - "description": "Get Azure Spring Apps service instance(s)", - "displayName": "Get the details of an Azure Spring Apps service instance", - "name": "Microsoft.AppPlatform/Spring/read", - "providerDisplayName": "Microsoft Azure Spring Apps", - "providerName": "Microsoft.AppPlatform" - }, - { - "description": "Get the Application Configuration Services for a specific Azure Spring Apps service instance", - "displayName": "Get Microsoft Azure Spring Apps Application Configuration Service", - "name": "Microsoft.AppPlatform/Spring/configurationServices/read", - "providerDisplayName": "Microsoft Azure Spring Apps", - "providerName": "Microsoft.AppPlatform" - } - ], - "permittedDataActions": [ - { - "description": "Read the configuration content (for example, application-prod.yaml) pulled by Application Configuration Service for a specific Azure Spring Apps service instance", - "displayName": "Get configuration content of Application Configuration Service from Microsoft Azure Spring Apps", - "name": "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/read", - "providerDisplayName": "Microsoft Azure Spring Apps", - "providerName": "Microsoft.AppPlatform" - } - ], - "rawPermissions": [ - { - "actions": [ - "Microsoft.AppPlatform/Spring/read", - "Microsoft.AppPlatform/Spring/configurationServices/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.AppPlatform/Spring/ApplicationConfigurationService/read" - ], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Read only access to Azure hybrid database services resources.", "hasExternal": false, @@ -1179857,34 +1182517,6 @@ } ] }, - { - "description": "List instances for job executions in Azure Spring Apps", - "hasExternal": false, - "hasUnknown": false, - "name": "Azure Spring Apps Job Execution Instance List Role", - "permittedActions": [], - "permittedDataActions": [ - { - "description": "List instances of a specific job execution for a specific Azure Spring Apps service instance", - "displayName": "List instances of a specific job execution from Microsoft Azure Spring Apps", - "name": "Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action", - "providerDisplayName": "Microsoft Azure Spring Apps", - "providerName": "Microsoft.AppPlatform" - } - ], - "rawPermissions": [ - { - "actions": [], - "condition": null, - "conditionVersion": null, - "dataActions": [ - "Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action" - ], - "notActions": [], - "notDataActions": [] - } - ] - }, { "description": "Read real-time logs for jobs in Azure Spring Apps", "hasExternal": false, @@ -1179948,809 +1182580,28 @@ ] }, { - "description": "Read-only access to Nexus Network Fabric Service", + "description": "List instances for job executions in Azure Spring Apps", "hasExternal": false, "hasUnknown": false, - "name": "Nexus Network Fabric Service Reader", - "permittedActions": [ - { - "description": "read Operations", - "displayName": "read_Operations", - "name": "Microsoft.ManagedNetworkFabric/Operations/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Shows the provisioning status of Network Fabric Controller.", - "displayName": "NetworkFabricControllers_Get", - "name": "Microsoft.ManagedNetworkFabric/networkFabricControllers/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Lists all the NetworkFabricControllers by subscription.", - "displayName": "NetworkFabricControllers_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/networkFabricControllers/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "read OperationStatuses", - "displayName": "read_OperationStatuses", - "name": "Microsoft.ManagedNetworkFabric/Locations/OperationStatuses/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get Network Fabric resource details.", - "displayName": "NetworkFabrics_Get", - "name": "Microsoft.ManagedNetworkFabric/networkFabrics/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "List all the Network Fabric resources in the given subscription.", - "displayName": "NetworkFabrics_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/networkFabrics/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get Network Rack resource details.", - "displayName": "NetworkRacks_Get", - "name": "Microsoft.ManagedNetworkFabric/networkRacks/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "List all Network Rack resources in the given subscription", - "displayName": "NetworkRacks_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/networkRacks/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Gets the Network Device resource details.", - "displayName": "NetworkDevices_Get", - "name": "Microsoft.ManagedNetworkFabric/networkDevices/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "List all the Network Device resources in a given subscription.", - "displayName": "NetworkDevices_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/networkDevices/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the Network Interface resource details.", - "displayName": "NetworkInterfaces_Get", - "name": "Microsoft.ManagedNetworkFabric/networkDevices/networkInterfaces/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements L2 Isolation Domain GET method.", - "displayName": "L2IsolationDomains_Get", - "name": "Microsoft.ManagedNetworkFabric/l2IsolationDomains/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Displays L2IsolationDomains list by subscription GET method.", - "displayName": "L2IsolationDomains_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/l2IsolationDomains/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Retrieves details of this L3 Isolation Domain.", - "displayName": "L3IsolationDomains_Get", - "name": "Microsoft.ManagedNetworkFabric/l3IsolationDomains/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Displays L3IsolationDomains list by subscription GET method.", - "displayName": "L3IsolationDomains_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/l3IsolationDomains/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements Access Control List GET method.", - "displayName": "AccessControlLists_Get", - "name": "Microsoft.ManagedNetworkFabric/accessControlLists/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements AccessControlLists list by subscription GET method.", - "displayName": "AccessControlLists_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/accessControlLists/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements Route Policy GET method.", - "displayName": "RoutePolicies_Get", - "name": "Microsoft.ManagedNetworkFabric/routePolicies/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements RoutePolicies list by subscription GET method.", - "displayName": "RoutePolicies_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/routePolicies/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements ExternalNetworks GET method.", - "displayName": "ExternalNetworks_Get", - "name": "Microsoft.ManagedNetworkFabric/l3IsolationDomains/externalNetworks/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Gets a InternalNetworks.", - "displayName": "InternalNetworks_Get", - "name": "Microsoft.ManagedNetworkFabric/l3IsolationDomains/internalNetworks/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements NetworkToNetworkInterconnects GET method.", - "displayName": "NetworkToNetworkInterconnects_Get", - "name": "Microsoft.ManagedNetworkFabric/networkFabrics/networkToNetworkInterconnects/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements an IP Community GET method.", - "displayName": "IpCommunities_Get", - "name": "Microsoft.ManagedNetworkFabric/ipCommunities/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements IP Communities list by subscription GET method.", - "displayName": "IpCommunities_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/ipCommunities/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements IP Extended Community GET method.", - "displayName": "IpExtendedCommunities_Get", - "name": "Microsoft.ManagedNetworkFabric/ipExtendedCommunities/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements IpExtendedCommunities list by subscription GET method.", - "displayName": "IpExtendedCommunities_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/ipExtendedCommunities/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements IP Prefix GET method.", - "displayName": "IpPrefixes_Get", - "name": "Microsoft.ManagedNetworkFabric/ipPrefixes/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements IpPrefixes list by subscription GET method.", - "displayName": "IpPrefixes_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/ipPrefixes/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements Gateway GET method.", - "displayName": "InternetGateways_Get", - "name": "Microsoft.ManagedNetworkFabric/internetGateways/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Displays Internet Gateways list by subscription GET method.", - "displayName": "InternetGateways_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/internetGateways/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Gets an Internet Gateway Rule resource.", - "displayName": "InternetGatewayRules_Get", - "name": "Microsoft.ManagedNetworkFabric/internetGatewayRules/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "List all Internet Gateway rules in the given subscription.", - "displayName": "InternetGatewayRules_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/internetGatewayRules/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Retrieves details of this Network Packet Broker.", - "displayName": "NetworkPacketBrokers_Get", - "name": "Microsoft.ManagedNetworkFabric/networkPacketBrokers/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Displays Network Packet Brokers list by subscription GET method.", - "displayName": "NetworkPacketBrokers_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/networkPacketBrokers/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Retrieves details of this Network Tap.", - "displayName": "NetworkTaps_Get", - "name": "Microsoft.ManagedNetworkFabric/networkTaps/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Displays Network Taps list by subscription GET method.", - "displayName": "NetworkTaps_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/networkTaps/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get Network Tap Rule resource details.", - "displayName": "NetworkTapRules_Get", - "name": "Microsoft.ManagedNetworkFabric/networkTapRules/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "List all the Network Tap Rule resources in the given subscription.", - "displayName": "NetworkTapRules_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/networkTapRules/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Gets the Neighbor Group.", - "displayName": "NeighborGroups_Get", - "name": "Microsoft.ManagedNetworkFabric/neighborGroups/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Displays NeighborGroups list by subscription GET method.", - "displayName": "NeighborGroups_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/neighborGroups/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements Ip Community List GET method.", - "displayName": "IpCommunityLists_Get", - "name": "Microsoft.ManagedNetworkFabric/ipCommunityLists/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements IpCommunityLists list by subscription GET method.", - "displayName": "IpCommunityLists_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/ipCommunityLists/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements Ip Prefix List GET method.", - "displayName": "IpPrefixLists_Get", - "name": "Microsoft.ManagedNetworkFabric/ipPrefixLists/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements IpPrefixLists list by subscription GET method.", - "displayName": "IpPrefixLists_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/ipPrefixLists/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Reads registered subscriptions", - "displayName": "Gets/Lists registered subscriptions", - "name": "Microsoft.ManagedNetworkFabric/registeredSubscriptions/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the NfaDevices resource details.", - "displayName": "NfaDevices_Get", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/nfadevices/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the FileInject resource details.", - "displayName": "FileInjects_Get", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/fileinjects/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the OcRawConfig resource details.", - "displayName": "OcRawConfigs_Get", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/ocrawconfigs/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the SSHCommand resource details.", - "displayName": "SSHCommands_Get", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/sshcommands/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the GNOIOperation resource details.", - "displayName": "GNOIOperations_Get", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/gnoioperations/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the NetworkFabricInfo resource details.", - "displayName": "NetworkFabricInfos_Get", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/networkfabricinfos/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the NetworkFabricConfigurationInfo resource details.", - "displayName": "NetworkFabricConfigurationInfo_Get", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/networkfabricconfigurationinfos/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the IdentityWebhooks resource details.", - "displayName": "IdentityWebhooks_Get", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/identitywebhooks/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the NetworkCloudS2S resource details.", - "displayName": "NetworkCloudS2S_Get", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/networkclouds2s/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the NetworkCloudS2S resource details.", - "displayName": "NetworkCloudS2S_Get", - "name": "Microsoft.ManagedNetworkFabric/l2isolationdomains/networkclouds2s/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the NetworkCloudS2S resource details.", - "displayName": "NetworkCloudS2S_Get", - "name": "Microsoft.ManagedNetworkFabric/l3isolationdomains/networkclouds2s/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the NetworkCloudController resource details.", - "displayName": "NetworkCloudControllers_Get", - "name": "Microsoft.ManagedNetworkFabric/networkfabriccontrollers/networkcloudcontrollers/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the Gateway resource details.", - "displayName": "Gateway_Get", - "name": "Microsoft.ManagedNetworkFabric/networkfabriccontrollers/gateway/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the l2isolationdomaininfos resource details.", - "displayName": "L2isolationDomainInfos_Get", - "name": "Microsoft.ManagedNetworkFabric/l2isolationdomains/l2isolationdomaininfos/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the L3isolationDomainInfos resource details.", - "displayName": "L3isolationDomainInfos_Get", - "name": "Microsoft.ManagedNetworkFabric/l3isolationdomains/l3isolationdomaininfos/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Implements internetgatewayactions GET method.", - "displayName": "internetgatewayactions_Get", - "name": "Microsoft.ManagedNetworkFabric/internetGateways/internetgatewayactions/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Displays Internet Gateways internal resource internetgatewayactions list by subscription GET method.", - "displayName": "internetgatewayactions_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/internetGateways/internetgatewayactions/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Gets an internal internet gateway rule actions resource.", - "displayName": "internetgatewayruleactions_Get", - "name": "Microsoft.ManagedNetworkFabric/internetGatewayRules/internetgatewayruleactions/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "List all internal internet gateway rule actions resource in the given subscription.", - "displayName": "internetgatewayruleactions_ListBySubscription", - "name": "Microsoft.ManagedNetworkFabric/internetGatewayRules/internetgatewayruleactions/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the GNOIMaintenance resource details.", - "displayName": "GNOIMaintenances_Get", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/gnoimaintenances/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the igwinfos resource details.", - "displayName": "igwinfos_Get", - "name": "Microsoft.ManagedNetworkFabric/internetgateways/igwinfos/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the NfaExtensionDebug resource details.", - "displayName": "NfaExtensionDebug_Get", - "name": "Microsoft.ManagedNetworkFabric/networkfabrics/nfaextensiondebug/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Get the NfaExtensionDebug resource details.", - "displayName": "NfaExtensionDebug_Get", - "name": "Microsoft.ManagedNetworkFabric/networkfabriccontrollers/nfaextensiondebug/read", - "providerDisplayName": "Microsoft.ManagedNetworkFabric", - "providerName": "Microsoft.ManagedNetworkFabric" - }, - { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Create or update a classic metric alert", - "displayName": "Create or update classic metric alert", - "name": "Microsoft.Insights/AlertRules/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Delete a classic metric alert", - "displayName": "Delete classic metric alert", - "name": "Microsoft.Insights/AlertRules/Delete", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert", - "displayName": "Read classic metric alert", - "name": "Microsoft.Insights/AlertRules/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert activated", - "displayName": "Classic metric alert activated", - "name": "Microsoft.Insights/AlertRules/Activated/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert resolved", - "displayName": "Classic metric alert resolved", - "name": "Microsoft.Insights/AlertRules/Resolved/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert rule throttled", - "displayName": "Classic metric alert rule throttled", - "name": "Microsoft.Insights/AlertRules/Throttled/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert incident", - "displayName": "Read classic metric alert incidents", - "name": "Microsoft.Insights/AlertRules/Incidents/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, + "name": "Azure Spring Apps Job Execution Instance List Role", + "permittedActions": [], + "permittedDataActions": [ { - "description": "Gets or lists resource groups.", - "displayName": "Get Resource Group", - "name": "Microsoft.Resources/subscriptions/resourceGroups/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" + "description": "List instances of a specific job execution for a specific Azure Spring Apps service instance", + "displayName": "List instances of a specific job execution from Microsoft Azure Spring Apps", + "name": "Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action", + "providerDisplayName": "Microsoft Azure Spring Apps", + "providerName": "Microsoft.AppPlatform" } ], - "permittedDataActions": [], "rawPermissions": [ { - "actions": [ - "Microsoft.ManagedNetworkFabric/*/read", - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read" - ], + "actions": [], "condition": null, "conditionVersion": null, - "dataActions": [], + "dataActions": [ + "Microsoft.AppPlatform/Spring/jobs/executions/listInstances/action" + ], "notActions": [], "notDataActions": [] } @@ -1181882,11 +1183733,487 @@ ] }, { - "description": "Allows a user to manage deployment stacks, but cannot create or delete deny assignments within the deployment stack.", + "description": "Read-only access to Nexus Network Fabric Service", "hasExternal": false, "hasUnknown": false, - "name": "Azure Deployment Stack Contributor", + "name": "Nexus Network Fabric Service Reader", "permittedActions": [ + { + "description": "read Operations", + "displayName": "read_Operations", + "name": "Microsoft.ManagedNetworkFabric/Operations/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Shows the provisioning status of Network Fabric Controller.", + "displayName": "NetworkFabricControllers_Get", + "name": "Microsoft.ManagedNetworkFabric/networkFabricControllers/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Lists all the NetworkFabricControllers by subscription.", + "displayName": "NetworkFabricControllers_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/networkFabricControllers/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "read OperationStatuses", + "displayName": "read_OperationStatuses", + "name": "Microsoft.ManagedNetworkFabric/Locations/OperationStatuses/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get Network Fabric resource details.", + "displayName": "NetworkFabrics_Get", + "name": "Microsoft.ManagedNetworkFabric/networkFabrics/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "List all the Network Fabric resources in the given subscription.", + "displayName": "NetworkFabrics_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/networkFabrics/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get Network Rack resource details.", + "displayName": "NetworkRacks_Get", + "name": "Microsoft.ManagedNetworkFabric/networkRacks/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "List all Network Rack resources in the given subscription", + "displayName": "NetworkRacks_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/networkRacks/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Gets the Network Device resource details.", + "displayName": "NetworkDevices_Get", + "name": "Microsoft.ManagedNetworkFabric/networkDevices/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "List all the Network Device resources in a given subscription.", + "displayName": "NetworkDevices_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/networkDevices/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the Network Interface resource details.", + "displayName": "NetworkInterfaces_Get", + "name": "Microsoft.ManagedNetworkFabric/networkDevices/networkInterfaces/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements L2 Isolation Domain GET method.", + "displayName": "L2IsolationDomains_Get", + "name": "Microsoft.ManagedNetworkFabric/l2IsolationDomains/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Displays L2IsolationDomains list by subscription GET method.", + "displayName": "L2IsolationDomains_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/l2IsolationDomains/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Retrieves details of this L3 Isolation Domain.", + "displayName": "L3IsolationDomains_Get", + "name": "Microsoft.ManagedNetworkFabric/l3IsolationDomains/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Displays L3IsolationDomains list by subscription GET method.", + "displayName": "L3IsolationDomains_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/l3IsolationDomains/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements Access Control List GET method.", + "displayName": "AccessControlLists_Get", + "name": "Microsoft.ManagedNetworkFabric/accessControlLists/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements AccessControlLists list by subscription GET method.", + "displayName": "AccessControlLists_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/accessControlLists/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements Route Policy GET method.", + "displayName": "RoutePolicies_Get", + "name": "Microsoft.ManagedNetworkFabric/routePolicies/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements RoutePolicies list by subscription GET method.", + "displayName": "RoutePolicies_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/routePolicies/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements ExternalNetworks GET method.", + "displayName": "ExternalNetworks_Get", + "name": "Microsoft.ManagedNetworkFabric/l3IsolationDomains/externalNetworks/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Gets a InternalNetworks.", + "displayName": "InternalNetworks_Get", + "name": "Microsoft.ManagedNetworkFabric/l3IsolationDomains/internalNetworks/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements NetworkToNetworkInterconnects GET method.", + "displayName": "NetworkToNetworkInterconnects_Get", + "name": "Microsoft.ManagedNetworkFabric/networkFabrics/networkToNetworkInterconnects/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements an IP Community GET method.", + "displayName": "IpCommunities_Get", + "name": "Microsoft.ManagedNetworkFabric/ipCommunities/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements IP Communities list by subscription GET method.", + "displayName": "IpCommunities_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/ipCommunities/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements IP Extended Community GET method.", + "displayName": "IpExtendedCommunities_Get", + "name": "Microsoft.ManagedNetworkFabric/ipExtendedCommunities/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements IpExtendedCommunities list by subscription GET method.", + "displayName": "IpExtendedCommunities_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/ipExtendedCommunities/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements IP Prefix GET method.", + "displayName": "IpPrefixes_Get", + "name": "Microsoft.ManagedNetworkFabric/ipPrefixes/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements IpPrefixes list by subscription GET method.", + "displayName": "IpPrefixes_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/ipPrefixes/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements Gateway GET method.", + "displayName": "InternetGateways_Get", + "name": "Microsoft.ManagedNetworkFabric/internetGateways/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Displays Internet Gateways list by subscription GET method.", + "displayName": "InternetGateways_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/internetGateways/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Gets an Internet Gateway Rule resource.", + "displayName": "InternetGatewayRules_Get", + "name": "Microsoft.ManagedNetworkFabric/internetGatewayRules/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "List all Internet Gateway rules in the given subscription.", + "displayName": "InternetGatewayRules_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/internetGatewayRules/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Retrieves details of this Network Packet Broker.", + "displayName": "NetworkPacketBrokers_Get", + "name": "Microsoft.ManagedNetworkFabric/networkPacketBrokers/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Displays Network Packet Brokers list by subscription GET method.", + "displayName": "NetworkPacketBrokers_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/networkPacketBrokers/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Retrieves details of this Network Tap.", + "displayName": "NetworkTaps_Get", + "name": "Microsoft.ManagedNetworkFabric/networkTaps/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Displays Network Taps list by subscription GET method.", + "displayName": "NetworkTaps_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/networkTaps/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get Network Tap Rule resource details.", + "displayName": "NetworkTapRules_Get", + "name": "Microsoft.ManagedNetworkFabric/networkTapRules/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "List all the Network Tap Rule resources in the given subscription.", + "displayName": "NetworkTapRules_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/networkTapRules/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Gets the Neighbor Group.", + "displayName": "NeighborGroups_Get", + "name": "Microsoft.ManagedNetworkFabric/neighborGroups/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Displays NeighborGroups list by subscription GET method.", + "displayName": "NeighborGroups_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/neighborGroups/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements Ip Community List GET method.", + "displayName": "IpCommunityLists_Get", + "name": "Microsoft.ManagedNetworkFabric/ipCommunityLists/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements IpCommunityLists list by subscription GET method.", + "displayName": "IpCommunityLists_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/ipCommunityLists/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements Ip Prefix List GET method.", + "displayName": "IpPrefixLists_Get", + "name": "Microsoft.ManagedNetworkFabric/ipPrefixLists/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements IpPrefixLists list by subscription GET method.", + "displayName": "IpPrefixLists_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/ipPrefixLists/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Reads registered subscriptions", + "displayName": "Gets/Lists registered subscriptions", + "name": "Microsoft.ManagedNetworkFabric/registeredSubscriptions/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the NfaDevices resource details.", + "displayName": "NfaDevices_Get", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/nfadevices/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the FileInject resource details.", + "displayName": "FileInjects_Get", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/fileinjects/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the OcRawConfig resource details.", + "displayName": "OcRawConfigs_Get", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/ocrawconfigs/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the SSHCommand resource details.", + "displayName": "SSHCommands_Get", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/sshcommands/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the GNOIOperation resource details.", + "displayName": "GNOIOperations_Get", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/gnoioperations/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the NetworkFabricInfo resource details.", + "displayName": "NetworkFabricInfos_Get", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/networkfabricinfos/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the NetworkFabricConfigurationInfo resource details.", + "displayName": "NetworkFabricConfigurationInfo_Get", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/networkfabricconfigurationinfos/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the IdentityWebhooks resource details.", + "displayName": "IdentityWebhooks_Get", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/identitywebhooks/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the NetworkCloudS2S resource details.", + "displayName": "NetworkCloudS2S_Get", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/networkclouds2s/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the NetworkCloudS2S resource details.", + "displayName": "NetworkCloudS2S_Get", + "name": "Microsoft.ManagedNetworkFabric/l2isolationdomains/networkclouds2s/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the NetworkCloudS2S resource details.", + "displayName": "NetworkCloudS2S_Get", + "name": "Microsoft.ManagedNetworkFabric/l3isolationdomains/networkclouds2s/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the NetworkCloudController resource details.", + "displayName": "NetworkCloudControllers_Get", + "name": "Microsoft.ManagedNetworkFabric/networkfabriccontrollers/networkcloudcontrollers/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the Gateway resource details.", + "displayName": "Gateway_Get", + "name": "Microsoft.ManagedNetworkFabric/networkfabriccontrollers/gateway/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the l2isolationdomaininfos resource details.", + "displayName": "L2isolationDomainInfos_Get", + "name": "Microsoft.ManagedNetworkFabric/l2isolationdomains/l2isolationdomaininfos/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the L3isolationDomainInfos resource details.", + "displayName": "L3isolationDomainInfos_Get", + "name": "Microsoft.ManagedNetworkFabric/l3isolationdomains/l3isolationdomaininfos/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Implements internetgatewayactions GET method.", + "displayName": "internetgatewayactions_Get", + "name": "Microsoft.ManagedNetworkFabric/internetGateways/internetgatewayactions/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Displays Internet Gateways internal resource internetgatewayactions list by subscription GET method.", + "displayName": "internetgatewayactions_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/internetGateways/internetgatewayactions/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Gets an internal internet gateway rule actions resource.", + "displayName": "internetgatewayruleactions_Get", + "name": "Microsoft.ManagedNetworkFabric/internetGatewayRules/internetgatewayruleactions/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "List all internal internet gateway rule actions resource in the given subscription.", + "displayName": "internetgatewayruleactions_ListBySubscription", + "name": "Microsoft.ManagedNetworkFabric/internetGatewayRules/internetgatewayruleactions/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the GNOIMaintenance resource details.", + "displayName": "GNOIMaintenances_Get", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/gnoimaintenances/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the igwinfos resource details.", + "displayName": "igwinfos_Get", + "name": "Microsoft.ManagedNetworkFabric/internetgateways/igwinfos/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the NfaExtensionDebug resource details.", + "displayName": "NfaExtensionDebug_Get", + "name": "Microsoft.ManagedNetworkFabric/networkfabrics/nfaextensiondebug/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, + { + "description": "Get the NfaExtensionDebug resource details.", + "displayName": "NfaExtensionDebug_Get", + "name": "Microsoft.ManagedNetworkFabric/networkfabriccontrollers/nfaextensiondebug/read", + "providerDisplayName": "Microsoft.ManagedNetworkFabric", + "providerName": "Microsoft.ManagedNetworkFabric" + }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1182194,32 +1184521,17 @@ "name": "Microsoft.Resources/subscriptions/resourceGroups/read", "providerDisplayName": "Microsoft Resources", "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates a deployment stack", - "displayName": "Write deployment stack", - "name": "Microsoft.Resources/deploymentStacks/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment stacks", - "displayName": "Read deployment stack", - "name": "Microsoft.Resources/deploymentStacks/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" } ], "permittedDataActions": [], "rawPermissions": [ { "actions": [ + "Microsoft.ManagedNetworkFabric/*/read", "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", "Microsoft.Resources/deployments/*", - "Microsoft.Resources/subscriptions/resourceGroups/read", - "Microsoft.Resources/deploymentStacks/write", - "Microsoft.Resources/deploymentStacks/read" + "Microsoft.Resources/subscriptions/resourceGroups/read" ], "condition": null, "conditionVersion": null, @@ -1182590,6 +1184902,354 @@ } ] }, + { + "description": "Allows a user to manage deployment stacks, but cannot create or delete deny assignments within the deployment stack.", + "hasExternal": false, + "hasUnknown": false, + "name": "Azure Deployment Stack Contributor", + "permittedActions": [ + { + "description": "Reads the administrators for the subscription.", + "displayName": "Get administrator", + "name": "Microsoft.Authorization/classicAdministrators/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role assignment.", + "displayName": "Get role assignment", + "name": "Microsoft.Authorization/roleAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Lists all the permissions the caller has at a given scope.", + "displayName": "List permissions", + "name": "Microsoft.Authorization/permissions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets locks at the specified scope.", + "displayName": "Get management locks", + "name": "Microsoft.Authorization/locks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role definition.", + "displayName": "Get role definition", + "name": "Microsoft.Authorization/roleDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get operations for all resource providers which can be used in role definitions.", + "displayName": "Get operations for resource providers", + "name": "Microsoft.Authorization/providerOperations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy set definition.", + "displayName": "Get policy set definition", + "name": "Microsoft.Authorization/policySetDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy definition.", + "displayName": "Get policy definition", + "name": "Microsoft.Authorization/policyDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy assignment.", + "displayName": "Get policy assignment", + "name": "Microsoft.Authorization/policyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the list of operations", + "displayName": "Get operations", + "name": "Microsoft.Authorization/operations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the administrator opreation statuses of the subscription.", + "displayName": "Get administrator operation statuses", + "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a deny assignment.", + "displayName": "Get deny assignment", + "name": "Microsoft.Authorization/denyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about resource management private link.", + "displayName": "Get Resource Management Private Link", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection proxy.", + "displayName": "Get Private Endpoint Connection Proxy", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private link association.", + "displayName": "Get Private Link Association", + "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy exemption.", + "displayName": "Get policy exemption", + "name": "Microsoft.Authorization/policyExemptions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule requests at given scope.", + "displayName": "Get Role assignment schedule request", + "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule requests at given scope.", + "displayName": "Get Role eligibility schedule request", + "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedules at given scope.", + "displayName": "Get Role assignment schedule", + "name": "Microsoft.Authorization/roleAssignmentSchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedules at given scope.", + "displayName": "Get Role eligibility schedule", + "name": "Microsoft.Authorization/roleEligibilitySchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule instances at given scope.", + "displayName": "Get Role assignment schedule instance", + "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule instances at given scope.", + "displayName": "Get Role eligibility schedule instance", + "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get Role management policies", + "displayName": "Get Role management policy", + "name": "Microsoft.Authorization/roleManagementPolicies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get role management policy assignments", + "displayName": "Get Role management policy assignment", + "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Read the information about diagnostics settings", + "displayName": "Get information about diagnostics settings", + "name": "Microsoft.Authorization/diagnosticSettings/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get the information about diagnostic settings categories", + "displayName": "Read the information about diagnostic settings categories", + "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Create or update a classic metric alert", + "displayName": "Create or update classic metric alert", + "name": "Microsoft.Insights/AlertRules/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Delete a classic metric alert", + "displayName": "Delete classic metric alert", + "name": "Microsoft.Insights/AlertRules/Delete", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert", + "displayName": "Read classic metric alert", + "name": "Microsoft.Insights/AlertRules/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert activated", + "displayName": "Classic metric alert activated", + "name": "Microsoft.Insights/AlertRules/Activated/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert resolved", + "displayName": "Classic metric alert resolved", + "name": "Microsoft.Insights/AlertRules/Resolved/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert rule throttled", + "displayName": "Classic metric alert rule throttled", + "name": "Microsoft.Insights/AlertRules/Throttled/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert incident", + "displayName": "Read classic metric alert incidents", + "name": "Microsoft.Insights/AlertRules/Incidents/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists resource groups.", + "displayName": "Get Resource Group", + "name": "Microsoft.Resources/subscriptions/resourceGroups/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates a deployment stack", + "displayName": "Write deployment stack", + "name": "Microsoft.Resources/deploymentStacks/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment stacks", + "displayName": "Read deployment stack", + "name": "Microsoft.Resources/deploymentStacks/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/*", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Resources/deploymentStacks/write", + "Microsoft.Resources/deploymentStacks/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Read real-time logs for Spring Cloud Config Server in Azure Spring Apps", "hasExternal": false, @@ -1182733,10 +1185393,10 @@ ] }, { - "description": "Allows for read and write access to Azure Container Registry repositories, but excluding catalog listing.", + "description": "Allows for read access to Azure Container Registry repositories, but excluding catalog listing.", "hasExternal": false, "hasUnknown": false, - "name": "ACR Repository Writer", + "name": "ACR Repository Reader", "permittedActions": [], "permittedDataActions": [ { @@ -1182752,20 +1185412,6 @@ "name": "Microsoft.ContainerRegistry/registries/repositories/content/read", "providerDisplayName": "Microsoft ContainerRegistry", "providerName": "Microsoft.ContainerRegistry" - }, - { - "description": "Updates the metadata of a repository for a container registry", - "displayName": "Update metadata of a repository for a container registry", - "name": "Microsoft.ContainerRegistry/registries/repositories/metadata/write", - "providerDisplayName": "Microsoft ContainerRegistry", - "providerName": "Microsoft.ContainerRegistry" - }, - { - "description": "Push or Write images to a container registry.", - "displayName": "Push images to container registry.", - "name": "Microsoft.ContainerRegistry/registries/repositories/content/write", - "providerDisplayName": "Microsoft ContainerRegistry", - "providerName": "Microsoft.ContainerRegistry" } ], "rawPermissions": [ @@ -1182775,9 +1185421,7 @@ "conditionVersion": null, "dataActions": [ "Microsoft.ContainerRegistry/registries/repositories/metadata/read", - "Microsoft.ContainerRegistry/registries/repositories/content/read", - "Microsoft.ContainerRegistry/registries/repositories/metadata/write", - "Microsoft.ContainerRegistry/registries/repositories/content/write" + "Microsoft.ContainerRegistry/registries/repositories/content/read" ], "notActions": [], "notDataActions": [] @@ -1182785,10 +1185429,10 @@ ] }, { - "description": "Allows for read access to Azure Container Registry repositories, but excluding catalog listing.", + "description": "Allows for read and write access to Azure Container Registry repositories, but excluding catalog listing.", "hasExternal": false, "hasUnknown": false, - "name": "ACR Repository Reader", + "name": "ACR Repository Writer", "permittedActions": [], "permittedDataActions": [ { @@ -1182804,6 +1185448,20 @@ "name": "Microsoft.ContainerRegistry/registries/repositories/content/read", "providerDisplayName": "Microsoft ContainerRegistry", "providerName": "Microsoft.ContainerRegistry" + }, + { + "description": "Updates the metadata of a repository for a container registry", + "displayName": "Update metadata of a repository for a container registry", + "name": "Microsoft.ContainerRegistry/registries/repositories/metadata/write", + "providerDisplayName": "Microsoft ContainerRegistry", + "providerName": "Microsoft.ContainerRegistry" + }, + { + "description": "Push or Write images to a container registry.", + "displayName": "Push images to container registry.", + "name": "Microsoft.ContainerRegistry/registries/repositories/content/write", + "providerDisplayName": "Microsoft ContainerRegistry", + "providerName": "Microsoft.ContainerRegistry" } ], "rawPermissions": [ @@ -1182813,7 +1185471,9 @@ "conditionVersion": null, "dataActions": [ "Microsoft.ContainerRegistry/registries/repositories/metadata/read", - "Microsoft.ContainerRegistry/registries/repositories/content/read" + "Microsoft.ContainerRegistry/registries/repositories/content/read", + "Microsoft.ContainerRegistry/registries/repositories/metadata/write", + "Microsoft.ContainerRegistry/registries/repositories/content/write" ], "notActions": [], "notDataActions": [] @@ -1184555,11 +1187215,25 @@ ] }, { - "description": "Allows you to view all Microsoft.ProviderHub resources created through the Resource Provider Platform, but does not allow you to make any changes to the resources.", + "description": "Allows you to create and manage Microsoft.ProviderHub resources through the Resource Provider Platform. Does not allow you to assign roles in Azure RBAC.", "hasExternal": false, "hasUnknown": false, - "name": "ProviderHub Reader", + "name": "ProviderHub Contributor", "permittedActions": [ + { + "description": "Registers the subscription for the Microsoft ProviderHub resource provider and enables the creation of Microsoft ProviderHub resources.", + "displayName": "Registers the Microsoft ProviderHub Resource Provider", + "name": "Microsoft.ProviderHub/register/action", + "providerDisplayName": "Microsoft.ProviderHub", + "providerName": "Microsoft.ProviderHub" + }, + { + "description": "UnRegisters the subscription for the Microsoft ProviderHub resource provider and enables the creation of Microsoft ProviderHub.", + "displayName": "UnRegisters the Microsoft ProviderHub Resource Provider", + "name": "Microsoft.ProviderHub/unregister/action", + "providerDisplayName": "Microsoft.ProviderHub", + "providerName": "Microsoft.ProviderHub" + }, { "description": "Read provider registrations", "displayName": "Gets/List provider registrations resources", @@ -1184567,6 +1187241,34 @@ "providerDisplayName": "Microsoft.ProviderHub", "providerName": "Microsoft.ProviderHub" }, + { + "description": "Writes provider registrations", + "displayName": "Create/update provider registrations resources", + "name": "Microsoft.ProviderHub/providerRegistrations/Write", + "providerDisplayName": "Microsoft.ProviderHub", + "providerName": "Microsoft.ProviderHub" + }, + { + "description": "Deletes provider registrations", + "displayName": "Deletes provider registrations resource", + "name": "Microsoft.ProviderHub/providerRegistrations/Delete", + "providerDisplayName": "Microsoft.ProviderHub", + "providerName": "Microsoft.ProviderHub" + }, + { + "description": "Generates the manifest for the resource provider", + "displayName": "Generates the manifest for the registered resource provider", + "name": "Microsoft.ProviderHub/providerRegistrations/generateManifest/Action", + "providerDisplayName": "Microsoft.ProviderHub", + "providerName": "Microsoft.ProviderHub" + }, + { + "description": "Writes provider registrations available account", + "displayName": "Create/update provider registrations available account", + "name": "Microsoft.ProviderHub/availableAccounts/Write", + "providerDisplayName": "Microsoft.ProviderHub", + "providerName": "Microsoft.ProviderHub" + }, { "description": "Read resource type registrations", "displayName": "Gets/List resource type registrations resources", @@ -1184574,6 +1187276,20 @@ "providerDisplayName": "Microsoft.ProviderHub", "providerName": "Microsoft.ProviderHub" }, + { + "description": "Writes resource type registrations", + "displayName": "Create/update resource type registrations resources", + "name": "Microsoft.ProviderHub/providerRegistrations/resourcetypeRegistrations/Write", + "providerDisplayName": "Microsoft.ProviderHub", + "providerName": "Microsoft.ProviderHub" + }, + { + "description": "Deletes resource type registrations", + "displayName": "Deletes resource type registrations resource", + "name": "Microsoft.ProviderHub/providerRegistrations/resourcetypeRegistrations/Delete", + "providerDisplayName": "Microsoft.ProviderHub", + "providerName": "Microsoft.ProviderHub" + }, { "description": "Read operations API", "displayName": "Gets/List operations API resources", @@ -1184581,6 +1187297,27 @@ "providerDisplayName": "Microsoft.ProviderHub", "providerName": "Microsoft.ProviderHub" }, + { + "description": "Writes operations API", + "displayName": "Create/update operations API registrations resources", + "name": "Microsoft.ProviderHub/providerRegistrations/operations/Write", + "providerDisplayName": "Microsoft.ProviderHub", + "providerName": "Microsoft.ProviderHub" + }, + { + "description": "Deletes operations API", + "displayName": "Deletes operations API registrations resource", + "name": "Microsoft.ProviderHub/providerRegistrations/operations/Delete", + "providerDisplayName": "Microsoft.ProviderHub", + "providerName": "Microsoft.ProviderHub" + }, + { + "description": "Writes subscription resources", + "displayName": "Create/update subscriptions resources", + "name": "Microsoft.ProviderHub/providerRegistrations/subscriptions/Write", + "providerDisplayName": "Microsoft.ProviderHub", + "providerName": "Microsoft.ProviderHub" + }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1184770,6 +1187507,118 @@ "providerDisplayName": "Microsoft Authorization", "providerName": "Microsoft.Authorization" }, + { + "description": "Create or update a classic metric alert", + "displayName": "Create or update classic metric alert", + "name": "Microsoft.Insights/AlertRules/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Delete a classic metric alert", + "displayName": "Delete classic metric alert", + "name": "Microsoft.Insights/AlertRules/Delete", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert", + "displayName": "Read classic metric alert", + "name": "Microsoft.Insights/AlertRules/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert activated", + "displayName": "Classic metric alert activated", + "name": "Microsoft.Insights/AlertRules/Activated/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert resolved", + "displayName": "Classic metric alert resolved", + "name": "Microsoft.Insights/AlertRules/Resolved/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert rule throttled", + "displayName": "Classic metric alert rule throttled", + "name": "Microsoft.Insights/AlertRules/Throttled/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert incident", + "displayName": "Read classic metric alert incidents", + "name": "Microsoft.Insights/AlertRules/Incidents/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, { "description": "Gets or lists resource groups.", "displayName": "Get Resource Group", @@ -1184789,8 +1187638,10 @@ "rawPermissions": [ { "actions": [ - "Microsoft.ProviderHub/*/read", + "Microsoft.ProviderHub/*", "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.Resources/deployments/*", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.ResourceHealth/availabilityStatuses/read" ], @@ -1184803,25 +1187654,11 @@ ] }, { - "description": "Allows you to create and manage Microsoft.ProviderHub resources through the Resource Provider Platform. Does not allow you to assign roles in Azure RBAC.", + "description": "Allows you to view all Microsoft.ProviderHub resources created through the Resource Provider Platform, but does not allow you to make any changes to the resources.", "hasExternal": false, "hasUnknown": false, - "name": "ProviderHub Contributor", + "name": "ProviderHub Reader", "permittedActions": [ - { - "description": "Registers the subscription for the Microsoft ProviderHub resource provider and enables the creation of Microsoft ProviderHub resources.", - "displayName": "Registers the Microsoft ProviderHub Resource Provider", - "name": "Microsoft.ProviderHub/register/action", - "providerDisplayName": "Microsoft.ProviderHub", - "providerName": "Microsoft.ProviderHub" - }, - { - "description": "UnRegisters the subscription for the Microsoft ProviderHub resource provider and enables the creation of Microsoft ProviderHub.", - "displayName": "UnRegisters the Microsoft ProviderHub Resource Provider", - "name": "Microsoft.ProviderHub/unregister/action", - "providerDisplayName": "Microsoft.ProviderHub", - "providerName": "Microsoft.ProviderHub" - }, { "description": "Read provider registrations", "displayName": "Gets/List provider registrations resources", @@ -1184829,34 +1187666,6 @@ "providerDisplayName": "Microsoft.ProviderHub", "providerName": "Microsoft.ProviderHub" }, - { - "description": "Writes provider registrations", - "displayName": "Create/update provider registrations resources", - "name": "Microsoft.ProviderHub/providerRegistrations/Write", - "providerDisplayName": "Microsoft.ProviderHub", - "providerName": "Microsoft.ProviderHub" - }, - { - "description": "Deletes provider registrations", - "displayName": "Deletes provider registrations resource", - "name": "Microsoft.ProviderHub/providerRegistrations/Delete", - "providerDisplayName": "Microsoft.ProviderHub", - "providerName": "Microsoft.ProviderHub" - }, - { - "description": "Generates the manifest for the resource provider", - "displayName": "Generates the manifest for the registered resource provider", - "name": "Microsoft.ProviderHub/providerRegistrations/generateManifest/Action", - "providerDisplayName": "Microsoft.ProviderHub", - "providerName": "Microsoft.ProviderHub" - }, - { - "description": "Writes provider registrations available account", - "displayName": "Create/update provider registrations available account", - "name": "Microsoft.ProviderHub/availableAccounts/Write", - "providerDisplayName": "Microsoft.ProviderHub", - "providerName": "Microsoft.ProviderHub" - }, { "description": "Read resource type registrations", "displayName": "Gets/List resource type registrations resources", @@ -1184864,20 +1187673,6 @@ "providerDisplayName": "Microsoft.ProviderHub", "providerName": "Microsoft.ProviderHub" }, - { - "description": "Writes resource type registrations", - "displayName": "Create/update resource type registrations resources", - "name": "Microsoft.ProviderHub/providerRegistrations/resourcetypeRegistrations/Write", - "providerDisplayName": "Microsoft.ProviderHub", - "providerName": "Microsoft.ProviderHub" - }, - { - "description": "Deletes resource type registrations", - "displayName": "Deletes resource type registrations resource", - "name": "Microsoft.ProviderHub/providerRegistrations/resourcetypeRegistrations/Delete", - "providerDisplayName": "Microsoft.ProviderHub", - "providerName": "Microsoft.ProviderHub" - }, { "description": "Read operations API", "displayName": "Gets/List operations API resources", @@ -1184885,27 +1187680,6 @@ "providerDisplayName": "Microsoft.ProviderHub", "providerName": "Microsoft.ProviderHub" }, - { - "description": "Writes operations API", - "displayName": "Create/update operations API registrations resources", - "name": "Microsoft.ProviderHub/providerRegistrations/operations/Write", - "providerDisplayName": "Microsoft.ProviderHub", - "providerName": "Microsoft.ProviderHub" - }, - { - "description": "Deletes operations API", - "displayName": "Deletes operations API registrations resource", - "name": "Microsoft.ProviderHub/providerRegistrations/operations/Delete", - "providerDisplayName": "Microsoft.ProviderHub", - "providerName": "Microsoft.ProviderHub" - }, - { - "description": "Writes subscription resources", - "displayName": "Create/update subscriptions resources", - "name": "Microsoft.ProviderHub/providerRegistrations/subscriptions/Write", - "providerDisplayName": "Microsoft.ProviderHub", - "providerName": "Microsoft.ProviderHub" - }, { "description": "Reads the administrators for the subscription.", "displayName": "Get administrator", @@ -1185095,118 +1187869,6 @@ "providerDisplayName": "Microsoft Authorization", "providerName": "Microsoft.Authorization" }, - { - "description": "Create or update a classic metric alert", - "displayName": "Create or update classic metric alert", - "name": "Microsoft.Insights/AlertRules/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Delete a classic metric alert", - "displayName": "Delete classic metric alert", - "name": "Microsoft.Insights/AlertRules/Delete", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert", - "displayName": "Read classic metric alert", - "name": "Microsoft.Insights/AlertRules/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert activated", - "displayName": "Classic metric alert activated", - "name": "Microsoft.Insights/AlertRules/Activated/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert resolved", - "displayName": "Classic metric alert resolved", - "name": "Microsoft.Insights/AlertRules/Resolved/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Classic metric alert rule throttled", - "displayName": "Classic metric alert rule throttled", - "name": "Microsoft.Insights/AlertRules/Throttled/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Read a classic metric alert incident", - "displayName": "Read classic metric alert incidents", - "name": "Microsoft.Insights/AlertRules/Incidents/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, { "description": "Gets or lists resource groups.", "displayName": "Get Resource Group", @@ -1185226,10 +1187888,8 @@ "rawPermissions": [ { "actions": [ - "Microsoft.ProviderHub/*", + "Microsoft.ProviderHub/*/read", "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.Resources/deployments/*", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.ResourceHealth/availabilityStatuses/read" ], @@ -1188558,6 +1191218,567 @@ } ] }, + { + "description": "Read access to ContainerApps jobs", + "hasExternal": false, + "hasUnknown": false, + "name": "Container Apps Jobs Reader", + "permittedActions": [ + { + "description": "Get a Container Apps Job", + "displayName": "Read Container Apps Job", + "name": "microsoft.app/jobs/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get a Container Apps Job's execution history", + "displayName": "Get a Container Apps Job's execution history", + "name": "microsoft.app/jobs/executions/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get a single execution from a Container Apps Job", + "displayName": "Get a single execution from a Container Apps Job", + "name": "microsoft.app/jobs/execution/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get a Managed Environment", + "displayName": "Read Managed Environment", + "name": "microsoft.app/managedenvironments/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "microsoft.app/jobs/read", + "Microsoft.App/jobs/*/read", + "Microsoft.App/managedenvironments/read" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, + { + "description": "Full management of Container Apps, including creation, deletion, and updates.", + "hasExternal": false, + "hasUnknown": false, + "name": "Container Apps Contributor", + "permittedActions": [ + { + "description": "Reads the administrators for the subscription.", + "displayName": "Get administrator", + "name": "Microsoft.Authorization/classicAdministrators/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role assignment.", + "displayName": "Get role assignment", + "name": "Microsoft.Authorization/roleAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Lists all the permissions the caller has at a given scope.", + "displayName": "List permissions", + "name": "Microsoft.Authorization/permissions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets locks at the specified scope.", + "displayName": "Get management locks", + "name": "Microsoft.Authorization/locks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a role definition.", + "displayName": "Get role definition", + "name": "Microsoft.Authorization/roleDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get operations for all resource providers which can be used in role definitions.", + "displayName": "Get operations for resource providers", + "name": "Microsoft.Authorization/providerOperations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy set definition.", + "displayName": "Get policy set definition", + "name": "Microsoft.Authorization/policySetDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy definition.", + "displayName": "Get policy definition", + "name": "Microsoft.Authorization/policyDefinitions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy assignment.", + "displayName": "Get policy assignment", + "name": "Microsoft.Authorization/policyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the list of operations", + "displayName": "Get operations", + "name": "Microsoft.Authorization/operations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the administrator opreation statuses of the subscription.", + "displayName": "Get administrator operation statuses", + "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a deny assignment.", + "displayName": "Get deny assignment", + "name": "Microsoft.Authorization/denyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about resource management private link.", + "displayName": "Get Resource Management Private Link", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection proxy.", + "displayName": "Get Private Endpoint Connection Proxy", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private endpoint connection.", + "displayName": "Get Private Endpoint Connection", + "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about private link association.", + "displayName": "Get Private Link Association", + "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get information about a policy exemption.", + "displayName": "Get policy exemption", + "name": "Microsoft.Authorization/policyExemptions/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule requests at given scope.", + "displayName": "Get Role assignment schedule request", + "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule requests at given scope.", + "displayName": "Get Role eligibility schedule request", + "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedules at given scope.", + "displayName": "Get Role assignment schedule", + "name": "Microsoft.Authorization/roleAssignmentSchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedules at given scope.", + "displayName": "Get Role eligibility schedule", + "name": "Microsoft.Authorization/roleEligibilitySchedules/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role assignment schedule instances at given scope.", + "displayName": "Get Role assignment schedule instance", + "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Gets the role eligibility schedule instances at given scope.", + "displayName": "Get Role eligibility schedule instance", + "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get Role management policies", + "displayName": "Get Role management policy", + "name": "Microsoft.Authorization/roleManagementPolicies/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get role management policy assignments", + "displayName": "Get Role management policy assignment", + "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Read the information about diagnostics settings", + "displayName": "Get information about diagnostics settings", + "name": "Microsoft.Authorization/diagnosticSettings/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Get the information about diagnostic settings categories", + "displayName": "Read the information about diagnostic settings categories", + "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", + "providerDisplayName": "Microsoft Authorization", + "providerName": "Microsoft.Authorization" + }, + { + "description": "Create or update a classic metric alert", + "displayName": "Create or update classic metric alert", + "name": "Microsoft.Insights/AlertRules/Write", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Delete a classic metric alert", + "displayName": "Delete classic metric alert", + "name": "Microsoft.Insights/AlertRules/Delete", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert", + "displayName": "Read classic metric alert", + "name": "Microsoft.Insights/AlertRules/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert activated", + "displayName": "Classic metric alert activated", + "name": "Microsoft.Insights/AlertRules/Activated/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert resolved", + "displayName": "Classic metric alert resolved", + "name": "Microsoft.Insights/AlertRules/Resolved/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Classic metric alert rule throttled", + "displayName": "Classic metric alert rule throttled", + "name": "Microsoft.Insights/AlertRules/Throttled/Action", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Read a classic metric alert incident", + "displayName": "Read classic metric alert incidents", + "name": "Microsoft.Insights/AlertRules/Incidents/Read", + "providerDisplayName": "Microsoft Azure Monitor", + "providerName": "Microsoft.Insights" + }, + { + "description": "Get revision of a container app", + "displayName": "Read Container App Revision", + "name": "microsoft.app/containerapps/revisions/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get replica of a container app revision", + "displayName": "Read Container App Revision Replica", + "name": "microsoft.app/containerapps/revisions/replicas/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get auth config of a container app", + "displayName": "Read Container App Auth Configuration", + "name": "microsoft.app/containerapps/authconfigs/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get Container App Source Control Configuration", + "displayName": "Get Container App Source Control", + "name": "microsoft.app/containerapps/sourcecontrols/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get detector of a container app", + "displayName": "Read Container App Detector", + "name": "microsoft.app/containerapps/detectors/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Create or update auth config of a container app", + "displayName": "Create or Update Container App Auth Configuration", + "name": "microsoft.app/containerapps/authconfigs/write", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Create or Update Container App Source Control Configuration", + "displayName": "Create or Update Container App Source Control", + "name": "microsoft.app/containerapps/sourcecontrols/write", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Delete auth config of a container app", + "displayName": "Delete Container App Auth Configuration", + "name": "microsoft.app/containerapps/authconfigs/delete", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Delete Container App Source Control Configuration", + "displayName": "Delete Container App Source Control", + "name": "microsoft.app/containerapps/sourcecontrols/delete", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "List secrets of a container app", + "displayName": "List Container App Secrets", + "name": "microsoft.app/containerapps/listsecrets/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "List custom host name analysis result", + "displayName": "List Container App Custom Host Name Anaylysis", + "name": "microsoft.app/containerapps/listcustomhostnameanalysis/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Stop a Container App", + "displayName": "Stop Container App", + "name": "microsoft.app/containerapps/stop/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Start a Container App", + "displayName": "Start Container App", + "name": "microsoft.app/containerapps/start/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get Auth Token for Container App Dev APIs to get log stream, exec or port forward from a container. This operation will be deprecated soon.", + "displayName": "Auth Token for Container App Dev APIs", + "name": "microsoft.app/containerapps/authtoken/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get Auth Token for Container App Dev APIs to get log stream, exec or port forward from a container.", + "displayName": "Auth Token for Container App Dev APIs", + "name": "microsoft.app/containerapps/getauthtoken/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Restart a container app revision", + "displayName": "Restart Container App Revision", + "name": "microsoft.app/containerapps/revisions/restart/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Activate a container app revision", + "displayName": "Activate Container App Revision", + "name": "microsoft.app/containerapps/revisions/activate/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Deactivate a container app revision", + "displayName": "Deactivate Container App Revision", + "name": "microsoft.app/containerapps/revisions/deactivate/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get a Managed Environment", + "displayName": "Read Managed Environment", + "name": "microsoft.app/managedenvironments/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get a Managed Environment's Certificate", + "displayName": "Read Managed Environment Certificate", + "name": "microsoft.app/managedenvironments/certificates/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get storage for a Managed Environment.", + "displayName": "Read Managed Environment Storage.", + "name": "microsoft.app/managedenvironments/storages/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Read Managed Environment Dapr Component", + "displayName": "Read Managed Environment Dapr Component", + "name": "microsoft.app/managedenvironments/daprcomponents/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get detector of a managed environment", + "displayName": "Read Managed Environment Detector", + "name": "microsoft.app/managedenvironments/detectors/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get Current Workload Profile States", + "displayName": "Read Current Workload Profile State", + "name": "microsoft.app/managedenvironments/workloadprofilestates/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get a Managed Certificate in Managed Environment", + "displayName": "Read Managed Certificate in Managed Environment", + "name": "microsoft.app/managedenvironments/managedcertificates/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get Quota Usages in a Managed Environment", + "displayName": "Read Managed Environment Quota Usages", + "name": "microsoft.app/managedenvironments/usages/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Allows to create a Container App in a Managed Environment", + "displayName": "Join Managed Environment", + "name": "microsoft.app/managedenvironments/join/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Check reource name availability for a Managed Environment", + "displayName": "Check Managed Environment Name Availability", + "name": "microsoft.app/managedenvironments/checknameavailability/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get a Connected Environment", + "displayName": "Read Connected Environment", + "name": "microsoft.app/connectedenvironments/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get storage for a Connected Environment.", + "displayName": "Read Connected Environment Storage.", + "name": "microsoft.app/connectedenvironments/storages/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Read Connected Environment Dapr Component", + "displayName": "Read Connected Environment Dapr Component", + "name": "microsoft.app/connectedenvironments/daprcomponents/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get a Connected Environment's Certificate", + "displayName": "Read Connected Environment Certificate", + "name": "microsoft.app/connectedenvironments/certificates/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Allows to create a Container App or Container Apps Job in a Connected Environment", + "displayName": "Join Connected Environment", + "name": "microsoft.app/connectedenvironments/join/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Check reource name availability for a Connected Environment", + "displayName": "Check Connected Environment Name Availability", + "name": "microsoft.app/connectedenvironments/checknameavailability/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + } + ], + "permittedDataActions": [], + "rawPermissions": [ + { + "actions": [ + "Microsoft.Authorization/*/read", + "Microsoft.Insights/alertRules/*", + "Microsoft.App/containerApps/*/read", + "Microsoft.App/containerApps/*/write", + "Microsoft.App/containerApps/*/delete", + "Microsoft.App/containerApps/*/action", + "Microsoft.App/managedEnvironments/read", + "Microsoft.App/managedEnvironments/*/read", + "Microsoft.App/managedEnvironments/join/action", + "Microsoft.App/managedEnvironments/checknameavailability/action", + "Microsoft.App/connectedEnvironments/read", + "Microsoft.App/connectedEnvironments/*/read", + "Microsoft.App/connectedEnvironments/join/action", + "Microsoft.App/connectedEnvironments/checknameavailability/action" + ], + "condition": null, + "conditionVersion": null, + "dataActions": [], + "notActions": [], + "notDataActions": [] + } + ] + }, { "description": "Read, logstream and exec into Container Apps.", "hasExternal": false, @@ -1189042,10 +1192263,10 @@ ] }, { - "description": "Full management of Container Apps ManagedEnvironments, including creation, deletion, and updates.", + "description": "Read access to ContainerApps sessionpools.", "hasExternal": false, - "hasUnknown": false, - "name": "Container Apps ManagedEnvironments Contributor", + "hasUnknown": true, + "name": "Container Apps SessionPools Reader", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1189284,202 +1192505,6 @@ "name": "Microsoft.Insights/AlertRules/Incidents/Read", "providerDisplayName": "Microsoft Azure Monitor", "providerName": "Microsoft.Insights" - }, - { - "description": "Get a Managed Environment's Certificate", - "displayName": "Read Managed Environment Certificate", - "name": "microsoft.app/managedenvironments/certificates/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get storage for a Managed Environment.", - "displayName": "Read Managed Environment Storage.", - "name": "microsoft.app/managedenvironments/storages/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Read Managed Environment Dapr Component", - "displayName": "Read Managed Environment Dapr Component", - "name": "microsoft.app/managedenvironments/daprcomponents/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get detector of a managed environment", - "displayName": "Read Managed Environment Detector", - "name": "microsoft.app/managedenvironments/detectors/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get Current Workload Profile States", - "displayName": "Read Current Workload Profile State", - "name": "microsoft.app/managedenvironments/workloadprofilestates/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get a Managed Certificate in Managed Environment", - "displayName": "Read Managed Certificate in Managed Environment", - "name": "microsoft.app/managedenvironments/managedcertificates/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get Quota Usages in a Managed Environment", - "displayName": "Read Managed Environment Quota Usages", - "name": "microsoft.app/managedenvironments/usages/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Create or update a Managed Environment Certificate", - "displayName": "Create or Update Managed Environment Certificate", - "name": "microsoft.app/managedenvironments/certificates/write", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Create or Update a storage of Managed Environment.", - "displayName": "Create or Update a Managed Environment Storage.", - "name": "microsoft.app/managedenvironments/storages/write", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Create or Update Managed Environment Dapr Component", - "displayName": "Create or Update Managed Environment Dapr Component", - "name": "microsoft.app/managedenvironments/daprcomponents/write", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Create or update a Managed Certificate in Managed Environment", - "displayName": "Create or Update Managed Certificate in Managed Environment", - "name": "microsoft.app/managedenvironments/managedcertificates/write", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Delete a Managed Environment's Certificate", - "displayName": "Delete Managed Environment's Certificate", - "name": "microsoft.app/managedenvironments/certificates/delete", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Delete a storage of Managed Environment.", - "displayName": "Delete a Managed Environment Storage", - "name": "microsoft.app/managedenvironments/storages/delete", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Delete Managed Environment Dapr Component", - "displayName": "Delete Managed Environment Dapr Component", - "name": "microsoft.app/managedenvironments/daprcomponents/delete", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Delete a Managed Certificate in Managed Environment", - "displayName": "Delete Managed Certificate in Managed Environment", - "name": "microsoft.app/managedenvironments/managedcertificates/delete", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Allows to create a Container App in a Managed Environment", - "displayName": "Join Managed Environment", - "name": "microsoft.app/managedenvironments/join/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get Auth Token for Managed Environment Dev APIs to get log stream, exec or port forward from a container", - "displayName": "Auth Token for Managed Environment Dev APIs", - "name": "microsoft.app/managedenvironments/getauthtoken/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Check reource name availability for a Managed Environment", - "displayName": "Check Managed Environment Name Availability", - "name": "microsoft.app/managedenvironments/checknameavailability/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "List Secrets of a Dapr Component", - "displayName": "List Dapr Component Secrets", - "name": "microsoft.app/managedenvironments/daprcomponents/listsecrets/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" } ], "permittedDataActions": [], @@ -1189488,11 +1192513,7 @@ "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "Microsoft.App/managedEnvironments/*/read", - "Microsoft.App/managedEnvironments/*/write", - "Microsoft.App/managedEnvironments/*/delete", - "Microsoft.App/managedEnvironments/*/action", - "Microsoft.Resources/deployments/*" + "Microsoft.App/sessionPools/*/read" ], "condition": null, "conditionVersion": null, @@ -1189503,10 +1192524,10 @@ ] }, { - "description": "Full management of Container Apps, including creation, deletion, and updates.", + "description": "Full management of Container Apps SessionPools, including creation, deletion, and updates.", "hasExternal": false, - "hasUnknown": false, - "name": "Container Apps Contributor", + "hasUnknown": true, + "name": "Container Apps SessionPools Contributor", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1189746,132 +1192767,6 @@ "providerDisplayName": "Microsoft Azure Monitor", "providerName": "Microsoft.Insights" }, - { - "description": "Get revision of a container app", - "displayName": "Read Container App Revision", - "name": "microsoft.app/containerapps/revisions/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get replica of a container app revision", - "displayName": "Read Container App Revision Replica", - "name": "microsoft.app/containerapps/revisions/replicas/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get auth config of a container app", - "displayName": "Read Container App Auth Configuration", - "name": "microsoft.app/containerapps/authconfigs/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get Container App Source Control Configuration", - "displayName": "Get Container App Source Control", - "name": "microsoft.app/containerapps/sourcecontrols/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get detector of a container app", - "displayName": "Read Container App Detector", - "name": "microsoft.app/containerapps/detectors/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Create or update auth config of a container app", - "displayName": "Create or Update Container App Auth Configuration", - "name": "microsoft.app/containerapps/authconfigs/write", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Create or Update Container App Source Control Configuration", - "displayName": "Create or Update Container App Source Control", - "name": "microsoft.app/containerapps/sourcecontrols/write", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Delete auth config of a container app", - "displayName": "Delete Container App Auth Configuration", - "name": "microsoft.app/containerapps/authconfigs/delete", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Delete Container App Source Control Configuration", - "displayName": "Delete Container App Source Control", - "name": "microsoft.app/containerapps/sourcecontrols/delete", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "List secrets of a container app", - "displayName": "List Container App Secrets", - "name": "microsoft.app/containerapps/listsecrets/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "List custom host name analysis result", - "displayName": "List Container App Custom Host Name Anaylysis", - "name": "microsoft.app/containerapps/listcustomhostnameanalysis/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Stop a Container App", - "displayName": "Stop Container App", - "name": "microsoft.app/containerapps/stop/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Start a Container App", - "displayName": "Start Container App", - "name": "microsoft.app/containerapps/start/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get Auth Token for Container App Dev APIs to get log stream, exec or port forward from a container. This operation will be deprecated soon.", - "displayName": "Auth Token for Container App Dev APIs", - "name": "microsoft.app/containerapps/authtoken/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get Auth Token for Container App Dev APIs to get log stream, exec or port forward from a container.", - "displayName": "Auth Token for Container App Dev APIs", - "name": "microsoft.app/containerapps/getauthtoken/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Restart a container app revision", - "displayName": "Restart Container App Revision", - "name": "microsoft.app/containerapps/revisions/restart/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Activate a container app revision", - "displayName": "Activate Container App Revision", - "name": "microsoft.app/containerapps/revisions/activate/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Deactivate a container app revision", - "displayName": "Deactivate Container App Revision", - "name": "microsoft.app/containerapps/revisions/deactivate/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, { "description": "Get a Managed Environment", "displayName": "Read Managed Environment", @@ -1189983,6 +1192878,69 @@ "name": "microsoft.app/connectedenvironments/checknameavailability/action", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" + }, + { + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" + }, + { + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" } ], "permittedDataActions": [], @@ -1189991,18 +1192949,19 @@ "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "Microsoft.App/containerApps/*/read", - "Microsoft.App/containerApps/*/write", - "Microsoft.App/containerApps/*/delete", - "Microsoft.App/containerApps/*/action", - "Microsoft.App/managedEnvironments/read", + "Microsoft.App/sessionPools/*/read", + "Microsoft.App/sessionPools/*/write", + "Microsoft.App/sessionPools/*/delete", + "Microsoft.App/sessionPools/*/action", + "microsoft.App/managedEnvironments/read", "Microsoft.App/managedEnvironments/*/read", "Microsoft.App/managedEnvironments/join/action", "Microsoft.App/managedEnvironments/checknameavailability/action", - "Microsoft.App/connectedEnvironments/read", + "microsoft.App/connectedEnvironments/read", "Microsoft.App/connectedEnvironments/*/read", "Microsoft.App/connectedEnvironments/join/action", - "Microsoft.App/connectedEnvironments/checknameavailability/action" + "Microsoft.App/connectedEnvironments/checknameavailability/action", + "Microsoft.Resources/deployments/*" ], "condition": null, "conditionVersion": null, @@ -1190013,10 +1192972,10 @@ ] }, { - "description": "Read access to ContainerApps managedenvironments.", + "description": "Full management of Container Apps ManagedEnvironments, including creation, deletion, and updates.", "hasExternal": false, "hasUnknown": false, - "name": "Container Apps ManagedEnvironments Reader", + "name": "Container Apps ManagedEnvironments Contributor", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1190304,318 +1193263,153 @@ "name": "microsoft.app/managedenvironments/usages/read", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "Microsoft.Authorization/*/read", - "Microsoft.Insights/alertRules/*", - "Microsoft.App/managedEnvironments/*/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Read access to ContainerApps jobs", - "hasExternal": false, - "hasUnknown": false, - "name": "Container Apps Jobs Reader", - "permittedActions": [ + }, { - "description": "Get a Container Apps Job", - "displayName": "Read Container Apps Job", - "name": "microsoft.app/jobs/read", + "description": "Create or update a Managed Environment Certificate", + "displayName": "Create or Update Managed Environment Certificate", + "name": "microsoft.app/managedenvironments/certificates/write", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, { - "description": "Get a Container Apps Job's execution history", - "displayName": "Get a Container Apps Job's execution history", - "name": "microsoft.app/jobs/executions/read", + "description": "Create or Update a storage of Managed Environment.", + "displayName": "Create or Update a Managed Environment Storage.", + "name": "microsoft.app/managedenvironments/storages/write", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, { - "description": "Get a single execution from a Container Apps Job", - "displayName": "Get a single execution from a Container Apps Job", - "name": "microsoft.app/jobs/execution/read", + "description": "Create or Update Managed Environment Dapr Component", + "displayName": "Create or Update Managed Environment Dapr Component", + "name": "microsoft.app/managedenvironments/daprcomponents/write", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" }, { - "description": "Get a Managed Environment", - "displayName": "Read Managed Environment", - "name": "microsoft.app/managedenvironments/read", + "description": "Create or update a Managed Certificate in Managed Environment", + "displayName": "Create or Update Managed Certificate in Managed Environment", + "name": "microsoft.app/managedenvironments/managedcertificates/write", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" - } - ], - "permittedDataActions": [], - "rawPermissions": [ - { - "actions": [ - "microsoft.app/jobs/read", - "Microsoft.App/jobs/*/read", - "Microsoft.App/managedenvironments/read" - ], - "condition": null, - "conditionVersion": null, - "dataActions": [], - "notActions": [], - "notDataActions": [] - } - ] - }, - { - "description": "Read access to ContainerApps sessionpools.", - "hasExternal": false, - "hasUnknown": true, - "name": "Container Apps SessionPools Reader", - "permittedActions": [ - { - "description": "Reads the administrators for the subscription.", - "displayName": "Get administrator", - "name": "Microsoft.Authorization/classicAdministrators/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role assignment.", - "displayName": "Get role assignment", - "name": "Microsoft.Authorization/roleAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Lists all the permissions the caller has at a given scope.", - "displayName": "List permissions", - "name": "Microsoft.Authorization/permissions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets locks at the specified scope.", - "displayName": "Get management locks", - "name": "Microsoft.Authorization/locks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a role definition.", - "displayName": "Get role definition", - "name": "Microsoft.Authorization/roleDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get operations for all resource providers which can be used in role definitions.", - "displayName": "Get operations for resource providers", - "name": "Microsoft.Authorization/providerOperations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy set definition.", - "displayName": "Get policy set definition", - "name": "Microsoft.Authorization/policySetDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy definition.", - "displayName": "Get policy definition", - "name": "Microsoft.Authorization/policyDefinitions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy assignment.", - "displayName": "Get policy assignment", - "name": "Microsoft.Authorization/policyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the list of operations", - "displayName": "Get operations", - "name": "Microsoft.Authorization/operations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the administrator opreation statuses of the subscription.", - "displayName": "Get administrator operation statuses", - "name": "Microsoft.Authorization/classicAdministrators/operationstatuses/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a deny assignment.", - "displayName": "Get deny assignment", - "name": "Microsoft.Authorization/denyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about resource management private link.", - "displayName": "Get Resource Management Private Link", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection proxy.", - "displayName": "Get Private Endpoint Connection Proxy", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnectionProxies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about private endpoint connection.", - "displayName": "Get Private Endpoint Connection", - "name": "Microsoft.Authorization/policyAssignments/resourceManagementPrivateLinks/privateEndpointConnections/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" }, { - "description": "Get information about private link association.", - "displayName": "Get Private Link Association", - "name": "Microsoft.Authorization/policyAssignments/privateLinkAssociations/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Get information about a policy exemption.", - "displayName": "Get policy exemption", - "name": "Microsoft.Authorization/policyExemptions/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" - }, - { - "description": "Gets the role assignment schedule requests at given scope.", - "displayName": "Get Role assignment schedule request", - "name": "Microsoft.Authorization/roleAssignmentScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Delete a Managed Environment's Certificate", + "displayName": "Delete Managed Environment's Certificate", + "name": "microsoft.app/managedenvironments/certificates/delete", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" }, { - "description": "Gets the role eligibility schedule requests at given scope.", - "displayName": "Get Role eligibility schedule request", - "name": "Microsoft.Authorization/roleEligibilityScheduleRequests/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Delete a storage of Managed Environment.", + "displayName": "Delete a Managed Environment Storage", + "name": "microsoft.app/managedenvironments/storages/delete", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" }, { - "description": "Gets the role assignment schedules at given scope.", - "displayName": "Get Role assignment schedule", - "name": "Microsoft.Authorization/roleAssignmentSchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Delete Managed Environment Dapr Component", + "displayName": "Delete Managed Environment Dapr Component", + "name": "microsoft.app/managedenvironments/daprcomponents/delete", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" }, { - "description": "Gets the role eligibility schedules at given scope.", - "displayName": "Get Role eligibility schedule", - "name": "Microsoft.Authorization/roleEligibilitySchedules/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Delete a Managed Certificate in Managed Environment", + "displayName": "Delete Managed Certificate in Managed Environment", + "name": "microsoft.app/managedenvironments/managedcertificates/delete", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" }, { - "description": "Gets the role assignment schedule instances at given scope.", - "displayName": "Get Role assignment schedule instance", - "name": "Microsoft.Authorization/roleAssignmentScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Allows to create a Container App in a Managed Environment", + "displayName": "Join Managed Environment", + "name": "microsoft.app/managedenvironments/join/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" }, { - "description": "Gets the role eligibility schedule instances at given scope.", - "displayName": "Get Role eligibility schedule instance", - "name": "Microsoft.Authorization/roleEligibilityScheduleInstances/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Get Auth Token for Managed Environment Dev APIs to get log stream, exec or port forward from a container", + "displayName": "Auth Token for Managed Environment Dev APIs", + "name": "microsoft.app/managedenvironments/getauthtoken/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" }, { - "description": "Get Role management policies", - "displayName": "Get Role management policy", - "name": "Microsoft.Authorization/roleManagementPolicies/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Check reource name availability for a Managed Environment", + "displayName": "Check Managed Environment Name Availability", + "name": "microsoft.app/managedenvironments/checknameavailability/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" }, { - "description": "Get role management policy assignments", - "displayName": "Get Role management policy assignment", - "name": "Microsoft.Authorization/roleManagementPolicyAssignments/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "List Secrets of a Dapr Component", + "displayName": "List Dapr Component Secrets", + "name": "microsoft.app/managedenvironments/daprcomponents/listsecrets/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" }, { - "description": "Read the information about diagnostics settings", - "displayName": "Get information about diagnostics settings", - "name": "Microsoft.Authorization/diagnosticSettings/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Gets or lists deployments.", + "displayName": "Get Deployment", + "name": "Microsoft.Resources/deployments/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Get the information about diagnostic settings categories", - "displayName": "Read the information about diagnostic settings categories", - "name": "Microsoft.Authorization/diagnosticSettingsCategories/read", - "providerDisplayName": "Microsoft Authorization", - "providerName": "Microsoft.Authorization" + "description": "Creates or updates an deployment.", + "displayName": "Create Deployment", + "name": "Microsoft.Resources/deployments/write", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Create or update a classic metric alert", - "displayName": "Create or update classic metric alert", - "name": "Microsoft.Insights/AlertRules/Write", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Deletes a deployment.", + "displayName": "Delete Deployment", + "name": "Microsoft.Resources/deployments/delete", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Delete a classic metric alert", - "displayName": "Delete classic metric alert", - "name": "Microsoft.Insights/AlertRules/Delete", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Cancels a deployment.", + "displayName": "Cancel Deployment", + "name": "Microsoft.Resources/deployments/cancel/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Read a classic metric alert", - "displayName": "Read classic metric alert", - "name": "Microsoft.Insights/AlertRules/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Validates an deployment.", + "displayName": "Validate Deployment", + "name": "Microsoft.Resources/deployments/validate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Classic metric alert activated", - "displayName": "Classic metric alert activated", - "name": "Microsoft.Insights/AlertRules/Activated/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Predicts template deployment changes.", + "displayName": "Deployment What-If", + "name": "Microsoft.Resources/deployments/whatIf/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Classic metric alert resolved", - "displayName": "Classic metric alert resolved", - "name": "Microsoft.Insights/AlertRules/Resolved/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Export template for a deployment", + "displayName": "Export template for deployment", + "name": "Microsoft.Resources/deployments/exportTemplate/action", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Classic metric alert rule throttled", - "displayName": "Classic metric alert rule throttled", - "name": "Microsoft.Insights/AlertRules/Throttled/Action", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Gets or lists deployment operations.", + "displayName": "Get Deployment Operation", + "name": "Microsoft.Resources/deployments/operations/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" }, { - "description": "Read a classic metric alert incident", - "displayName": "Read classic metric alert incidents", - "name": "Microsoft.Insights/AlertRules/Incidents/Read", - "providerDisplayName": "Microsoft Azure Monitor", - "providerName": "Microsoft.Insights" + "description": "Gets or lists deployment operation statuses.", + "displayName": "Get deployment operation status", + "name": "Microsoft.Resources/deployments/operationstatuses/read", + "providerDisplayName": "Microsoft Resources", + "providerName": "Microsoft.Resources" } ], "permittedDataActions": [], @@ -1190624,7 +1193418,11 @@ "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "Microsoft.App/sessionPools/*/read" + "Microsoft.App/managedEnvironments/*/read", + "Microsoft.App/managedEnvironments/*/write", + "Microsoft.App/managedEnvironments/*/delete", + "Microsoft.App/managedEnvironments/*/action", + "Microsoft.Resources/deployments/*" ], "condition": null, "conditionVersion": null, @@ -1190635,10 +1193433,10 @@ ] }, { - "description": "Full management of Container Apps jobs, including creation, deletion, and updates.", + "description": "Read access to ContainerApps managedenvironments.", "hasExternal": false, "hasUnknown": false, - "name": "Container Apps Jobs Contributor", + "name": "Container Apps ManagedEnvironments Reader", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1190878,83 +1193676,6 @@ "providerDisplayName": "Microsoft Azure Monitor", "providerName": "Microsoft.Insights" }, - { - "description": "Get a Container Apps Job", - "displayName": "Read Container Apps Job", - "name": "microsoft.app/jobs/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get a Container Apps Job's execution history", - "displayName": "Get a Container Apps Job's execution history", - "name": "microsoft.app/jobs/executions/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get a single execution from a Container Apps Job", - "displayName": "Get a single execution from a Container Apps Job", - "name": "microsoft.app/jobs/execution/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Start a Container Apps Job", - "displayName": "Start a Container Apps Job", - "name": "microsoft.app/jobs/start/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Stop multiple Container Apps Job executions", - "displayName": "Stop multiple Container Apps Job executions", - "name": "microsoft.app/jobs/stop/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "List secrets of a container apps job", - "displayName": "List Container Apps Job Secrets", - "name": "microsoft.app/jobs/listsecrets/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Stop a Container Apps Job's specific execution", - "displayName": "Stop a Container Apps Job's specific execution", - "name": "microsoft.app/jobs/stop/execution/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Stop a Container Apps Job's specific execution", - "displayName": "Stop a Container Apps Job's specific execution", - "name": "microsoft.app/jobs/stop/execution/backport/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Create or update a Container Apps Job", - "displayName": "Create or Update Container Apps Job", - "name": "microsoft.app/jobs/write", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Delete a Container Apps Job", - "displayName": "Delete Container Apps Job", - "name": "microsoft.app/jobs/delete", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get a Managed Environment", - "displayName": "Read Managed Environment", - "name": "microsoft.app/managedenvironments/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, { "description": "Get a Managed Environment's Certificate", "displayName": "Read Managed Environment Certificate", @@ -1191003,125 +1193724,6 @@ "name": "microsoft.app/managedenvironments/usages/read", "providerDisplayName": "Microsoft Apps", "providerName": "microsoft.app" - }, - { - "description": "Allows to create a Container App in a Managed Environment", - "displayName": "Join Managed Environment", - "name": "microsoft.app/managedenvironments/join/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Check reource name availability for a Managed Environment", - "displayName": "Check Managed Environment Name Availability", - "name": "microsoft.app/managedenvironments/checknameavailability/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get a Connected Environment", - "displayName": "Read Connected Environment", - "name": "microsoft.app/connectedenvironments/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get storage for a Connected Environment.", - "displayName": "Read Connected Environment Storage.", - "name": "microsoft.app/connectedenvironments/storages/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Read Connected Environment Dapr Component", - "displayName": "Read Connected Environment Dapr Component", - "name": "microsoft.app/connectedenvironments/daprcomponents/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Get a Connected Environment's Certificate", - "displayName": "Read Connected Environment Certificate", - "name": "microsoft.app/connectedenvironments/certificates/read", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Allows to create a Container App or Container Apps Job in a Connected Environment", - "displayName": "Join Connected Environment", - "name": "microsoft.app/connectedenvironments/join/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Check reource name availability for a Connected Environment", - "displayName": "Check Connected Environment Name Availability", - "name": "microsoft.app/connectedenvironments/checknameavailability/action", - "providerDisplayName": "Microsoft Apps", - "providerName": "microsoft.app" - }, - { - "description": "Gets or lists deployments.", - "displayName": "Get Deployment", - "name": "Microsoft.Resources/deployments/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Creates or updates an deployment.", - "displayName": "Create Deployment", - "name": "Microsoft.Resources/deployments/write", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Deletes a deployment.", - "displayName": "Delete Deployment", - "name": "Microsoft.Resources/deployments/delete", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Cancels a deployment.", - "displayName": "Cancel Deployment", - "name": "Microsoft.Resources/deployments/cancel/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Validates an deployment.", - "displayName": "Validate Deployment", - "name": "Microsoft.Resources/deployments/validate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Predicts template deployment changes.", - "displayName": "Deployment What-If", - "name": "Microsoft.Resources/deployments/whatIf/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Export template for a deployment", - "displayName": "Export template for deployment", - "name": "Microsoft.Resources/deployments/exportTemplate/action", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operations.", - "displayName": "Get Deployment Operation", - "name": "Microsoft.Resources/deployments/operations/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" - }, - { - "description": "Gets or lists deployment operation statuses.", - "displayName": "Get deployment operation status", - "name": "Microsoft.Resources/deployments/operationstatuses/read", - "providerDisplayName": "Microsoft Resources", - "providerName": "Microsoft.Resources" } ], "permittedDataActions": [], @@ -1191130,20 +1193732,7 @@ "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "microsoft.app/jobs/read", - "Microsoft.App/jobs/*/read", - "Microsoft.App/jobs/*/action", - "Microsoft.App/jobs/write", - "Microsoft.App/jobs/delete", - "Microsoft.app/managedenvironments/read", - "Microsoft.App/managedenvironments/*/read", - "Microsoft.App/managedenvironments/join/action", - "Microsoft.App/managedenvironments/checknameavailability/action", - "Microsoft.app/connectedEnvironments/read", - "Microsoft.App/connectedEnvironments/*/read", - "Microsoft.App/connectedEnvironments/join/action", - "Microsoft.App/connectedEnvironments/checknameavailability/action", - "Microsoft.Resources/deployments/*" + "Microsoft.App/managedEnvironments/*/read" ], "condition": null, "conditionVersion": null, @@ -1191154,10 +1193743,10 @@ ] }, { - "description": "Full management of Container Apps SessionPools, including creation, deletion, and updates.", + "description": "Full management of Container Apps jobs, including creation, deletion, and updates.", "hasExternal": false, - "hasUnknown": true, - "name": "Container Apps SessionPools Contributor", + "hasUnknown": false, + "name": "Container Apps Jobs Contributor", "permittedActions": [ { "description": "Reads the administrators for the subscription.", @@ -1191397,6 +1193986,76 @@ "providerDisplayName": "Microsoft Azure Monitor", "providerName": "Microsoft.Insights" }, + { + "description": "Get a Container Apps Job", + "displayName": "Read Container Apps Job", + "name": "microsoft.app/jobs/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get a Container Apps Job's execution history", + "displayName": "Get a Container Apps Job's execution history", + "name": "microsoft.app/jobs/executions/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Get a single execution from a Container Apps Job", + "displayName": "Get a single execution from a Container Apps Job", + "name": "microsoft.app/jobs/execution/read", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Start a Container Apps Job", + "displayName": "Start a Container Apps Job", + "name": "microsoft.app/jobs/start/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Stop multiple Container Apps Job executions", + "displayName": "Stop multiple Container Apps Job executions", + "name": "microsoft.app/jobs/stop/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "List secrets of a container apps job", + "displayName": "List Container Apps Job Secrets", + "name": "microsoft.app/jobs/listsecrets/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Stop a Container Apps Job's specific execution", + "displayName": "Stop a Container Apps Job's specific execution", + "name": "microsoft.app/jobs/stop/execution/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Stop a Container Apps Job's specific execution", + "displayName": "Stop a Container Apps Job's specific execution", + "name": "microsoft.app/jobs/stop/execution/backport/action", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Create or update a Container Apps Job", + "displayName": "Create or Update Container Apps Job", + "name": "microsoft.app/jobs/write", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, + { + "description": "Delete a Container Apps Job", + "displayName": "Delete Container Apps Job", + "name": "microsoft.app/jobs/delete", + "providerDisplayName": "Microsoft Apps", + "providerName": "microsoft.app" + }, { "description": "Get a Managed Environment", "displayName": "Read Managed Environment", @@ -1191579,15 +1194238,16 @@ "actions": [ "Microsoft.Authorization/*/read", "Microsoft.Insights/alertRules/*", - "Microsoft.App/sessionPools/*/read", - "Microsoft.App/sessionPools/*/write", - "Microsoft.App/sessionPools/*/delete", - "Microsoft.App/sessionPools/*/action", - "microsoft.App/managedEnvironments/read", - "Microsoft.App/managedEnvironments/*/read", - "Microsoft.App/managedEnvironments/join/action", - "Microsoft.App/managedEnvironments/checknameavailability/action", - "microsoft.App/connectedEnvironments/read", + "microsoft.app/jobs/read", + "Microsoft.App/jobs/*/read", + "Microsoft.App/jobs/*/action", + "Microsoft.App/jobs/write", + "Microsoft.App/jobs/delete", + "Microsoft.app/managedenvironments/read", + "Microsoft.App/managedenvironments/*/read", + "Microsoft.App/managedenvironments/join/action", + "Microsoft.App/managedenvironments/checknameavailability/action", + "Microsoft.app/connectedEnvironments/read", "Microsoft.App/connectedEnvironments/*/read", "Microsoft.App/connectedEnvironments/join/action", "Microsoft.App/connectedEnvironments/checknameavailability/action", diff --git a/azure/provider-operations.json b/azure/provider-operations.json index 342e9e841..c939643ed 100644 --- a/azure/provider-operations.json +++ b/azure/provider-operations.json @@ -17926,13 +17926,7 @@ } ], "description": "The number of failed key lookups. For more details, see https://aka.ms/redis/enterprise/metrics.", - "dimensions": [ - { - "DisplayName": "InstanceId", - "Name": "InstanceId", - "ToBeExportedForShoebox": true - } - ], + "dimensions": null, "displayDescription": null, "displayName": "Cache Misses", "name": "cachemisses", @@ -18128,13 +18122,7 @@ } ], "description": "The percentage of cache memory used for key/value pairs. For more details, see https://aka.ms/redis/enterprise/metrics.", - "dimensions": [ - { - "DisplayName": "InstanceId", - "Name": "InstanceId", - "ToBeExportedForShoebox": true - } - ], + "dimensions": null, "displayDescription": null, "displayName": "Used Memory Percentage", "name": "usedmemorypercentage", @@ -18215,36 +18203,6 @@ "name": "cacheRead", "unit": "BytesPerSecond" }, - { - "aggregationType": "Maximum", - "availabilities": [ - { - "Retention": "P90D", - "TimeGrain": "PT5M" - }, - { - "Retention": "P90D", - "TimeGrain": "PT1H" - } - ], - "description": "The number errors that occured on the cache. For more details, see https://aka.ms/redis/enterprise/metrics.", - "dimensions": [ - { - "DisplayName": "InstanceId", - "Name": "InstanceId", - "ToBeExportedForShoebox": true - }, - { - "DisplayName": "ErrorType", - "Name": "ErrorType", - "ToBeExportedForShoebox": true - } - ], - "displayDescription": null, - "displayName": "Errors", - "name": "errors", - "unit": "Count" - }, { "aggregationType": "Maximum", "availabilities": [ @@ -39971,7 +39929,7 @@ ] }, { - "displayName": "Translation operations for public preview.", + "displayName": "Translation operations.", "name": "accounts/VideoTranslation/Translations", "operations": [ { @@ -42051,7 +42009,7 @@ ] }, { - "displayName": "Video file target locale operations.", + "displayName": "Video file target locale operations for portal and private preview.", "name": "accounts/VideoTranslation/TargetLocales", "operations": [ { @@ -42103,7 +42061,7 @@ ] }, { - "displayName": "Iteration operations for public preview.", + "displayName": "Iteration operations.", "name": "accounts/VideoTranslation/Iterations", "operations": [ { @@ -42125,7 +42083,7 @@ ] }, { - "displayName": "Operation operations for public preview.", + "displayName": "Operation operations.", "name": "accounts/VideoTranslation/Operations", "operations": [ { @@ -42211,6 +42169,50 @@ "properties": null } ] + }, + { + "displayName": "Consent operations.", + "name": "accounts/VideoTranslation/Consents", + "operations": [ + { + "description": "Create consent.", + "displayName": "Create consent.", + "isDataAction": true, + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/Consents/write", + "origin": "user", + "properties": null + }, + { + "description": "Read consent.", + "displayName": "Read consent.", + "isDataAction": true, + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/Consents/read", + "origin": "user", + "properties": null + }, + { + "description": "Delete consent.", + "displayName": "Delete consent.", + "isDataAction": true, + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/Consents/delete", + "origin": "user", + "properties": null + } + ] + }, + { + "displayName": "DefaultConsentTemplat operations.", + "name": "accounts/VideoTranslation/DefaultConsentTemplates", + "operations": [ + { + "description": "Read default consent template.", + "displayName": "Read default consent template.", + "isDataAction": true, + "name": "Microsoft.CognitiveServices/accounts/VideoTranslation/DefaultConsentTemplates/read", + "origin": "user", + "properties": null + } + ] } ], "type": "Microsoft.Authorization/providerOperations" @@ -125924,6 +125926,14 @@ "origin": null, "properties": null }, + { + "description": "Join Application Gateway Web Application Firewall Policy. Not alertable", + "displayName": "Join Application Gateway Web Application Firewall Policy", + "isDataAction": false, + "name": "Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/join/action", + "origin": null, + "properties": null + }, { "description": "Attaches Web application firewall policy to application gateway for containers", "displayName": "Attaches Web application firewall policy to application gateway for containers", @@ -130942,6 +130952,348 @@ "properties": null } ] + }, + { + "displayName": "Network Group Member", + "name": "networkManagers/networkGroups/members", + "operations": [ + { + "description": "Get Network Group Member", + "displayName": "Get Network Group Member", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/networkGroups/members/read", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Network Group Aggregated Ip Address Space", + "name": "networkManagers/networkGroups/aggregatedIpAddressSpaces", + "operations": [ + { + "description": "Permission needed to get the aggregated Ip address space for the members of a network group", + "displayName": "Get Network Group Aggregated Ip Address Space", + "isDataAction": false, + "name": "Microsoft.network/networkManagers/networkGroups/aggregatedIpAddressSpaces/read", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Connectivity Configuration Snapshot", + "name": "networkManagers/connectivityConfigurations/snapshots", + "operations": [ + { + "description": "Permission to get snapshots of a deployed connectivity configuration resource.", + "displayName": "Get Connectivity Configuration Snapshot", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/connectivityConfigurations/snapshots/read", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Connectivity Regional Goal State", + "name": "networkManagers/connectivityRegionalGoalStates", + "operations": [ + { + "description": "Permission to get the connectivity goal state in a given region for a network manager.", + "displayName": "Get Connectivity Regional Goal State", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/connectivityRegionalGoalStates/read", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Security Admin Configuration Snapshot", + "name": "networkManagers/securityAdminConfigurations/snapshots", + "operations": [ + { + "description": "Permission to get snapshots of a deployed security admin configuration resource.", + "displayName": "Get Security Admin Configuration Snapshot", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/snapshots/read", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Security Admin Rule Collection Snapshot", + "name": "networkManagers/securityAdminConfigurations/ruleCollections/snapshots", + "operations": [ + { + "description": "Permission to get snapshots of a deployed security admin rule collection resource.", + "displayName": "Get Security Admin Rule Collection Snapshot", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/snapshots/read", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Security Admin Rule Snapshot", + "name": "networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots", + "operations": [ + { + "description": "Permission to get snapshots of a deployed security admin rule resource.", + "displayName": "Get Security Admin Rule Snapshot", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules/snapshots/read", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Security Admin Regional Goal State", + "name": "networkManagers/securityAdminRegionalGoalStates", + "operations": [ + { + "description": "Permission to get the security admin goal state in a given region for a network manager.", + "displayName": "Get Security Admin Regional Goal State", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/securityAdminRegionalGoalStates/read", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Security User Configuration Snapshot", + "name": "networkManagers/securityUserConfigurations/snapshots", + "operations": [ + { + "description": "Permission to get snapshots of a deployed security user configuration resource.", + "displayName": "Get Security User Configuration Snapshot", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/snapshots/read", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Security User Rule Collection Snapshot", + "name": "networkManagers/securityUserConfigurations/ruleCollections/snapshots", + "operations": [ + { + "description": "Permission to get snapshots of a deployed security user rule collection resource.", + "displayName": "Get Security User Rule Collection Snapshot", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/snapshots/read", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Security User Rule Snapshot", + "name": "networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots", + "operations": [ + { + "description": "Permission to get snapshots of a deployed security user rule resource.", + "displayName": "Get Security User Rule Snapshot", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/securityUserConfigurations/ruleCollections/rules/snapshots/read", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Security User Regional Goal State", + "name": "networkManagers/securityUserRegionalGoalStates", + "operations": [ + { + "description": "Permission to get the security user goal state in a given region for a network manager.", + "displayName": "Get Security User Regional Goal State", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/securityUserRegionalGoalStates/read", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Effective Security User Rule", + "name": "virtualNetworks/subnets/effectiveSecurityUserRules", + "operations": [ + { + "description": "Permission to get the security user rule(s) taking effect on a subnet.", + "displayName": "Get Effective Security User Rule", + "isDataAction": false, + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveSecurityUserRules/read", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Routing Configuration", + "name": "networkManagers/routingConfigurations", + "operations": [ + { + "description": "Get Routing Configuration", + "displayName": "Get Routing Configuration", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/routingConfigurations/read", + "origin": null, + "properties": null + }, + { + "description": "Create Or Update Routing Configuration", + "displayName": "Create Or Update Routing Configuration", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/routingConfigurations/write", + "origin": null, + "properties": null + }, + { + "description": "Delete Routing Configuration", + "displayName": "Delete Routing Configuration", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/routingConfigurations/delete", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Routing Rule Collection", + "name": "networkManagers/routingConfigurations/ruleCollections", + "operations": [ + { + "description": "Get Routing Rule Collection", + "displayName": "Get Routing Rule Collection", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/read", + "origin": null, + "properties": null + }, + { + "description": "Create Or Update Routing Rule Collection", + "displayName": "Create Or Update Routing Rule Collection", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/write", + "origin": null, + "properties": null + }, + { + "description": "Delete Routing Rule Collection", + "displayName": "Delete Routing Rule Collection", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/delete", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Routing Rule", + "name": "networkManagers/routingConfigurations/ruleCollections/rules", + "operations": [ + { + "description": "Get Routing Rule", + "displayName": "Get Routing Rule", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/read", + "origin": null, + "properties": null + }, + { + "description": "Create Or Update Routing Rule", + "displayName": "Create Or Update Routing Rule", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/write", + "origin": null, + "properties": null + }, + { + "description": "Delete Routing Rule", + "displayName": "Delete Routing Rule", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/delete", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Routing Configuration Snapshot", + "name": "networkManagers/routingConfigurations/snapshots", + "operations": [ + { + "description": "Permission to get snapshots of a deployed routing configuration resource.", + "displayName": "Get Routing Configuration Snapshot", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/routingConfigurations/snapshots/read", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Routing Rule Collection Snapshot", + "name": "networkManagers/routingConfigurations/ruleCollections/snapshots", + "operations": [ + { + "description": "Permission to get snapshots of a deployed routing rule collection resource.", + "displayName": "Get Routing Rule Collection Snapshot", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/snapshots/read", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Routing Rule Snapshot", + "name": "networkManagers/routingConfigurations/ruleCollections/rules/snapshots", + "operations": [ + { + "description": "Permission to get snapshots of a deployed routing rule resource.", + "displayName": "Get Routing Rule Snapshot", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/routingConfigurations/ruleCollections/rules/snapshots/read", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Routing Regional Goal State", + "name": "networkManagers/routingRegionalGoalStates", + "operations": [ + { + "description": "Permission to get the routing goal state in a given region for a network manager.", + "displayName": "Get Regional Regional Goal State", + "isDataAction": false, + "name": "Microsoft.Network/networkManagers/routingRegionalGoalStates/read", + "origin": null, + "properties": null + } + ] + }, + { + "displayName": "Effective Routing Rule", + "name": "virtualNetworks/subnets/effectiveRoutingRules", + "operations": [ + { + "description": "Permission to get the routing rule(s) taking effect on a subnet.", + "displayName": "Get Effective Regional Rule", + "isDataAction": false, + "name": "Microsoft.Network/virtualNetworks/subnets/effectiveRoutingRules/read", + "origin": null, + "properties": null + } + ] } ], "type": "Microsoft.Authorization/providerOperations" @@ -272545,92 +272897,6 @@ ], "type": "Microsoft.Authorization/providerOperations" }, - { - "displayName": "Microsoft.MobilePacketCore", - "id": "/providers/Microsoft.Authorization/providerOperations/Microsoft.MobilePacketCore", - "name": "Microsoft.MobilePacketCore", - "operations": [ - { - "description": "Register the subscription for Microsoft.MobilePacketCore", - "displayName": "Register the Microsoft.MobilePacketCore", - "isDataAction": false, - "name": "Microsoft.MobilePacketCore/register/action", - "origin": null, - "properties": null - }, - { - "description": "Unregister the subscription for Microsoft.MobilePacketCore", - "displayName": "Unregister the Microsoft.MobilePacketCore", - "isDataAction": false, - "name": "Microsoft.MobilePacketCore/unregister/action", - "origin": null, - "properties": null - } - ], - "resourceTypes": [ - { - "displayName": "mobilePacketCores/safeDeploymentContinue", - "name": "mobilePacketCores", - "operations": [ - { - "description": "action safeDeploymentContinue", - "displayName": "MobilePacketCores_SafeDeploymentContinue", - "isDataAction": false, - "name": "Microsoft.MobilePacketCore/mobilePacketCores/safeDeploymentContinue/action", - "origin": null, - "properties": null - }, - { - "description": "action whatIfActivate", - "displayName": "MobilePacketCores_WhatIfActivate", - "isDataAction": false, - "name": "Microsoft.MobilePacketCore/mobilePacketCores/whatIfActivate/action", - "origin": null, - "properties": null - }, - { - "description": "action whatIfSnapshot", - "displayName": "MobilePacketCores_WhatIfSnapshot", - "isDataAction": false, - "name": "Microsoft.MobilePacketCore/mobilePacketCores/whatIfSnapshot/action", - "origin": null, - "properties": null - } - ] - }, - { - "displayName": "mobilePacketCores/configSnapshots/getResource", - "name": "mobilePacketCores/configSnapshots", - "operations": [ - { - "description": "action getResource", - "displayName": "ConfigSnapshots_GetResource", - "isDataAction": false, - "name": "Microsoft.MobilePacketCore/mobilePacketCores/configSnapshots/getResource/action", - "origin": null, - "properties": null - }, - { - "description": "action getSummaryOfChanges", - "displayName": "ConfigSnapshots_GetSummaryOfChanges", - "isDataAction": false, - "name": "Microsoft.MobilePacketCore/mobilePacketCores/configSnapshots/getSummaryOfChanges/action", - "origin": null, - "properties": null - }, - { - "description": "action getManifest", - "displayName": "ConfigSnapshots_GetManifest", - "isDataAction": false, - "name": "Microsoft.MobilePacketCore/mobilePacketCores/configSnapshots/getManifest/action", - "origin": null, - "properties": null - } - ] - } - ], - "type": "Microsoft.Authorization/providerOperations" - }, { "displayName": null, "id": "/providers/Microsoft.Authorization/providerOperations/Microsoft.Azure.Geneva", diff --git a/gcp/map.json b/gcp/map.json index 8632c78bc..665a877a0 100644 --- a/gcp/map.json +++ b/gcp/map.json @@ -3619,8 +3619,8 @@ "permissions": [ { "discoveryMethodologies": [ - "manual", - "restcrawliamblockv1" + "restcrawliamblockv1", + "manual" ], "name": "analyticshub.subscriptions.delete" } @@ -3630,8 +3630,8 @@ "permissions": [ { "discoveryMethodologies": [ - "manual", - "restcrawliamblockv1" + "restcrawliamblockv1", + "manual" ], "name": "analyticshub.subscriptions.get" } @@ -3664,8 +3664,8 @@ "permissions": [ { "discoveryMethodologies": [ - "manual", - "restcrawliamblockv1" + "restcrawliamblockv1", + "manual" ], "name": "analyticshub.subscriptions.list" } @@ -7621,8 +7621,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "apikeys.keys.create", "parameterName": "parent", @@ -7634,8 +7634,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "apikeys.keys.delete", "parameterName": "name", @@ -7647,8 +7647,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "apikeys.keys.get", "parameterName": "name", @@ -7660,8 +7660,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "apikeys.keys.getKeyString", "parameterName": "name", @@ -7673,8 +7673,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "apikeys.keys.list", "parameterName": "parent", @@ -7696,8 +7696,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "apikeys.keys.undelete", "parameterName": "name", @@ -8466,8 +8466,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "artifactregistry.kfpartifacts.create", "parameterName": "parent", @@ -8826,8 +8826,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "assuredworkloads.workload.create", "parameterName": "parent", @@ -8839,8 +8839,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "assuredworkloads.workload.delete", "parameterName": "name", @@ -8852,8 +8852,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "assuredworkloads.workload.update", "parameterName": "name", @@ -8865,8 +8865,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "assuredworkloads.workload.get", "parameterName": "name", @@ -8878,8 +8878,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "assuredworkloads.workload.list", "parameterName": "parent", @@ -8891,8 +8891,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "assuredworkloads.workload.update", "parameterName": "name", @@ -8934,8 +8934,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "assuredworkloads.violations.get", "parameterName": "name", @@ -8947,8 +8947,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "assuredworkloads.violations.list", "parameterName": "parent", @@ -27516,8 +27516,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "dataplex.aspectTypes.create", "parameterName": "parent", @@ -27529,8 +27529,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "dataplex.aspectTypes.delete", "parameterName": "name", @@ -27542,8 +27542,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "dataplex.aspectTypes.get", "parameterName": "name", @@ -27556,8 +27556,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "lowConfidence": true, "name": "dataplex.aspectTypes.list", @@ -27582,8 +27582,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "name": "dataplex.dataAttributeBindings.create", "parameterName": "parent", @@ -27595,8 +27595,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "name": "dataplex.dataAttributeBindings.delete", "parameterName": "name", @@ -27608,8 +27608,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "name": "dataplex.dataAttributeBindings.get", "parameterName": "name", @@ -27631,8 +27631,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "name": "dataplex.dataAttributeBindings.list", "parameterName": "parent", @@ -27671,8 +27671,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "lowConfidence": true, "name": "dataplex.datascans.create", @@ -27685,8 +27685,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "lowConfidence": true, "name": "dataplex.datascans.delete", @@ -27764,8 +27764,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "lowConfidence": true, "name": "dataplex.datascans.list", @@ -27794,8 +27794,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "lowConfidence": true, "name": "dataplex.datascans.run", @@ -27875,8 +27875,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "name": "dataplex.dataTaxonomies.create", "parameterName": "parent", @@ -27888,8 +27888,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "name": "dataplex.dataTaxonomies.delete", "parameterName": "name", @@ -27901,8 +27901,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "name": "dataplex.dataTaxonomies.get", "parameterName": "name", @@ -27924,8 +27924,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "name": "dataplex.dataTaxonomies.list", "parameterName": "parent", @@ -27964,8 +27964,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "dataplex.entryGroups.create", "parameterName": "parent", @@ -27977,8 +27977,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "dataplex.entryGroups.delete", "parameterName": "name", @@ -28130,8 +28130,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "dataplex.entryGroups.get", "parameterName": "name", @@ -28144,8 +28144,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "lowConfidence": true, "name": "dataplex.entryGroups.list", @@ -28170,8 +28170,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "dataplex.entryTypes.create", "parameterName": "parent", @@ -28183,8 +28183,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "dataplex.entryTypes.delete", "parameterName": "name", @@ -28196,8 +28196,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "dataplex.entryTypes.get", "parameterName": "name", @@ -28210,8 +28210,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "lowConfidence": true, "name": "dataplex.entryTypes.list", @@ -38464,8 +38464,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "firebasestorage.buckets.addFirebase", "parameterName": "bucket", @@ -38477,8 +38477,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "firebasestorage.buckets.get", "parameterName": "name", @@ -38490,8 +38490,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "firebasestorage.buckets.list", "parameterName": "parent", @@ -38503,8 +38503,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "firebasestorage.buckets.removeFirebase", "parameterName": "bucket", @@ -44091,8 +44091,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "iap.tunnelDestGroups.create", "parameterFormat": "projects/{projectNumber/id}/iap_tunnel/locations/{location}", @@ -44106,8 +44106,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "iap.tunnelDestGroups.delete", "parameterFormat": "projects/{projectNumber/id}/iap_tunnel/locations/{location}/destGroups/{dest_group}", @@ -44121,8 +44121,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "name": "iap.tunnelDestGroups.get", "parameterFormat": "projects/{projectNumber/id}/iap_tunnel/locations/{location}/destGroups/{dest_group}", @@ -44136,8 +44136,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "restcrawliamblockv1" + "restcrawliamblockv1", + "restcrawlv1" ], "lowConfidence": true, "name": "iap.tunnelDestGroups.list", @@ -50171,8 +50171,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "name": "networkconnectivity.policyBasedRoutes.create", "parameterName": "parent", @@ -50184,8 +50184,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "name": "networkconnectivity.policyBasedRoutes.delete", "parameterName": "name", @@ -50197,8 +50197,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "name": "networkconnectivity.policyBasedRoutes.get", "parameterName": "name", @@ -50220,8 +50220,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "name": "networkconnectivity.policyBasedRoutes.list", "parameterName": "parent", @@ -52267,8 +52267,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "name": "notebooks.instances.diagnose", "parameterName": "name", @@ -53658,8 +53658,8 @@ "permissions": [ { "discoveryMethodologies": [ - "manual", - "restcrawliamblockv1" + "restcrawliamblockv1", + "manual" ], "name": "policysimulator.replays.create" } @@ -53669,8 +53669,8 @@ "permissions": [ { "discoveryMethodologies": [ - "manual", - "restcrawliamblockv1" + "restcrawliamblockv1", + "manual" ], "name": "policysimulator.replays.get" } @@ -53680,8 +53680,8 @@ "permissions": [ { "discoveryMethodologies": [ - "manual", - "restcrawliamblockv1" + "restcrawliamblockv1", + "manual" ], "name": "policysimulator.replays.list" } @@ -64427,8 +64427,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "name": "cloudsecurityscanner.scanruns.get", "parameterName": "name", @@ -64446,8 +64446,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "name": "cloudsecurityscanner.scanruns.list", "parameterName": "parent", @@ -64459,8 +64459,8 @@ "permissions": [ { "discoveryMethodologies": [ - "restcrawlv1", - "manual" + "manual", + "restcrawlv1" ], "name": "cloudsecurityscanner.scanruns.stop", "parameterName": "name", diff --git a/gcp/predefined_roles.json b/gcp/predefined_roles.json index c70f98343..596daba10 100644 --- a/gcp/predefined_roles.json +++ b/gcp/predefined_roles.json @@ -838,6 +838,7 @@ { "description": "Access to manage artifacts in repositories, as well as create new repositories on push", "etag": "AA==", + "has_undocumented": true, "name": "roles/artifactregistry.createOnPushRepoAdmin", "stage": "GA", "title": "Artifact Registry Create-on-Push Repository Administrator" @@ -845,6 +846,7 @@ { "description": "Access to read and write repository items, as well as create new repositories on push", "etag": "AA==", + "has_undocumented": true, "name": "roles/artifactregistry.createOnPushWriter", "stage": "GA", "title": "Artifact Registry Create-on-Push Writer" @@ -2167,6 +2169,7 @@ "etag": "AA==", "has_dataaccess": true, "has_privesc": true, + "has_undocumented": true, "name": "roles/cloudbuild.serviceAgent", "stage": "GA", "title": "Cloud Build Service Agent" @@ -3237,6 +3240,7 @@ "etag": "AA==", "has_dataaccess": true, "has_privesc": true, + "has_undocumented": true, "name": "roles/composer.worker", "stage": "GA", "title": "Composer Worker" @@ -8411,7 +8415,6 @@ { "description": "Full access to Network Management resources.", "etag": "AA==", - "has_undocumented": true, "name": "roles/networkmanagement.admin", "stage": "GA", "title": "Network Management Admin" diff --git a/gcp/role_permissions.json b/gcp/role_permissions.json index 359738bc7..254077c35 100644 --- a/gcp/role_permissions.json +++ b/gcp/role_permissions.json @@ -18684,6 +18684,11 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "alloydb.databases.list": [ @@ -36992,6 +36997,16 @@ "name": "Artifact Registry Administrator", "undocumented": true }, + { + "id": "roles/artifactregistry.createOnPushRepoAdmin", + "name": "Artifact Registry Create-on-Push Repository Administrator", + "undocumented": true + }, + { + "id": "roles/artifactregistry.createOnPushWriter", + "name": "Artifact Registry Create-on-Push Writer", + "undocumented": true + }, { "id": "roles/artifactregistry.repoAdmin", "name": "Artifact Registry Repository Administrator", @@ -37007,16 +37022,31 @@ "name": "Cloud Build Service Account", "undocumented": true }, + { + "id": "roles/cloudbuild.serviceAgent", + "name": "Cloud Build Service Agent", + "undocumented": true + }, { "id": "roles/cloudfunctions.serviceAgent", "name": "Cloud Functions Service Agent", "undocumented": true }, + { + "id": "roles/composer.worker", + "name": "Composer Worker", + "undocumented": true + }, { "id": "roles/editor", "name": "Editor", "undocumented": true }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": true + }, { "id": "roles/visualinspection.serviceAgent", "name": "Visual Inspection AI Service Agent", @@ -38359,6 +38389,16 @@ "name": "Artifact Registry Administrator", "undocumented": false }, + { + "id": "roles/artifactregistry.createOnPushRepoAdmin", + "name": "Artifact Registry Create-on-Push Repository Administrator", + "undocumented": false + }, + { + "id": "roles/artifactregistry.createOnPushWriter", + "name": "Artifact Registry Create-on-Push Writer", + "undocumented": false + }, { "id": "roles/artifactregistry.repoAdmin", "name": "Artifact Registry Repository Administrator", @@ -38374,16 +38414,31 @@ "name": "Cloud Build Service Account", "undocumented": false }, + { + "id": "roles/cloudbuild.serviceAgent", + "name": "Cloud Build Service Agent", + "undocumented": false + }, { "id": "roles/cloudfunctions.serviceAgent", "name": "Cloud Functions Service Agent", "undocumented": false }, + { + "id": "roles/composer.worker", + "name": "Composer Worker", + "undocumented": false + }, { "id": "roles/editor", "name": "Editor", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/visualinspection.serviceAgent", "name": "Visual Inspection AI Service Agent", @@ -41382,6 +41437,11 @@ "name": "Artifact Registry Administrator", "undocumented": true }, + { + "id": "roles/artifactregistry.createOnPushRepoAdmin", + "name": "Artifact Registry Create-on-Push Repository Administrator", + "undocumented": true + }, { "id": "roles/artifactregistry.repoAdmin", "name": "Artifact Registry Repository Administrator", @@ -41392,11 +41452,21 @@ "name": "Cloud Functions Service Agent", "undocumented": true }, + { + "id": "roles/composer.worker", + "name": "Composer Worker", + "undocumented": true + }, { "id": "roles/editor", "name": "Editor", "undocumented": true }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": true + }, { "id": "roles/visualinspection.serviceAgent", "name": "Visual Inspection AI Service Agent", @@ -46805,6 +46875,11 @@ "name": "Backup and DR Backup User", "undocumented": false }, + { + "id": "roles/backupdr.user", + "name": "Backup and DR User", + "undocumented": false + }, { "id": "roles/backupdr.userv2", "name": "Backup and DR User V2", @@ -46814,6 +46889,11 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "backupdr.backupPlanAssociations.delete": [ @@ -46827,6 +46907,11 @@ "name": "Backup and DR Backup User", "undocumented": false }, + { + "id": "roles/backupdr.user", + "name": "Backup and DR User", + "undocumented": false + }, { "id": "roles/backupdr.userv2", "name": "Backup and DR User V2", @@ -46836,6 +46921,11 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "backupdr.backupPlanAssociations.get": [ @@ -46864,6 +46954,11 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -46896,6 +46991,21 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/iam.securityAdmin", + "name": "Security Admin", + "undocumented": false + }, + { + "id": "roles/iam.securityReviewer", + "name": "Security Reviewer", + "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -46922,6 +47032,11 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "backupdr.backupPlans.create": [ @@ -46939,6 +47054,11 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "backupdr.backupPlans.delete": [ @@ -46956,6 +47076,11 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "backupdr.backupPlans.get": [ @@ -46984,6 +47109,11 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -47016,6 +47146,21 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/iam.securityAdmin", + "name": "Security Admin", + "undocumented": false + }, + { + "id": "roles/iam.securityReviewer", + "name": "Security Reviewer", + "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -47042,6 +47187,11 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "backupdr.backupVaults.associate": [ @@ -47050,6 +47200,11 @@ "name": "Backup and DR Admin", "undocumented": false }, + { + "id": "roles/backupdr.backupvaultAdmin", + "name": "Backup and DR Backup Vault Admin", + "undocumented": false + }, { "id": "roles/backupdr.userv2", "name": "Backup and DR User V2", @@ -47059,6 +47214,11 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "backupdr.backupVaults.create": [ @@ -47755,6 +47915,11 @@ "name": "Backup and DR Admin", "undocumented": false }, + { + "id": "roles/backupdr.backupvaultAdmin", + "name": "Backup and DR Backup Vault Admin", + "undocumented": false + }, { "id": "roles/backupdr.restoreUser", "name": "Backup and DR Restore User", @@ -47769,6 +47934,11 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "backupdr.locations.get": [ @@ -54213,6 +54383,11 @@ } ], "beyondcorp.subscriptions.terminate": [ + { + "id": "roles/beyondcorp.admin", + "name": "Cloud BeyondCorp Admin", + "undocumented": false + }, { "id": "roles/beyondcorp.subscriptionAdmin", "name": "Cloud BeyondCorp Subscription Admin", @@ -54222,9 +54397,19 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "beyondcorp.subscriptions.update": [ + { + "id": "roles/beyondcorp.admin", + "name": "Cloud BeyondCorp Admin", + "undocumented": false + }, { "id": "roles/beyondcorp.subscriptionAdmin", "name": "Cloud BeyondCorp Subscription Admin", @@ -54234,6 +54419,11 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "biglake.catalogs.create": [ @@ -117365,6 +117555,11 @@ } ], "cloudkms.operations.get": [ + { + "id": "roles/cloudkms.admin", + "name": "Cloud KMS Admin", + "undocumented": false + }, { "id": "roles/cloudkms.viewer", "name": "Cloud KMS Viewer", @@ -117375,6 +117570,11 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -216297,6 +216497,11 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "contactcenterinsights.feedbackLabels.get": [ @@ -216390,6 +216595,11 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "contactcenterinsights.issueModels.create": [ @@ -217011,6 +217221,11 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "contactcenterinsights.qaScorecardRevisions.deploy": [ @@ -217104,6 +217319,11 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "contactcenterinsights.qaScorecards.create": [ @@ -252862,6 +253082,11 @@ "name": "Data Catalog Admin", "undocumented": false }, + { + "id": "roles/datacatalog.dataSteward", + "name": "DataCatalog Data Steward", + "undocumented": false + }, { "id": "roles/datacatalog.entryViewer", "name": "DataCatalog Entry Viewer", @@ -252882,6 +253107,11 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -252903,6 +253133,11 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "datacatalog.operations.list": [ @@ -255198,6 +255433,11 @@ "name": "BigQuery Studio Admin", "undocumented": false }, + { + "id": "roles/dataflow.serviceAgent", + "name": "Cloud Dataflow Service Agent", + "undocumented": false + }, { "id": "roles/dataform.admin", "name": "Dataform Admin", @@ -255208,11 +255448,26 @@ "name": "Dataform Editor", "undocumented": false }, + { + "id": "roles/dataform.viewer", + "name": "Dataform Viewer", + "undocumented": false + }, + { + "id": "roles/dataplex.serviceAgent", + "name": "Cloud Dataplex Service Agent", + "undocumented": false + }, { "id": "roles/editor", "name": "Editor", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -255235,15 +255490,30 @@ "name": "BigQuery Studio Admin", "undocumented": false }, + { + "id": "roles/dataflow.serviceAgent", + "name": "Cloud Dataflow Service Agent", + "undocumented": false + }, { "id": "roles/dataform.admin", "name": "Dataform Admin", "undocumented": false }, + { + "id": "roles/dataplex.serviceAgent", + "name": "Cloud Dataplex Service Agent", + "undocumented": false + }, { "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "dataform.locations.get": [ @@ -262348,6 +262618,11 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "datamigration.migrationjobs.generateSshScript": [ @@ -286598,6 +286873,16 @@ } ], "discoveryengine.aclConfigs.get": [ + { + "id": "roles/discoveryengine.admin", + "name": "Discovery Engine Admin", + "undocumented": false + }, + { + "id": "roles/discoveryengine.editor", + "name": "Discovery Engine Editor", + "undocumented": false + }, { "id": "roles/discoveryengine.viewer", "name": "Discovery Engine Viewer", @@ -286608,6 +286893,11 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -286615,10 +286905,20 @@ } ], "discoveryengine.aclConfigs.update": [ + { + "id": "roles/discoveryengine.admin", + "name": "Discovery Engine Admin", + "undocumented": false + }, { "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "discoveryengine.analytics.acquireDashboardSession": [ @@ -343175,6 +343475,16 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/managedflink.admin", + "name": "Managed Flink Admin", + "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "managedflink.deployments.delete": [ @@ -343182,6 +343492,16 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/managedflink.admin", + "name": "Managed Flink Admin", + "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "managedflink.deployments.get": [ @@ -343190,6 +343510,11 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/managedflink.admin", + "name": "Managed Flink Admin", + "undocumented": false + }, { "id": "roles/managedflink.developer", "name": "Managed Flink Developer", @@ -343200,6 +343525,11 @@ "name": "Managed Flink Viewer", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -343212,6 +343542,21 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/iam.securityAdmin", + "name": "Security Admin", + "undocumented": false + }, + { + "id": "roles/iam.securityReviewer", + "name": "Security Reviewer", + "undocumented": false + }, + { + "id": "roles/managedflink.admin", + "name": "Managed Flink Admin", + "undocumented": false + }, { "id": "roles/managedflink.developer", "name": "Managed Flink Developer", @@ -343222,6 +343567,11 @@ "name": "Managed Flink Viewer", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -343233,6 +343583,16 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/managedflink.admin", + "name": "Managed Flink Admin", + "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "managedflink.jobs.create": [ @@ -343241,10 +343601,20 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/managedflink.admin", + "name": "Managed Flink Admin", + "undocumented": false + }, { "id": "roles/managedflink.developer", "name": "Managed Flink Developer", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "managedflink.jobs.delete": [ @@ -343253,10 +343623,20 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/managedflink.admin", + "name": "Managed Flink Admin", + "undocumented": false + }, { "id": "roles/managedflink.developer", "name": "Managed Flink Developer", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "managedflink.jobs.get": [ @@ -343265,6 +343645,11 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/managedflink.admin", + "name": "Managed Flink Admin", + "undocumented": false + }, { "id": "roles/managedflink.developer", "name": "Managed Flink Developer", @@ -343275,6 +343660,11 @@ "name": "Managed Flink Viewer", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -343287,6 +343677,21 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/iam.securityAdmin", + "name": "Security Admin", + "undocumented": false + }, + { + "id": "roles/iam.securityReviewer", + "name": "Security Reviewer", + "undocumented": false + }, + { + "id": "roles/managedflink.admin", + "name": "Managed Flink Admin", + "undocumented": false + }, { "id": "roles/managedflink.developer", "name": "Managed Flink Developer", @@ -343297,6 +343702,11 @@ "name": "Managed Flink Viewer", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -343309,10 +343719,20 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/managedflink.admin", + "name": "Managed Flink Admin", + "undocumented": false + }, { "id": "roles/managedflink.developer", "name": "Managed Flink Developer", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "managedflink.locations.get": [ @@ -343321,6 +343741,11 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/managedflink.admin", + "name": "Managed Flink Admin", + "undocumented": false + }, { "id": "roles/managedflink.developer", "name": "Managed Flink Developer", @@ -343331,6 +343756,11 @@ "name": "Managed Flink Viewer", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -343343,6 +343773,21 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/iam.securityAdmin", + "name": "Security Admin", + "undocumented": false + }, + { + "id": "roles/iam.securityReviewer", + "name": "Security Reviewer", + "undocumented": false + }, + { + "id": "roles/managedflink.admin", + "name": "Managed Flink Admin", + "undocumented": false + }, { "id": "roles/managedflink.developer", "name": "Managed Flink Developer", @@ -343353,6 +343798,11 @@ "name": "Managed Flink Viewer", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -343364,6 +343814,16 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/managedflink.admin", + "name": "Managed Flink Admin", + "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "managedflink.operations.delete": [ @@ -343371,6 +343831,16 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/managedflink.admin", + "name": "Managed Flink Admin", + "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "managedflink.operations.get": [ @@ -343379,6 +343849,11 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/managedflink.admin", + "name": "Managed Flink Admin", + "undocumented": false + }, { "id": "roles/managedflink.developer", "name": "Managed Flink Developer", @@ -343389,6 +343864,11 @@ "name": "Managed Flink Viewer", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -343401,6 +343881,21 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/iam.securityAdmin", + "name": "Security Admin", + "undocumented": false + }, + { + "id": "roles/iam.securityReviewer", + "name": "Security Reviewer", + "undocumented": false + }, + { + "id": "roles/managedflink.admin", + "name": "Managed Flink Admin", + "undocumented": false + }, { "id": "roles/managedflink.developer", "name": "Managed Flink Developer", @@ -343411,6 +343906,11 @@ "name": "Managed Flink Viewer", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -347866,6 +348366,11 @@ "id": "roles/memorystore.dbConnectionUser", "name": "Memorystore DB Connector User", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "memorystore.instances.create": [ @@ -347878,6 +348383,11 @@ "id": "roles/memorystore.admin", "name": "Memorystore Admin", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "memorystore.instances.delete": [ @@ -347890,6 +348400,11 @@ "id": "roles/memorystore.admin", "name": "Memorystore Admin", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "memorystore.instances.get": [ @@ -347908,6 +348423,11 @@ "name": "Memorystore Viewer", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -347920,6 +348440,16 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/iam.securityAdmin", + "name": "Security Admin", + "undocumented": false + }, + { + "id": "roles/iam.securityReviewer", + "name": "Security Reviewer", + "undocumented": false + }, { "id": "roles/memorystore.admin", "name": "Memorystore Admin", @@ -347930,6 +348460,11 @@ "name": "Memorystore Viewer", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -347946,6 +348481,11 @@ "id": "roles/memorystore.admin", "name": "Memorystore Admin", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "memorystore.locations.get": [ @@ -347964,6 +348504,11 @@ "name": "Memorystore Viewer", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -347976,6 +348521,16 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/iam.securityAdmin", + "name": "Security Admin", + "undocumented": false + }, + { + "id": "roles/iam.securityReviewer", + "name": "Security Reviewer", + "undocumented": false + }, { "id": "roles/memorystore.admin", "name": "Memorystore Admin", @@ -347986,6 +348541,11 @@ "name": "Memorystore Viewer", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -348002,6 +348562,11 @@ "id": "roles/memorystore.admin", "name": "Memorystore Admin", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "memorystore.operations.delete": [ @@ -348014,6 +348579,11 @@ "id": "roles/memorystore.admin", "name": "Memorystore Admin", "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "memorystore.operations.get": [ @@ -348032,6 +348602,11 @@ "name": "Memorystore Viewer", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -348044,6 +348619,16 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/iam.securityAdmin", + "name": "Security Admin", + "undocumented": false + }, + { + "id": "roles/iam.securityReviewer", + "name": "Security Reviewer", + "undocumented": false + }, { "id": "roles/memorystore.admin", "name": "Memorystore Admin", @@ -348054,6 +348639,11 @@ "name": "Memorystore Viewer", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -361197,42 +361787,6 @@ "undocumented": false } ], - "networkmanagement.config.get": [ - { - "id": "roles/networkmanagement.admin", - "name": "Network Management Admin", - "undocumented": true - }, - { - "id": "roles/owner", - "name": "Owner", - "undocumented": true - } - ], - "networkmanagement.config.startFreeTrial": [ - { - "id": "roles/networkmanagement.admin", - "name": "Network Management Admin", - "undocumented": true - }, - { - "id": "roles/owner", - "name": "Owner", - "undocumented": true - } - ], - "networkmanagement.config.update": [ - { - "id": "roles/networkmanagement.admin", - "name": "Network Management Admin", - "undocumented": true - }, - { - "id": "roles/owner", - "name": "Owner", - "undocumented": true - } - ], "networkmanagement.connectivitytests.create": [ { "id": "roles/editor", @@ -361661,22 +362215,20 @@ "undocumented": false } ], - "networkmanagement.topologygraphs.read": [ + "networkmanagement.vpcflowlogsconfigs.create": [ + { + "id": "roles/editor", + "name": "Editor", + "undocumented": false + }, { "id": "roles/networkmanagement.admin", "name": "Network Management Admin", - "undocumented": true + "undocumented": false }, { "id": "roles/owner", "name": "Owner", - "undocumented": true - } - ], - "networkmanagement.vpcflowlogsconfigs.create": [ - { - "id": "roles/editor", - "name": "Editor", "undocumented": false } ], @@ -361685,6 +362237,16 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/networkmanagement.admin", + "name": "Network Management Admin", + "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "networkmanagement.vpcflowlogsconfigs.get": [ @@ -361693,11 +362255,21 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/networkmanagement.admin", + "name": "Network Management Admin", + "undocumented": false + }, { "id": "roles/networkmanagement.viewer", "name": "Network Management Viewer", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -361710,11 +362282,31 @@ "name": "Editor", "undocumented": false }, + { + "id": "roles/iam.securityAdmin", + "name": "Security Admin", + "undocumented": false + }, + { + "id": "roles/iam.securityReviewer", + "name": "Security Reviewer", + "undocumented": false + }, + { + "id": "roles/networkmanagement.admin", + "name": "Network Management Admin", + "undocumented": false + }, { "id": "roles/networkmanagement.viewer", "name": "Network Management Viewer", "undocumented": false }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false + }, { "id": "roles/viewer", "name": "Viewer", @@ -361726,6 +362318,16 @@ "id": "roles/editor", "name": "Editor", "undocumented": false + }, + { + "id": "roles/networkmanagement.admin", + "name": "Network Management Admin", + "undocumented": false + }, + { + "id": "roles/owner", + "name": "Owner", + "undocumented": false } ], "networksecurity.addressGroups.create": [ diff --git a/gcp/roles/artifactregistry.createOnPushRepoAdmin.json b/gcp/roles/artifactregistry.createOnPushRepoAdmin.json index 9d9ae19ca..78c423e77 100644 --- a/gcp/roles/artifactregistry.createOnPushRepoAdmin.json +++ b/gcp/roles/artifactregistry.createOnPushRepoAdmin.json @@ -9,6 +9,7 @@ "artifactregistry.files.download", "artifactregistry.files.get", "artifactregistry.files.list", + "artifactregistry.files.update", "artifactregistry.kfpartifacts.create", "artifactregistry.locations.get", "artifactregistry.locations.list", @@ -19,6 +20,7 @@ "artifactregistry.packages.delete", "artifactregistry.packages.get", "artifactregistry.packages.list", + "artifactregistry.packages.update", "artifactregistry.projectsettings.get", "artifactregistry.pythonpackages.get", "artifactregistry.pythonpackages.list", @@ -39,6 +41,7 @@ "artifactregistry.versions.delete", "artifactregistry.versions.get", "artifactregistry.versions.list", + "artifactregistry.versions.update", "artifactregistry.yumartifacts.create" ], "name": "roles/artifactregistry.createOnPushRepoAdmin", diff --git a/gcp/roles/artifactregistry.createOnPushWriter.json b/gcp/roles/artifactregistry.createOnPushWriter.json index 108a08caf..a5c53c4da 100644 --- a/gcp/roles/artifactregistry.createOnPushWriter.json +++ b/gcp/roles/artifactregistry.createOnPushWriter.json @@ -8,6 +8,7 @@ "artifactregistry.files.download", "artifactregistry.files.get", "artifactregistry.files.list", + "artifactregistry.files.update", "artifactregistry.kfpartifacts.create", "artifactregistry.locations.get", "artifactregistry.locations.list", @@ -17,6 +18,7 @@ "artifactregistry.npmpackages.list", "artifactregistry.packages.get", "artifactregistry.packages.list", + "artifactregistry.packages.update", "artifactregistry.projectsettings.get", "artifactregistry.pythonpackages.get", "artifactregistry.pythonpackages.list", diff --git a/gcp/roles/backupdr.backupvaultAdmin.json b/gcp/roles/backupdr.backupvaultAdmin.json index 3fb1c31db..393219091 100644 --- a/gcp/roles/backupdr.backupvaultAdmin.json +++ b/gcp/roles/backupdr.backupvaultAdmin.json @@ -2,6 +2,7 @@ "description": "Allows the Backup Appliance full administrative control of backup vault resources.", "etag": "AA==", "includedPermissions": [ + "backupdr.backupVaults.associate", "backupdr.backupVaults.create", "backupdr.backupVaults.delete", "backupdr.backupVaults.get", @@ -15,6 +16,7 @@ "backupdr.bvdataSources.get", "backupdr.bvdataSources.list", "backupdr.bvdataSources.update", + "backupdr.compute.restoreFromBackupVault", "backupdr.locations.get", "backupdr.locations.list", "backupdr.operations.cancel", diff --git a/gcp/roles/backupdr.user.json b/gcp/roles/backupdr.user.json index c450567b8..5a29e4ce6 100644 --- a/gcp/roles/backupdr.user.json +++ b/gcp/roles/backupdr.user.json @@ -2,6 +2,8 @@ "description": "Provides access to management console. Granular Backup and DR permissions depend on ACL configuration provided by Backup and DR admin within the management console.", "etag": "AA==", "includedPermissions": [ + "backupdr.backupPlanAssociations.create", + "backupdr.backupPlanAssociations.delete", "backupdr.managementServers.access", "backupdr.managementServers.backupAccess", "backupdr.managementServers.get", diff --git a/gcp/roles/beyondcorp.admin.json b/gcp/roles/beyondcorp.admin.json index 6526dea75..887f19a8e 100644 --- a/gcp/roles/beyondcorp.admin.json +++ b/gcp/roles/beyondcorp.admin.json @@ -46,6 +46,8 @@ "beyondcorp.subscriptions.create", "beyondcorp.subscriptions.get", "beyondcorp.subscriptions.list", + "beyondcorp.subscriptions.terminate", + "beyondcorp.subscriptions.update", "resourcemanager.projects.get", "resourcemanager.projects.list" ], diff --git a/gcp/roles/cloudbuild.serviceAgent.json b/gcp/roles/cloudbuild.serviceAgent.json index 5364179d2..a67bf4211 100644 --- a/gcp/roles/cloudbuild.serviceAgent.json +++ b/gcp/roles/cloudbuild.serviceAgent.json @@ -8,6 +8,7 @@ "artifactregistry.files.download", "artifactregistry.files.get", "artifactregistry.files.list", + "artifactregistry.files.update", "artifactregistry.kfpartifacts.create", "artifactregistry.locations.get", "artifactregistry.locations.list", @@ -17,6 +18,7 @@ "artifactregistry.npmpackages.list", "artifactregistry.packages.get", "artifactregistry.packages.list", + "artifactregistry.packages.update", "artifactregistry.projectsettings.get", "artifactregistry.pythonpackages.get", "artifactregistry.pythonpackages.list", diff --git a/gcp/roles/cloudkms.admin.json b/gcp/roles/cloudkms.admin.json index 73961ac44..2019d0adb 100644 --- a/gcp/roles/cloudkms.admin.json +++ b/gcp/roles/cloudkms.admin.json @@ -51,6 +51,7 @@ "cloudkms.locations.get", "cloudkms.locations.list", "cloudkms.locations.optOutKeyDeletionMsa", + "cloudkms.operations.get", "cloudkms.projects.showEffectiveAutokeyConfig", "resourcemanager.projects.get" ], diff --git a/gcp/roles/composer.worker.json b/gcp/roles/composer.worker.json index dfd730ab3..02ac9657b 100644 --- a/gcp/roles/composer.worker.json +++ b/gcp/roles/composer.worker.json @@ -9,6 +9,7 @@ "artifactregistry.files.download", "artifactregistry.files.get", "artifactregistry.files.list", + "artifactregistry.files.update", "artifactregistry.kfpartifacts.create", "artifactregistry.locations.get", "artifactregistry.locations.list", @@ -19,6 +20,7 @@ "artifactregistry.packages.delete", "artifactregistry.packages.get", "artifactregistry.packages.list", + "artifactregistry.packages.update", "artifactregistry.projectsettings.get", "artifactregistry.projectsettings.update", "artifactregistry.pythonpackages.get", @@ -47,6 +49,7 @@ "artifactregistry.versions.delete", "artifactregistry.versions.get", "artifactregistry.versions.list", + "artifactregistry.versions.update", "artifactregistry.yumartifacts.create", "cloudbuild.builds.create", "cloudbuild.builds.get", diff --git a/gcp/roles/datacatalog.dataSteward.json b/gcp/roles/datacatalog.dataSteward.json index 5a8dcdc8d..5a2f286a9 100644 --- a/gcp/roles/datacatalog.dataSteward.json +++ b/gcp/roles/datacatalog.dataSteward.json @@ -7,6 +7,7 @@ "datacatalog.entries.updateContacts", "datacatalog.entries.updateOverview", "datacatalog.entryGroups.get", + "datacatalog.migrationConfig.get", "datacatalog.relationships.list", "dataplex.projects.search", "resourcemanager.projects.get", diff --git a/gcp/roles/dataflow.serviceAgent.json b/gcp/roles/dataflow.serviceAgent.json index fbe978afd..8076d82a8 100644 --- a/gcp/roles/dataflow.serviceAgent.json +++ b/gcp/roles/dataflow.serviceAgent.json @@ -856,6 +856,8 @@ "dataform.compilationResults.get", "dataform.compilationResults.list", "dataform.compilationResults.query", + "dataform.config.get", + "dataform.config.update", "dataform.locations.get", "dataform.locations.list", "dataform.releaseConfigs.create", diff --git a/gcp/roles/dataform.viewer.json b/gcp/roles/dataform.viewer.json index be46eb3e2..eaa654fc5 100644 --- a/gcp/roles/dataform.viewer.json +++ b/gcp/roles/dataform.viewer.json @@ -5,6 +5,7 @@ "dataform.compilationResults.get", "dataform.compilationResults.list", "dataform.compilationResults.query", + "dataform.config.get", "dataform.locations.get", "dataform.locations.list", "dataform.releaseConfigs.get", diff --git a/gcp/roles/dataplex.serviceAgent.json b/gcp/roles/dataplex.serviceAgent.json index 8c667c0d3..041188ad8 100644 --- a/gcp/roles/dataplex.serviceAgent.json +++ b/gcp/roles/dataplex.serviceAgent.json @@ -126,6 +126,8 @@ "dataform.compilationResults.get", "dataform.compilationResults.list", "dataform.compilationResults.query", + "dataform.config.get", + "dataform.config.update", "dataform.locations.get", "dataform.locations.list", "dataform.releaseConfigs.create", diff --git a/gcp/roles/discoveryengine.admin.json b/gcp/roles/discoveryengine.admin.json index 50bc16e35..64b71005d 100644 --- a/gcp/roles/discoveryengine.admin.json +++ b/gcp/roles/discoveryengine.admin.json @@ -2,6 +2,8 @@ "description": "Grants full access to all discoveryengine resources.", "etag": "AA==", "includedPermissions": [ + "discoveryengine.aclConfigs.get", + "discoveryengine.aclConfigs.update", "discoveryengine.analytics.acquireDashboardSession", "discoveryengine.analytics.refreshDashboardSessionTokens", "discoveryengine.answers.get", diff --git a/gcp/roles/discoveryengine.editor.json b/gcp/roles/discoveryengine.editor.json index c40a7d0fe..b09dfc44c 100644 --- a/gcp/roles/discoveryengine.editor.json +++ b/gcp/roles/discoveryengine.editor.json @@ -2,6 +2,7 @@ "description": "Grants read and write access to all discovery engine resources.", "etag": "AA==", "includedPermissions": [ + "discoveryengine.aclConfigs.get", "discoveryengine.analytics.acquireDashboardSession", "discoveryengine.analytics.refreshDashboardSessionTokens", "discoveryengine.answers.get", diff --git a/gcp/roles/iam.securityAdmin.json b/gcp/roles/iam.securityAdmin.json index 6b477e5f9..1ae0c313b 100644 --- a/gcp/roles/iam.securityAdmin.json +++ b/gcp/roles/iam.securityAdmin.json @@ -268,6 +268,8 @@ "automlrecommendations.recommendations.list", "autoscaling.sites.getIamPolicy", "autoscaling.sites.setIamPolicy", + "backupdr.backupPlanAssociations.list", + "backupdr.backupPlans.list", "backupdr.backupVaults.list", "backupdr.bvbackups.list", "backupdr.bvdataSources.list", @@ -1481,6 +1483,10 @@ "looker.instances.list", "looker.locations.list", "looker.operations.list", + "managedflink.deployments.list", + "managedflink.jobs.list", + "managedflink.locations.list", + "managedflink.operations.list", "managedidentities.backups.getIamPolicy", "managedidentities.backups.list", "managedidentities.backups.setIamPolicy", @@ -1514,6 +1520,9 @@ "memcache.instances.list", "memcache.locations.list", "memcache.operations.list", + "memorystore.instances.list", + "memorystore.locations.list", + "memorystore.operations.list", "metastore.backups.getIamPolicy", "metastore.backups.list", "metastore.backups.setIamPolicy", @@ -1612,6 +1621,7 @@ "networkmanagement.connectivitytests.setIamPolicy", "networkmanagement.locations.list", "networkmanagement.operations.list", + "networkmanagement.vpcflowlogsconfigs.list", "networksecurity.addressGroups.getIamPolicy", "networksecurity.addressGroups.list", "networksecurity.addressGroups.setIamPolicy", diff --git a/gcp/roles/iam.securityReviewer.json b/gcp/roles/iam.securityReviewer.json index b720dd2a5..f9788e2e9 100644 --- a/gcp/roles/iam.securityReviewer.json +++ b/gcp/roles/iam.securityReviewer.json @@ -245,6 +245,8 @@ "automlrecommendations.placements.list", "automlrecommendations.recommendations.list", "autoscaling.sites.getIamPolicy", + "backupdr.backupPlanAssociations.list", + "backupdr.backupPlans.list", "backupdr.backupVaults.list", "backupdr.bvbackups.list", "backupdr.bvdataSources.list", @@ -1293,6 +1295,10 @@ "looker.instances.list", "looker.locations.list", "looker.operations.list", + "managedflink.deployments.list", + "managedflink.jobs.list", + "managedflink.locations.list", + "managedflink.operations.list", "managedidentities.backups.getIamPolicy", "managedidentities.backups.list", "managedidentities.domains.getIamPolicy", @@ -1323,6 +1329,9 @@ "memcache.instances.list", "memcache.locations.list", "memcache.operations.list", + "memorystore.instances.list", + "memorystore.locations.list", + "memorystore.operations.list", "metastore.backups.getIamPolicy", "metastore.backups.list", "metastore.databases.getIamPolicy", @@ -1405,6 +1414,7 @@ "networkmanagement.connectivitytests.list", "networkmanagement.locations.list", "networkmanagement.operations.list", + "networkmanagement.vpcflowlogsconfigs.list", "networksecurity.addressGroups.getIamPolicy", "networksecurity.addressGroups.list", "networksecurity.authorizationPolicies.getIamPolicy", diff --git a/gcp/roles/managedflink.admin.json b/gcp/roles/managedflink.admin.json index c3ce83be5..9ac3964ef 100644 --- a/gcp/roles/managedflink.admin.json +++ b/gcp/roles/managedflink.admin.json @@ -2,6 +2,22 @@ "description": "Full access to Managed Flink resources.", "etag": "AA==", "includedPermissions": [ + "managedflink.deployments.create", + "managedflink.deployments.delete", + "managedflink.deployments.get", + "managedflink.deployments.list", + "managedflink.deployments.update", + "managedflink.jobs.create", + "managedflink.jobs.delete", + "managedflink.jobs.get", + "managedflink.jobs.list", + "managedflink.jobs.update", + "managedflink.locations.get", + "managedflink.locations.list", + "managedflink.operations.cancel", + "managedflink.operations.delete", + "managedflink.operations.get", + "managedflink.operations.list", "resourcemanager.projects.get", "resourcemanager.projects.list" ], diff --git a/gcp/roles/networkmanagement.admin.json b/gcp/roles/networkmanagement.admin.json index 9ae261b60..7fbb54a29 100644 --- a/gcp/roles/networkmanagement.admin.json +++ b/gcp/roles/networkmanagement.admin.json @@ -2,9 +2,6 @@ "description": "Full access to Network Management resources.", "etag": "AA==", "includedPermissions": [ - "networkmanagement.config.get", - "networkmanagement.config.startFreeTrial", - "networkmanagement.config.update", "networkmanagement.connectivitytests.create", "networkmanagement.connectivitytests.delete", "networkmanagement.connectivitytests.get", @@ -19,7 +16,11 @@ "networkmanagement.operations.delete", "networkmanagement.operations.get", "networkmanagement.operations.list", - "networkmanagement.topologygraphs.read", + "networkmanagement.vpcflowlogsconfigs.create", + "networkmanagement.vpcflowlogsconfigs.delete", + "networkmanagement.vpcflowlogsconfigs.get", + "networkmanagement.vpcflowlogsconfigs.list", + "networkmanagement.vpcflowlogsconfigs.update", "resourcemanager.organizations.get", "resourcemanager.projects.get", "resourcemanager.projects.list" diff --git a/gcp/roles/owner.json b/gcp/roles/owner.json index 6fb524ca5..767e572ea 100644 --- a/gcp/roles/owner.json +++ b/gcp/roles/owner.json @@ -417,6 +417,7 @@ "alloydb.clusters.promote", "alloydb.clusters.switchover", "alloydb.clusters.update", + "alloydb.clusters.upgrade", "alloydb.databases.list", "alloydb.instances.connect", "alloydb.instances.create", @@ -982,6 +983,7 @@ "artifactregistry.files.download", "artifactregistry.files.get", "artifactregistry.files.list", + "artifactregistry.files.update", "artifactregistry.kfpartifacts.create", "artifactregistry.locations.get", "artifactregistry.locations.list", @@ -992,6 +994,7 @@ "artifactregistry.packages.delete", "artifactregistry.packages.get", "artifactregistry.packages.list", + "artifactregistry.packages.update", "artifactregistry.projectsettings.get", "artifactregistry.projectsettings.update", "artifactregistry.pythonpackages.get", @@ -1020,6 +1023,7 @@ "artifactregistry.versions.delete", "artifactregistry.versions.get", "artifactregistry.versions.list", + "artifactregistry.versions.update", "artifactregistry.yumartifacts.create", "assuredoss.config.get", "assuredoss.customers.create", @@ -1145,6 +1149,17 @@ "autoscaling.sites.setIamPolicy", "autoscaling.sites.writeMetrics", "autoscaling.sites.writeState", + "backupdr.backupPlanAssociations.create", + "backupdr.backupPlanAssociations.delete", + "backupdr.backupPlanAssociations.get", + "backupdr.backupPlanAssociations.list", + "backupdr.backupPlanAssociations.triggerBackup", + "backupdr.backupPlans.create", + "backupdr.backupPlans.delete", + "backupdr.backupPlans.get", + "backupdr.backupPlans.list", + "backupdr.backupPlans.useComputeInstanceOnly", + "backupdr.backupVaults.associate", "backupdr.backupVaults.create", "backupdr.backupVaults.delete", "backupdr.backupVaults.get", @@ -1164,6 +1179,7 @@ "backupdr.bvdataSources.remove", "backupdr.bvdataSources.setInternalStatus", "backupdr.bvdataSources.update", + "backupdr.compute.restoreFromBackupVault", "backupdr.locations.get", "backupdr.locations.list", "backupdr.managementServers.access", @@ -1351,6 +1367,8 @@ "beyondcorp.subscriptions.create", "beyondcorp.subscriptions.get", "beyondcorp.subscriptions.list", + "beyondcorp.subscriptions.terminate", + "beyondcorp.subscriptions.update", "biglake.catalogs.create", "biglake.catalogs.delete", "biglake.catalogs.get", @@ -2743,6 +2761,7 @@ "cloudkms.locations.get", "cloudkms.locations.list", "cloudkms.locations.optOutKeyDeletionMsa", + "cloudkms.operations.get", "cloudkms.projects.showEffectiveAutokeyConfig", "cloudkms.protectedResources.search", "cloudmessaging.messages.create", @@ -4181,9 +4200,11 @@ "contactcenterinsights.faqModels.update", "contactcenterinsights.feedbackLabels.create", "contactcenterinsights.feedbackLabels.delete", + "contactcenterinsights.feedbackLabels.download", "contactcenterinsights.feedbackLabels.get", "contactcenterinsights.feedbackLabels.list", "contactcenterinsights.feedbackLabels.update", + "contactcenterinsights.feedbackLabels.upload", "contactcenterinsights.issueModels.create", "contactcenterinsights.issueModels.delete", "contactcenterinsights.issueModels.deploy", @@ -4211,9 +4232,11 @@ "contactcenterinsights.qaQuestions.list", "contactcenterinsights.qaQuestions.update", "contactcenterinsights.qaScorecardRevisions.create", + "contactcenterinsights.qaScorecardRevisions.delete", "contactcenterinsights.qaScorecardRevisions.deploy", "contactcenterinsights.qaScorecardRevisions.get", "contactcenterinsights.qaScorecardRevisions.list", + "contactcenterinsights.qaScorecardRevisions.tune", "contactcenterinsights.qaScorecards.create", "contactcenterinsights.qaScorecards.delete", "contactcenterinsights.qaScorecards.get", @@ -4746,6 +4769,8 @@ "datacatalog.entryGroups.setIamPolicy", "datacatalog.entryGroups.update", "datacatalog.entryGroups.updateTag", + "datacatalog.migrationConfig.get", + "datacatalog.migrationConfig.set", "datacatalog.operations.list", "datacatalog.relationships.create", "datacatalog.relationships.createBelongsTo", @@ -4812,6 +4837,8 @@ "dataform.compilationResults.get", "dataform.compilationResults.list", "dataform.compilationResults.query", + "dataform.config.get", + "dataform.config.update", "dataform.locations.get", "dataform.locations.list", "dataform.releaseConfigs.create", @@ -4988,6 +5015,7 @@ "datamigration.mappingrules.setIamPolicy", "datamigration.migrationjobs.create", "datamigration.migrationjobs.delete", + "datamigration.migrationjobs.demoteDestination", "datamigration.migrationjobs.generateSshScript", "datamigration.migrationjobs.generateTcpProxyScript", "datamigration.migrationjobs.get", @@ -5634,6 +5662,8 @@ "dialogflow.webhooks.get", "dialogflow.webhooks.list", "dialogflow.webhooks.update", + "discoveryengine.aclConfigs.get", + "discoveryengine.aclConfigs.update", "discoveryengine.analytics.acquireDashboardSession", "discoveryengine.analytics.refreshDashboardSessionTokens", "discoveryengine.answers.get", @@ -7188,6 +7218,22 @@ "looker.operations.get", "looker.operations.list", "lookerstudio.pro.manage", + "managedflink.deployments.create", + "managedflink.deployments.delete", + "managedflink.deployments.get", + "managedflink.deployments.list", + "managedflink.deployments.update", + "managedflink.jobs.create", + "managedflink.jobs.delete", + "managedflink.jobs.get", + "managedflink.jobs.list", + "managedflink.jobs.update", + "managedflink.locations.get", + "managedflink.locations.list", + "managedflink.operations.cancel", + "managedflink.operations.delete", + "managedflink.operations.get", + "managedflink.operations.list", "managedidentities.backups.create", "managedidentities.backups.delete", "managedidentities.backups.get", @@ -7340,6 +7386,18 @@ "memcache.operations.delete", "memcache.operations.get", "memcache.operations.list", + "memorystore.instances.connect", + "memorystore.instances.create", + "memorystore.instances.delete", + "memorystore.instances.get", + "memorystore.instances.list", + "memorystore.instances.update", + "memorystore.locations.get", + "memorystore.locations.list", + "memorystore.operations.cancel", + "memorystore.operations.delete", + "memorystore.operations.get", + "memorystore.operations.list", "meshconfig.projects.init", "metastore.backups.create", "metastore.backups.delete", @@ -7676,9 +7734,6 @@ "networkconnectivity.spokes.list", "networkconnectivity.spokes.setIamPolicy", "networkconnectivity.spokes.update", - "networkmanagement.config.get", - "networkmanagement.config.startFreeTrial", - "networkmanagement.config.update", "networkmanagement.connectivitytests.create", "networkmanagement.connectivitytests.delete", "networkmanagement.connectivitytests.get", @@ -7693,7 +7748,11 @@ "networkmanagement.operations.delete", "networkmanagement.operations.get", "networkmanagement.operations.list", - "networkmanagement.topologygraphs.read", + "networkmanagement.vpcflowlogsconfigs.create", + "networkmanagement.vpcflowlogsconfigs.delete", + "networkmanagement.vpcflowlogsconfigs.get", + "networkmanagement.vpcflowlogsconfigs.list", + "networkmanagement.vpcflowlogsconfigs.update", "networksecurity.addressGroups.create", "networksecurity.addressGroups.delete", "networksecurity.addressGroups.get", diff --git a/gcp/tags.json b/gcp/tags.json index 5d121a85d..d1612cab0 100644 --- a/gcp/tags.json +++ b/gcp/tags.json @@ -1,137 +1,137 @@ { "iam": { "CredentialExposure": [ - "compute.instances.create", - "compute.instances.osAdminLogin", - "bigquery.connections.get", "iam.serviceAccountKeys.create", "cloudfunctions.functions.create", + "bigquery.connections.get", + "compute.instances.osAdminLogin", "cloudfunctions.functions.update", - "cloudfunctions.functions.sourceCodeSet" + "cloudfunctions.functions.sourceCodeSet", + "compute.instances.create" ], "DataAccess": [ "bigquery.connections.use", + "datastore.entities.get", + "appengine.memcache.getKey", + "cloudfunctions.functions.invoke", "container.jobs.create", - "pubsub.subscriptions.consume", - "bigquery.rowAccessPolicies.getFilteredData", - "bigquery.tables.export", - "container.replicaSets.update", - "compute.instances.getGuestAttributes", "bigquery.models.getData", - "datastore.entities.get", - "compute.instances.getSerialPortOutput", - "storage.objects.get", + "pubsub.topics.attachSubscription", "pubsub.snapshots.seek", - "appengine.memcache.getKey", - "container.deployments.create", - "cloudfunctions.functions.update", - "cloudfunctions.functions.sourceCodeSet", + "storage.objects.get", + "pubsub.subscriptions.consume", + "bigquery.models.export", + "compute.images.create", "container.statefulSets.update", - "appengine.memcache.get", - "bigquery.rowAccessPolicies.overrideTimeTravelRestrictions", + "appengine.instances.enableDebug", + "container.services.proxy", + "compute.instances.osAdminLogin", "cloudfunctions.functions.call", - "container.replicaSets.create", "compute.instances.osLogin", - "container.services.proxy", - "bigquery.models.export", - "appengine.memcache.list", - "container.pods.create", + "compute.instances.getSerialPortOutput", + "container.replicaSets.update", + "bigquery.tables.getData", + "container.deployments.create", "container.deployments.update", "cloudfunctions.functions.create", - "pubsub.topics.attachSubscription", - "cloudfunctions.functions.invoke", - "appengine.instances.enableDebug", - "compute.instances.osAdminLogin", - "bigquery.tables.getData", - "compute.images.create", "compute.instances.getScreenshot", + "cloudfunctions.functions.update", + "container.replicaSets.create", "container.statefulSets.create", - "container.jobs.update" + "bigquery.tables.export", + "container.pods.create", + "appengine.memcache.get", + "compute.instances.getGuestAttributes", + "container.jobs.update", + "appengine.memcache.list", + "cloudfunctions.functions.sourceCodeSet", + "bigquery.rowAccessPolicies.getFilteredData", + "bigquery.rowAccessPolicies.overrideTimeTravelRestrictions" ], "PrivEsc": [ - "container.nodes.proxy", - "cloudfunctions.functions.setIamPolicy", - "container.clusterRoleBindings.update", - "compute.instances.updateAccessConfig", - "bigquery.datasets.deleteTagBinding", - "container.clusterRoles.update", - "compute.backendServices.addSignedUrlKey", - "container.roles.update", - "compute.disks.createTagBinding", - "bigquery.connections.setIamPolicy", - "bigquery.datasets.createTagBinding", - "resourcemanager.projects.setIamPolicy", - "compute.instances.createTagBinding", - "compute.backendBuckets.update", - "compute.globalNetworkEndpointGroups.setIamPolicy", + "container.roles.bind", "dns.managedZones.setIamPolicy", "container.roleBindings.create", - "billing.accounts.setIamPolicy", - "compute.disks.deleteTagBinding", + "storage.buckets.createTagBinding", + "pubsub.topics.updateTag", + "resourcemanager.tagvalues.setIamPolicy", + "iam.serviceAccounts.getOpenIdToken", + "bigquery.tables.updateTag", + "bigquery.dataPolicies.setIamPolicy", + "compute.instances.deleteTagBinding", + "compute.instances.createTagBinding", + "bigquery.datasets.setIamPolicy", + "compute.globalNetworkEndpointGroups.setIamPolicy", + "compute.instances.updateAccessConfig", + "iam.serviceAccountKeys.enable", "compute.instances.use", - "container.roles.bind", - "secretmanager.secrets.setIamPolicy", + "compute.networkEndpointGroups.setIamPolicy", + "compute.instances.useReadOnly", + "iam.serviceAccounts.actAs", + "compute.images.setIamPolicy", "compute.disks.setIamPolicy", - "container.clusters.deleteTagBinding", - "container.clusterRoles.bind", - "pubsub.topics.setIamPolicy", "container.roleBindings.update", - "bigquery.datasets.updateTag", - "container.serviceAccounts.createToken", - "bigquery.datasets.setIamPolicy", + "compute.backendBuckets.update", "compute.backendServices.setIamPolicy", - "iam.serviceAccounts.actAs", - "iam.serviceAccounts.setIamPolicy", - "iam.serviceAccounts.getAccessToken", + "domains.registrations.deleteTagBinding", + "dns.policies.setIamPolicy", + "container.roles.escalate", + "domains.registrations.createTagBinding", + "pubsub.subscriptions.setIamPolicy", + "container.clusterRoleBindings.update", + "pubsub.topics.setIamPolicy", "container.pods.exec", - "container.clusterRoles.escalate", - "cloudbuild.connections.setIamPolicy", - "iam.serviceAccounts.implicitDelegation", - "compute.backendBuckets.setIamPolicy", - "compute.backendServices.update", + "bigquery.tables.setCategory", + "compute.images.deleteTagBinding", + "bigquery.datasets.updateTag", + "container.secrets.list", + "compute.firewallPolicies.setIamPolicy", + "iam.serviceAccounts.setIamPolicy", + "bigquery.datasets.deleteTagBinding", "compute.instances.setIamPolicy", "pubsub.schemas.setIamPolicy", - "iam.serviceAccounts.getOpenIdToken", - "resourcemanager.tagvalues.setIamPolicy", - "storage.buckets.setIamPolicy", - "domains.registrations.createTagBinding", - "iam.serviceAccountKeys.enable", - "pubsub.topics.updateTag", - "compute.backendBuckets.setSecurityPolicy", + "iam.serviceAccounts.signJwt", "resourcemanager.tagkeys.setIamPolicy", - "pubsub.subscriptions.setIamPolicy", - "compute.instances.deleteTagBinding", - "bigquery.tables.setCategory", - "compute.instances.useReadOnly", - "iam.serviceAccounts.signBlob", - "bigquery.tables.setIamPolicy", + "iam.serviceAccounts.getAccessToken", + "container.clusterRoles.bind", + "container.serviceAccounts.createToken", + "compute.backendServices.setSecurityPolicy", + "compute.backendBuckets.setIamPolicy", + "bigquery.connections.setIamPolicy", "storage.objects.setIamPolicy", - "compute.images.createTagBinding", - "iam.roles.update", - "compute.firewallPolicies.setIamPolicy", - "compute.images.setIamPolicy", "compute.instances.addAccessConfig", - "compute.networkEndpointGroups.setIamPolicy", - "bigquery.tables.updateTag", "container.clusterRoleBindings.create", - "cloudbuild.builds.create", - "storage.buckets.createTagBinding", - "bigquery.dataPolicies.setIamPolicy", + "storage.buckets.setIamPolicy", + "bigquery.rowAccessPolicies.setIamPolicy", "pubsub.snapshots.setIamPolicy", - "storage.buckets.deleteTagBinding", - "container.roles.escalate", - "container.secrets.list", - "compute.backendServices.setSecurityPolicy", - "dns.policies.setIamPolicy", - "domains.registrations.deleteTagBinding", - "iam.serviceAccounts.signJwt", - "container.clusters.createTagBinding", + "container.clusterRoles.escalate", + "container.roles.update", "compute.backendBuckets.addSignedUrlKey", - "container.secrets.get", - "compute.instances.updateNetworkInterface", - "bigquery.rowAccessPolicies.setIamPolicy", + "cloudfunctions.functions.setIamPolicy", + "compute.backendServices.addSignedUrlKey", + "container.clusters.createTagBinding", + "compute.images.createTagBinding", + "billing.accounts.setIamPolicy", "domains.registrations.setIamPolicy", - "compute.images.deleteTagBinding" + "bigquery.datasets.createTagBinding", + "compute.backendServices.update", + "iam.serviceAccounts.signBlob", + "secretmanager.secrets.setIamPolicy", + "compute.instances.updateNetworkInterface", + "cloudbuild.builds.create", + "storage.buckets.deleteTagBinding", + "compute.disks.createTagBinding", + "resourcemanager.projects.setIamPolicy", + "iam.serviceAccounts.implicitDelegation", + "iam.roles.update", + "bigquery.tables.setIamPolicy", + "compute.backendBuckets.setSecurityPolicy", + "container.nodes.proxy", + "container.clusters.deleteTagBinding", + "container.clusterRoles.update", + "container.secrets.get", + "cloudbuild.connections.setIamPolicy", + "compute.disks.deleteTagBinding" ] } } \ No newline at end of file